wcameron
asked on
Using Session Variable with Database Results Wizard
What is the best way to access session objects so they are available to the Database Results Wizard?
I'm creating a password protected site and using a session object to create a session object Session("uid") that passes the value of the UserID field. To do this, I created a login page that posts to itself and includes a Database Results Wizard that will display the username if it is contained in the database. It also has the following code just after the UserID field that creates the session object:
<%Session("uid")=cStr(fp_r
Now, on each page that I want to be protected based upon the UserID, I place the following code:
<%
If Session("uid") = "" Then Response.Redirect "login.asp"
If Request("uid") = "" Then Response.Redirect Request.ServerVariables("S
%>
This looks to see if the user is logged on and if not, redirects to the login page. It then appends the uid as a parameter at the end of the hyperlink.
Now, here's the challenge. As the user moves through the site, I need to remember additional ID's. For instance, once they login they click on an event they have added to the database. I would create the session object EID that contains the EventID.
Can I have it append this as well? I may need to work with up to 4 different session objects. I'm thnking that the best way is to use some looping code that will look for all the session objects and append each one to the hyperlink.
As far as I can see, appending the Session objects to the hyperlink is the only way I can access them when I use the DRW.
I appreciate any assistance.
I'm creating a password protected site and using a session object to create a session object Session("uid") that passes the value of the UserID field. To do this, I created a login page that posts to itself and includes a Database Results Wizard that will display the username if it is contained in the database. It also has the following code just after the UserID field that creates the session object:
<%Session("uid")=cStr(fp_r
Now, on each page that I want to be protected based upon the UserID, I place the following code:
<%
If Session("uid") = "" Then Response.Redirect "login.asp"
If Request("uid") = "" Then Response.Redirect Request.ServerVariables("S
%>
This looks to see if the user is logged on and if not, redirects to the login page. It then appends the uid as a parameter at the end of the hyperlink.
Now, here's the challenge. As the user moves through the site, I need to remember additional ID's. For instance, once they login they click on an event they have added to the database. I would create the session object EID that contains the EventID.
Can I have it append this as well? I may need to work with up to 4 different session objects. I'm thnking that the best way is to use some looping code that will look for all the session objects and append each one to the hyperlink.
As far as I can see, appending the Session objects to the hyperlink is the only way I can access them when I use the DRW.
I appreciate any assistance.
ASKER
Sorry, the submit button is a little too sensitive. Ignore the last line of code in my previous message.
ASKER
I'm getting closer. I've learned that if I don't specify the keys when I request a cookie that it automatically appends them together such as:
First=firstkeyvalue&Second
Curiously that is just what I want. I've tried the following code:
<% Response.Redirect Request.ServerVariables("U
My idea is to redirect the user to the same page with the cookie key values added to the query string.
The full code at the top of the page would be something like this:
<%
If Request.Cookies("Login")("
Response.Redirect Request.ServerVariables("U
%>
After login, this would check to see if the login cookie ("uid") has a value. If not, it would redirect them to the login page.
The second line should then do the redirect to add the cookie keys to the end of the query string. I know the syntax is slightly off. I'm used to using Request("uid") to test for a session variable, but I'm not sure how to do this with a cookie.
First=firstkeyvalue&Second
Curiously that is just what I want. I've tried the following code:
<% Response.Redirect Request.ServerVariables("U
My idea is to redirect the user to the same page with the cookie key values added to the query string.
The full code at the top of the page would be something like this:
<%
If Request.Cookies("Login")("
Response.Redirect Request.ServerVariables("U
%>
After login, this would check to see if the login cookie ("uid") has a value. If not, it would redirect them to the login page.
The second line should then do the redirect to add the cookie keys to the end of the query string. I know the syntax is slightly off. I'm used to using Request("uid") to test for a session variable, but I'm not sure how to do this with a cookie.
ASKER
I've solved this problem on my own so no points will be awarded. The solution was quite simple, once the cookie is created, I add the following code on each page:
<%
If Request.Cookies("Login")("
If Request("UserID")="" Then Response.Redirect _
Request.ServerVariables("S
If Request.Cookies("Login")("
Response.Redirect "login.asp"
%>
This tests to see if the cookie exists and if not, redirects to the login page. Next it adds the cookie keys to the query string. Finally, it tests to see if the UserID cookie matches the query string. This prevents users from manually changing the UserID and accessing other people's records.
<%
If Request.Cookies("Login")("
If Request("UserID")="" Then Response.Redirect _
Request.ServerVariables("S
If Request.Cookies("Login")("
Response.Redirect "login.asp"
%>
This tests to see if the cookie exists and if not, redirects to the login page. Next it adds the cookie keys to the query string. Finally, it tests to see if the UserID cookie matches the query string. This prevents users from manually changing the UserID and accessing other people's records.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
<%Response.Cookies("login"
This takes the value UserID from the FrontPage DRW and creates a cookie with the key "uid". On other screens, they may create other cookies based upon their selections. What I need to do is pass these to the query string by looping through the various keys in the manner of:
For Each strKeyName in Request.Cookies(strCookieN
Response.Write strKeyName & "=" & _
Request.Cookies(strCookieN
Next
How do I add these keys to the query string? I will redirect the page and add the cookie values to the query string. So far I have managed to begin building the redirect
If Request("uid") = "" Then Response.Redirect Request.ServerVariables("S
It is at the end of this that I need to append the cookie keys following the question mark (?).
strLink=Request.ServerVari