Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ASP login screen

Posted on 1998-09-28
2
Medium Priority
?
230 Views
Last Modified: 2013-12-25
I am in need of an ASP login screen that will ask for a users username and password. It then needs to check its authenticity against a SQL table. Then if it is correct create a SQL query string to pass along to the following pages. Thanks for the help.
0
Comment
Question by:yolish
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Accepted Solution

by:
dpinkus earned 240 total points
ID: 1855310
On the page where you solicit the username and password do this:
<FORM ACTION="authentication.asp"  METHOD=POST>
<INPUT TYPE="text" NAME="Username" VALUE="" SIZE=12 MAXLENGTH=12>
<INPUT TYPE="Password" NAME="Password" VALUE="" SIZE=12 MAXLENGTH=12>
</FORM>

Then the authentication.asp code looks like this:
(Note, we also have an expiration date in the table)
(I also put in Access Log summary information)
<%
User = Request.Form("Username")
Pass = Request.Form("Password")
%>
<%
SET Conn = Server.CreateObject("ADODB.Connection")
Conn.Open "YOUR_ODBC_DSN"
Qs="SELECT * FROM Security WHERE Username = '"+User+"' AND Password = '"+Pass+"' AND [Expiration Date]>#"+Cstr(Date())+"#"
SET ST = Conn.Execute (Qs)                                  
The_count = 0
WHILE NOT ST.EOF
  The_count = The_count + 1
  ST.MoveNext
WEND
if The_count <> 1 then
%>
<!--This is the section that is generated when a login is bad-->
<P ALIGN="CENTER"><FONT FACE="Arial,Helvetica">Login is invalid or has expired</FONT></TD>

<%
else
Conn.Execute("Insert into AccessLog ([Username],[In],[Out],[Remote Addr],[Remote Host]) values ('"+User+"',#"+Cstr(Date())+" "+Cstr(time())+"#,#"+Cstr(Date())+" "+Cstr(time())+"#,'"+Request.Servervariables("Remote_Addr")+"','"+Request.Servervariables("Remote_Host")+"')")
ST.MoveFirst
%>
<!-- This is for when the login is successful. -->

Just put anything you want here, access to another page, etc.  Usually we pass along the UserID to the following pages, and sometimes (for some systems) a time/date hash issued when we validated the userid/password.  Then on the subsequent pages, the first lines of code verify that the time/date hash is kosher, otherwise, we give them an "invalid" or something.
0
 

Author Comment

by:yolish
ID: 1855311
That doesn't look half bad, but this is the way I went, but getting this error. if you could help with this it would be great.

Microsoft OLE DB Provider for ODBC Drivers error '80040e07'

[Microsoft][ODBC SQL Server Driver][SQL Server]Disallowed implicit conversion from datatype 'varchar' to datatype 'int' Table: 'DBC.dbo.Individual', Column: 'iIndividualId' Use the CONVERT function to run this query.

From this code:

Username = request.form("Username")
Password = request.form("Password")

sqltemp = "SELECT * FROM Individual WHERE iIndividualID='"
sqltemp=sqltemp & User & "'"
set rsDBC = DBC.execute(SQLTemp)

If rsDBC.eof then%>
We don't have a user named <% =User %> on file!<br>
Try again later.
<% response.end
End if

If rsDBC("vchUser3")=Password then
      session("User") = rsDBC("iIndividualID")
else%>
Password is incorrect
      <% response.end
end If
rsDBC.close
DBC.close
%>

And it is dyig on this line:

set rsDBC = DBC.execute(SQLTemp)

Thanks

Todd
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Color can increase conversions, create feelings of warmth or even incite people to get behind a cause. If you want your website to really impact site visitors, then it is vital to consider the impact color has on them.
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
This video teaches users how to migrate an existing Wordpress website to a new domain.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question