Solved

Case sensitive passwords

Posted on 2002-04-10
7
241 Views
Last Modified: 2010-04-07
Hi,

the default login behaviour does not cope with case SeNsItIve passwords.

Does anyone know of an extension or code (JScript) that would allow me to use case sensitivity?

Thanks.
0
Comment
Question by:KAbbott
7 Comments
 
LVL 19

Expert Comment

by:cheekycj
ID: 6932353
I am not sure I follow.. can you paste your current code
that is comparing the password strings?

CJ
0
 
LVL 2

Author Comment

by:KAbbott
ID: 6933355
This is the default code that Ultradev creates for a user login:

// *** Validate request to log in to this site.
var MM_LoginAction = Request.ServerVariables("URL");
if (Request.QueryString!="") MM_LoginAction += "?" + Request.QueryString;
var MM_valUsername=String(Request.Form("UsernameField"));
if (MM_valUsername != "undefined") {

var IAorIR = "";

     if(Request.Form("radiobutton")=="Ireview"){
     IAorIR = "loggedin/Projectcreateopen/prosavecreate.asp";
     }else{
     IAorIR = "loggedin/Projectcreateopen/prosavecreateIA.asp";
     }
     
  var MM_fldUserAuthorization="";
  var MM_redirectLoginSuccess=IAorIR;
  var MM_redirectLoginFailed="badlogin.asp";
  var MM_flag="ADODB.Recordset";
  var MM_rsUser = Server.CreateObject(MM_flag);
  MM_rsUser.ActiveConnection = MM_projectstore_STRING;
  MM_rsUser.Source = "SELECT fnUser, fnPass";
  if (MM_fldUserAuthorization != "") MM_rsUser.Source += "," + MM_fldUserAuthorization;
  MM_rsUser.Source += " FROM tblAccess WHERE fnUser='" + MM_valUsername + "' AND fnPass='" + String(Request.Form("PasswordField")) + "'";
  MM_rsUser.CursorType = 0;
  MM_rsUser.CursorLocation = 2;
  MM_rsUser.LockType = 3;
  MM_rsUser.Open();
  if (!MM_rsUser.EOF || !MM_rsUser.BOF) {
    // username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername;
    if (MM_fldUserAuthorization != "") {
      Session("MM_UserAuthorization") = String(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value);
    } else {
      Session("MM_UserAuthorization") = "";
    }
    if (String(Request.QueryString("accessdenied")) != "undefined" && false) {
      MM_redirectLoginSuccess = Request.QueryString("accessdenied");
    }
    MM_rsUser.Close();
    Response.Redirect(MM_redirectLoginSuccess);
  }
  MM_rsUser.Close();
  Response.Redirect(MM_redirectLoginFailed);
}

But if I type:

LoGiN

or

login

There both the same and allow me to login.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 6942720
I dunno what is Ultradev, but it should have some features that can perform as default conditions. I am thinking here how in MS-Access for overall global string comparison:

"The use of an operator to determine whether one string is greater than or equal to another string. If you use Option Compare Text in the Declarations section of a module, string comparisons are not case-sensitive. If you use Option Compare Binary, comparisons are case-sensitive. If you use Option Compare Database, the comparison method is set by the current database."

As Such, Answer: Option Compare Binary in the Declarations section (whatever is the syntax)

Due note, that this can then apply to handling of filenames, in variables, but that they should also be permissive of case-sensitivity. Generally not as applicable to hostname or domain.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 1

Expert Comment

by:Moondancer
ID: 6973860
Have you been helped here, or is more needed?
Moondancer - EE Moderator
0
 
LVL 2

Author Comment

by:KAbbott
ID: 6974176
No,

Still not been able to correct the problem Moondancer.

I've provided the code which ultradev uses as a login (see-above), sorry I should of explained to SunBow that Ultradev (www.macromedia.com) is a WYSIWYG that allows users to create asp to connect to databases through a GUI.

I use the default ultradev login behaviour, but the password allows any case, also I'm using server-side JScript as my programming language.

Hope this information is sufficient to help me further.

Thanks.
0
 
LVL 19

Accepted Solution

by:
cheekycj earned 25 total points
ID: 6982097
This is an issue with MS Access not your code.  MS Access by default returns query results that are case insensitive in matching results.

here is some info on it:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q95605  [Access 97, Access 1.0]
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q209674  [Access 2000]

Try this:

MM_rsUser.Source += " FROM tblAccess WHERE fnUser='" + MM_valUsername + "' AND StrComp(fnPass, '" + String(Request.Form("PasswordField"))
+ "', 0) = 0";


CJ
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 7243873
Thanx for the "A".

CJ
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When deciding to adopt any help desk solutions many factors should be explored before taking decisions. This will change from business to another but in general there are some kind of rule of thumb. Here are some quick tips: Do we need only ticket…
Objective of This Article In 1990’s, when I was a budding software professional, I had a lot of confusion about which stream or technology, I had to choose to build my career. In those days, I had lot of confusion like whether to choose System so…
The purpose of this video is to demonstrate how to create a Printer Friendly PDF on a WordPress Page. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome Screenshot” Google Chrome Extension, and SmallPDF.com Log…
The purpose of this video is to demonstrate how to integrate Mailchimp with Facebook. This will be demonstrated using a Windows 8 PC. Mailchimp and Facebook will be used. Log into your Mailchimp account. : Click on your name. Go to Account Setti…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question