Read-only and Read and Write access

Hi,

I have a Access database which is displayed via ASP, I have a login page with one login ID and password.  This login has full access to all my tables, to view delete, edit etc.

Is there a way i can have another user which can only view the tables?

Heres is the code/html i have already----->

!--#include file="db.asp"-->

%
validpwd = true

If request.form("submit") > "" Then

     ' setup variables
     userid = Request.Form("userid")
     passwd = Request.Form("passwd")

     If ((ucase("cwnaosat") = ucase(userid)) and (ucase("t1ncan01") = ucase(passwd))) Then
          Session("cwnaosat_status") = "login"
          response.redirect "default.asp"
     Else
          validpwd = false
             
   
     End if

End If
%>

html>
head>
     title>Cwnaosat Database/title>

meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
meta name="generator" content="Microsoft FrontPage 4.0">
/head>

script language="JavaScript">
!-- start Javascript

var errfound = false;

function error(elem, text) {
     if (errfound) return;
     window.alert(text);
     elem.select();
     elem.focus();
     errfound = true;
}

function loginCheck(f) {

     errfound = false;

     if (f.userid.value == "")
          error(f.userid,"Please enter your user ID!");

     if (f.passwd.value == "")
        error(f.passwd,"Please enter your Password!");
     
       return ! errfound;
}

// end Java script -->
/script>


body bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#0000FF" alink="#0000FF" leftmargin=0 topmargin=0 marginheight=0 marginwidth=0>
 
table width="600" border="0" cellspacing="0" cellpadding="2" align="center">
     tr>
    td>
      p align="center">b>font color="#000080" size="4" face="Arial">u>Cwnaosat
      DataBase/u>/font>/b>/p>
    /td>
  /tr>
/table>


% If not validpwd Then %>
p align="center">b>


font color="#FF0000" face="Arial" size="3">Incorrect User ID or Password/font>/b>/p>
p> /p>
p> /p>
% End If %>

form action="login.asp" method="post" onSubmit="return loginCheck(this);">

  table width="600" border="0" cellspacing="0" cellpadding="2" align="center">
    tr>td align="left" width="111">font size="2" face="Arial" color="#000080">b>User ID:/b>/font>/td>
         td width="477">font size="2" face="Arial">span style="background-color: #D5F9FF">input name="userid" type="TEXT"size="20">/span>/font>/td>/tr>
    tr>td align="left" width="111">font size="2" face="Arial" color="#000080">b>Password:/b>/font>/td>
         td width="477">font size="2" face="Arial">input name="passwd" TYPE="PASSWORD" size="10">/font>/td>/tr>
     tr>td width="111">font size="2" face="Arial"> /font>/td>/tr>
     tr>td colspan="2" width="594">font size="2" face="Arial">input type="submit" name="submit" value="Login">/font>/td>/tr>
  /table>
  font size="2" face="Arial">
 


  /font>

/form>
font size="2" face="Arial">




/font>


/body>
/html>



and heres the code thats place at the top of each ASP page---->

% if Session("cwnaosat_status") > "login" then response.redirect "login.asp" %>
%
Response.expires = 0
Response.expiresabsolute = Now() - 1
Response.addHeader "pragma", "no-cache"
Response.addHeader "cache-control", "private"
Response.CacheControl = "no-cache"
%>

Can anyone help?

Thanks

Robson8112Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
gator4lifeConnect With a Mentor Commented:
When the user logs in with an account, you can set another Session variable to specify what rights the user has.  If the User ID and Password don't match either of the two accounts, then you would spit out the error message.  If an account matches one of the two, then set the user's priveledges in a Session variable and do the redirect.  Then, on any pages where you are doing database routines or whatever else, you can limit the user's ability to perform the actions by using a conditional with the new Session variable.  I wrote the code necessary to do this into your code.  Also, I cleaned up your code quite a bit.  Your code had a lot of outdated and malformed HTML in it, so I used Cascading Style Sheets (CSS) to set up your page formats and restructured the code to be well-formed.  I named the new Session variable IsAdmin, which stores a boolean value; true signifies administrator (or all) rights, and false signifies non-administrator (or limited) rights.  Just replace the <nonAdminAccountUserId> and <nonAdminAccountPassword> in login.asp with the values you want.

==========================================================
login.asp
==========================================================

<!-- #include file="db.asp" -->
<%
      Dim bInvalidPassword
      bInvalidPassword = False

      If (Request.Form("submit") = "") Then

            Dim sUserId
            sUserId = LCase(Request.Form("userid"))

            Dim sPassword
            sPassword = LCase(Request.Form("password"))

            If ((sUserId = "cwnaosat") And (sPassword = "t1ncan01")) Then
                  Session("IsAdmin") = True
            ElseIf ((sUserId = "<nonAdminAccountUserId>") And (sPassword = "<nonAdminAccountPassword>")) Then
                  Session("IsAdmin") = False
            Else
                  bInvalidPassword = True
            End if

            If (Not bInvalidPassword) Then
                  Session("cwnaosat_status") = "login"
                  Response.Redirect("default.asp")
            End If

      End If
%>
<html>
      <head>
            <title>Cwnaosat Database</title>
            <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
            <script type="text/javascript">
            <!--
                  function HandleError(oFormElement, sAlertMessage) {

                        window.alert(sAlertMessage);
                        oFormElement.select();
                        oFormElement.focus();
                  }

                  function LoginCheck(oForm) {

                        with (oForm) {

                              if (userid.value.replace(/\s/g, '') == '') {

                                    HandleError(userid, 'Please enter your User ID.');
                                    return(false);
                              }

                              if (password.value.replace(/\s/g, '') == '') {

                                    HandleError(password, 'Please enter your Password.');
                                    return(false);
                              }
                        }

                        return(true);
                  }
            //-->
            </script>
            <style type="text/css">
            <!--
                  a:link, a:visited, a:active {

                        color: blue;
                  }

                  body {

                        background-color: white;
                        margin: 0px;
                        color: black;
                  }

                  p.errorText {

                        color: red;
                        font: bold 12pt Arial, sans-serif;
                        text-align: center;
                  }

                  td.headerText {

                        color: #000080;
                        font: bold 14pt Arial, sans-serif;
                        text-align: center;
                        text-decoration: underline;
                  }

                  td.inputCell {

                        background-color: #D5F9FF;
                  }

                  td.labelText {

                        color: #000080;
                        font: bold 10pt Arial, sans-serif;
                  }
            //-->
            </style>
      </head>
      <body>
            <table align="center" border="0" cellspacing="0" cellpadding="2" width="600">
                  <tr>
                        <td class="headerText">Cwnaosat DataBase</td>
                  </tr>
            </table>

            <% If (bInvalidPassword) Then %>

                  <p class="errorText">Incorrect User ID or Password</p>
                  <p>&nbsp;</p>
                  <p>&nbsp;</p>

            <% End If %>

            <form action="login.asp" method="post" onsubmit="return(LoginCheck(this))">
                  <table align="center" border="0" cellspacing="0" cellpadding="2" width="600">
                        <tr>
                              <td class="labelText" nowrap width="111">User ID:</td>
                              <td class="inputCell" width="100%"><input type="text" name="userid" size="20"></td>
                        </tr>
                        <tr>
                              <td class="labelText" nowrap width="111">Password:</td>
                              <td class="inputCell" width="100%"><input type="password" name="password" size="20"></td>
                        </tr>
                        <tr>
                              <td colspan="2"><input type="submit" name="submit" value="Login"></td>
                        </tr>
                  </table>
            </form>
      </body>
</html>

==========================================================

Then, in any other ASP script where you want to use administrator functionality, such as modifying or deleting data in your database, use the new Session variable like so:

==========================================================
anotherPage.asp
==========================================================

<%
      If (Session("IsAdmin")) Then

            ' CODE TO MODIFY DATA

      End If
%>

==========================================================

Let me know if you have any questions or need anything else.

gator4life
(chomp, chomp)
0
 
gator4lifeCommented:
Oops...forgot to mention that the <nonAdminAccountUserId> and the <nonAdminAccountPassword> in login.asp need to be in all lowercase letters, due to the LCase I am applying to them after being retrieved from the Request.Form collection.

gator4life
(chomp, chomp)
0
 
Robson8112Author Commented:
hi, thanks for your response

I've added this to one of my asp pages (another page) and im getting errors.  As you can see, im only wanting Adminstrator to access this function (this function is to access a Edit page)

<td>

<%
     If (Session("IsAdmin")) Then


  <p align="center"><a href="<% If not isnull(rs("ID")) Then response.write "clientsedit.asp?key=" & Server.URLEncode(rs("ID")) Else response.write "javascript:alert('Invalid Record! Key is null.');" %>"><IMG SRC = "images/edit.gif" border = "0" title = "Edit" ></a></p>

     
     end if
%>


</td>
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
Robson8112Author Commented:
i've also tried accessing a page that has no login check, but it wont let me passed the login page
0
 
gator4lifeCommented:
Hi Robson8112 -

In the example code that you posted, you did not close your conditional ASP scripts around the HTML to generate the Edit button, so you would be getting errors.  Instead of this:

<td>

<%
    If (Session("IsAdmin")) Then


 <p align="center"><a href="<% If not isnull(rs("ID")) Then response.write "clientsedit.asp?key=" & Server.URLEncode(rs("ID")) Else response.write "javascript:alert('Invalid Record! Key is null.');" %>"><IMG SRC = "images/edit.gif" border = "0" title = "Edit" ></a></p>

   
    end if
%>


</td>

you should have this:

<td>

<%
    If (Session("IsAdmin")) Then %>   <==== Need this.


 <p align="center"><a href="<% If not isnull(rs("ID")) Then response.write "clientsedit.asp?key=" & Server.URLEncode(rs("ID")) Else response.write "javascript:alert('Invalid Record! Key is null.');" %>"><IMG SRC = "images/edit.gif" border = "0" title = "Edit" ></a></p>

<%  <==== Need this.
    end if
%>


</td>

Try that and let me know how it goes.

gator4life
(chomp, chomp)
0
 
gator4lifeCommented:
Robson8112 posted:
"i've also tried accessing a page that has no login check, but it wont let me passed the login page"

What other ASP scripts do you have running on that page?  If you would like to, go ahead and post the code.

gator4life
(chomp, chomp)
0
 
Robson8112Author Commented:
hi,

ok, i've added the close asp code, no problems there, however, i can still perform the task even without loggin into the database

Do i need a condiction at the top of my 'other' asp page to check the login first, i removed the old one.  heres one of my 'other'asp pages.


-------------->

<%
Response.expires = 0
Response.expiresabsolute = Now() - 1
Response.addHeader "pragma", "no-cache"
Response.addHeader "cache-control", "private"
Response.CacheControl = "no-cache"
%>
<!--#include file="db.asp"-->

<%
displayRecs = 30
recRange = 10
%>

<%
' Get table name
tablename = "[clients]"
dbwhere = ""
a_search = ""
b_search = ""
%>


<%
' Get search criteria for advance search

x_Client = Request.QueryString("x_Client")
z_Client = Request.QueryString("z_Client")
arrfieldopr = split(z_Client,",")
If x_Client <> "" Then
      x_Client = replace(x_Client,"'","''")
      x_Client = replace(x_Client,"[","[[]")
      a_search = a_search & "[Client] " 'add field
      a_search = a_search      & arrfieldopr(0) & " " ' add operator
      If ubound(arrfieldopr) >= 1 Then
            a_search = a_search & arrfieldopr(1) 'add search prefix
      End If
      a_search = a_search & x_Client 'add input parameter
      If ubound(arrfieldopr) >=2 Then
            a_search = a_search & arrfieldopr(2) 'add search suffix
      End If
      a_search = a_search       & " AND "
End If

x_Client_IP = Request.QueryString("x_Client_IP")
z_Client_IP = Request.QueryString("z_Client_IP")
arrfieldopr = split(z_Client_IP,",")
If x_Client_IP <> "" Then
      x_Client_IP = replace(x_Client_IP,"'","''")
      x_Client_IP = replace(x_Client_IP,"[","[[]")
      a_search = a_search & "[Client IP] " 'add field
      a_search = a_search      & arrfieldopr(0) & " " ' add operator
      If ubound(arrfieldopr) >= 1 Then
            a_search = a_search & arrfieldopr(1) 'add search prefix
      End If
      a_search = a_search & x_Client_IP 'add input parameter
      If ubound(arrfieldopr) >=2 Then
            a_search = a_search & arrfieldopr(2) 'add search suffix
      End If
      a_search = a_search       & " AND "
End If




x_Media_Server = Request.QueryString("x_Media_Server")
z_Media_Server = Request.QueryString("z_Media_Server")
arrfieldopr = split(z_Media_Server,",")
If x_Media_Server <> "" Then
      x_Media_Server = replace(x_Media_Server,"'","''")
      x_Media_Server = replace(x_Media_Server,"[","[[]")
      a_search = a_search & "[Media Server] " 'add field
      a_search = a_search      & arrfieldopr(0) & " " ' add operator
      If ubound(arrfieldopr) >= 1 Then
            a_search = a_search & arrfieldopr(1) 'add search prefix
      End If
      a_search = a_search & x_Media_Server 'add input parameter
      If ubound(arrfieldopr) >=2 Then
            a_search = a_search & arrfieldopr(2) 'add search suffix
      End If
      a_search = a_search       & " AND "
End If


x_Known_Supportal = Request.QueryString("x_Known_Supportal")
z_Known_Supportal = Request.QueryString("z_Known_Supportal")
arrfieldopr = split(z_Known_Supportal,",")
If x_Known_Supportal <> "" Then
      x_Known_Supportal = replace(x_Known_Supportal,"'","''")
      x_Known_Supportal = replace(x_Known_Supportal,"[","[[]")
      a_search = a_search & "[Known Supportal] " 'add field
      a_search = a_search      & arrfieldopr(0) & " " ' add operator
      If ubound(arrfieldopr) >= 1 Then
            a_search = a_search & arrfieldopr(1) 'add search prefix
      End If
      a_search = a_search & x_Known_Supportal 'add input parameter
      If ubound(arrfieldopr) >=2 Then
            a_search = a_search & arrfieldopr(2) 'add search suffix
      End If
      a_search = a_search       & " AND "
End If


If len(a_search) > 4 Then
      a_search = mid(a_search,1,len(a_search)-4)
End If

%>



<%
'Build search criteria
If a_search <> "" Then
      dbwhere = dbwhere &  a_search 'advance search
ElseIf b_search <> "" Then
      dbwhere = dbwhere & b_search 'basic search
End If

'Save search criteria
If dbwhere <> "" Then
      Session("tablename") = tablename
      Session("dbwhere") = dbwhere
      'reset start record counter
      startRec = 1
      Session("clients_REC") = startRec
Else
      If tablename = Session("tablename") Then
            dbwhere = Session("dbwhere")
      Else
            'reset search criteria
            dbwhere = ""
            Session("dbwhere") = dbwhere
      End If
End If

'Get clear search cmd
If Request.QueryString("cmd").Count > 0 then
      cmd=Request.QueryString("cmd")
      If ucase(cmd) = "RESET" Then
            'reset search criteria
            dbwhere = ""
            Session("dbwhere") = dbwhere
      End If
End If

%>

<%
' Load Default Order
DefaultOrder = ""
DefaultOrderType = ""

' Check for an Order parameter
OrderBy = ""
If Request.QueryString("order").Count > 0 Then
      OrderBy = Request.QueryString("order")
      ' Check if an ASC/DESC toggle is required
      If Session("clients_OB") = OrderBy Then
            If Session("clients_OT") = "ASC" Then
                  Session("clients_OT") = "DESC"
            Else
                  Session("clients_OT") = "ASC"
            End if
      Else
            Session("clients_OT") = "ASC"
      End If
      Session("clients_OB") = OrderBy
      Session("clients_REC") = 1
Else
      OrderBy = Session("clients_OB")
      if OrderBy = "" then
            OrderBy = DefaultOrder
            Session("clients_OB") = OrderBy
            Session("clients_OT") = DefaultOrderType
      End If
End If

' Check for a START parameter
If Request.QueryString("start").Count > 0 Then
      startRec = Request.QueryString("start")
      Session("clients_REC") = startRec
Else
      startRec = Session("clients_REC")
      if not isnumeric(startRec) or startRec = "" then
            'reset start record counter
            startRec = 1
            Session("clients_REC") = startRec
      End If
End If

' Open Connection to the database
set conn = Server.CreateObject("ADODB.Connection")
conn.Open xDb_Conn_Str

' Build Query
strsql = "select * from [clients]"

If dbwhere <> "" Then
      strsql = strsql & " WHERE " & dbwhere
End If

if OrderBy <> "" then
            strsql = strsql & " ORDER BY [" & OrderBy & "] " & Session("clients_OT")
end if      

'response.write strsql

set rs = Server.CreateObject("ADODB.Recordset")
rs.Open strsql, conn, 1, 2
totalRecs = rs.RecordCount
%>


<p align="center"><b><u><font face="Arial" color="#000080" size="3">Clients</font></u></b></p>

<p>&nbsp;</p>

<table border="0" cellspacing="1" cellpadding="4">
      <tr>
<td>
            </tr>
</table>


<table border="0" cellspacing="0" cellpadding="0">
      <tr>
            <td><a href="clientslist.asp?cmd=reset"><font face="Arial" size="2" color="#000000"><b>Show All
          Clients</b></font></a></td>
            <td><font face="Arial" size="2"><font color="#000000"><b>&nbsp; </b></font><a href="clientssrch.asp"><b><font color="#000000">Search</font></b></a></font></td>
            <td height="0" align="left"><b><font face="Arial" size="2" color="#000000">&nbsp;&nbsp;</font><font face="Arial" size="2" color="#660033">
          </font></b><font color="#660033"><a href="clientsadd.asp"><font face="Arial" size="2" color="#000000"><b>Add
          </b></font></a></font><a href="clientsadd.asp"><font face="Arial" size="2" color="#000000"><b>Client</b></font></a><font face="Arial" size="2"><b>&nbsp;</b></font></td>
      </tr>
</table>
<p align="center">


<form>
<table border="0" cellspacing="1" cellpadding="5" bgcolor="#CCCCCC">
<tr bgcolor="#FFFFFF">
<td>
<p align="center">
<a href="clientslist.asp?order=<%= Server.URLEncode("Client") %>"><IMG src="images/client_button_top_corner.jpg" border ="0" title = "Click to Sort"></a>
</p>
</td>
<td>
<p align="center">
<a href="clientslist.asp?order=<%= Server.URLEncode("Media Server") %>"><IMG src="images/media_master_servers_button_corner.jpg" border ="0" title = "Click to Sort"></a>
</p>
</td>
<td>
  <p align="center">&nbsp;</p>
</td>
<td>
  <p align="center">&nbsp;</p>
</td>
<td>
  <p align="center">&nbsp;</p>
</td>
</tr>


<%
'Avoid starting record > total records
if clng(startRec) > clng(totalRecs) then
      startRec = totalRecs
end if
'Set the last record to display
stopRec = startRec + displayRecs - 1

'Move to first record directly for performance reason
recCount = startRec - 1
if not rs.eof then
      rs.movefirst
      rs.move startRec - 1
end if

recActual = 0
Do While (NOT rs.EOF) AND (recCount < stopRec)
      recCount = recCount + 1
      If Clng(recCount) >= Clng(startRec) Then
            recActual = recActual + 1 %>

<%
      'set row color
      bgcolor="#FFFFFF"
%>

<%      
      ' Display alternate color for rows
      If recCount mod 2 <> 0 Then
            bgcolor="#F5F5F5"
      End If
%>

<%
      x_Client = rs("Client")
      x_Media_Server = rs("Media Server")
      x_Client_IP = rs("Client IP")
      x_Known_Supportal = rs("Known Supportal")
%>


<tr bgcolor="<%= bgcolor %>">
<td>
  <p align="center"><font face="Arial" size="2">
<% response.write x_Client %>&nbsp;
</font></p>
</td>
<td>
  <p align="center"><font face="Arial" size="2">
<% response.write x_Media_Server %>
&nbsp;
</font></p>
</td>

<td>
  <p align="center"><a href="<% If not isnull(rs("ID")) Then response.write "clientsview.asp?key=" & Server.URLEncode(rs("ID")) Else response.write "javascript:alert('Invalid Record! Key is null.');" %>"><IMG SRC = "images/view.gif" border = "0" title = "View" ></a></p>
</td>



<td>

<%
   If (Session("IsAdmin")) Then %>


  <p align="center"><a href="<% If not isnull(rs("ID")) Then response.write "clientsedit.asp?key=" & Server.URLEncode(rs("ID")) Else response.write "javascript:alert('Invalid Record! Key is null.');" %>"><IMG SRC = "images/edit.gif" border = "0" title = "Edit" ></a></p>

<%
   end if
%>


</td>


<td>
  <p align="center"><a href="<% If not isnull(rs("ID")) Then response.write "clientsdelete.asp?key=" & Server.URLEncode(rs("ID")) Else response.write "javascript:alert('Invalid Record! Key is null.');" %>"><IMG SRC = "images/del.gif" border = "0" title = "Delete" ></a></p>
</td>
</tr>




<%
      end if

      rs.MoveNext
Loop
%>


</table>
</form>


<%
if totalRecs > 0 then

      ' Find out if there should be Backward or Forward Buttons on the table.
      If       startRec = 1 Then
            isPrev = False
      Else
            isPrev = True
            PrevStart = startRec - displayRecs
            If PrevStart < 1 Then PrevStart = 1 %>
      <hr size="1">
<p align="center">
      <strong><a href="clientslist.asp?start=<%=PrevStart%>"><font face="Arial" size="2">[&lt;&lt;&nbsp;Prev]</font></a></strong>
      <%
      End If
      
      ' Display Page numbers
      If (isPrev OR (NOT rs.EOF)) Then
            If (NOT isPrev) Then Response.Write "<HR SIZE=1>"
            x = 1
            y = 1
      
            dx1 = ((startRec-1)\(displayRecs*recRange))*displayRecs*recRange+1
            dy1 = ((startRec-1)\(displayRecs*recRange))*recRange+1
            If (dx1+displayRecs*recRange-1) > totalRecs then
                  dx2 = (totalRecs\displayRecs)*displayRecs+1
                  dy2 = (totalRecs\displayRecs)+1
            Else
                  dx2 = dx1+displayRecs*recRange-1
                  dy2 = dy1+recRange-1
            End If
      
            While x <= totalrecs
                  If x >= dx1 and x <= dx2 Then
                        If Clng(startRec) = Clng(x) Then %>
      <strong><font face="Arial" size="2"><%=y%></font></strong>
      <%                   Else %>
      <strong><a href="clientslist.asp?start=<%=x%>"><font face="Arial" size="2"><%=y%></font></A></strong>
      <%                  End If
                        x = x + displayRecs
                        y = y + 1
                  elseif x >= (dx1-displayRecs*recRange) and x <= (dx2+displayRecs*recRange) then
                        if x+recRange*displayRecs < totalRecs then %>
      <strong><a href="clientslist.asp?start=<%=x%>"><font face="Arial" size="2"><%=y%>-<%=y+recRange-1%></font></a>
      <%                  else
                              ny=(totalRecs-1)\displayRecs+1
                                    if ny = y then %>
      <a href="clientslist.asp?start=<%=x%>"><font face="Arial" size="2"><%=y%></font></a>
      <%                              else %>
      <a href="clientslist.asp?start=<%=x%>"><font face="Arial" size="2"><%=y%>-<%=ny%></font></a>
      <%                              end if
                        end if
                        x=x+recRange*displayRecs
                        y=y+recRange
                  else
                        x=x+recRange*displayRecs
                        y=y+recRange
                  End If
            Wend
      End If
      
      ' Next link
      If NOT rs.EOF Then
            NextStart = startRec + displayRecs
            isMore = True %>
      <strong><a href="clientslist.asp?start=<%=NextStart%>"><font face="Arial" size="2">[Next&nbsp;&gt;&gt;]</font></a></strong>
      <% Else
            isMore = False
      End If %>
      <hr size="1">
<p align="center">
      <% If stopRec > recCount Then stopRec = recCount %>
      <font face="Arial" size="2">Records <%= startRec %> to <%= stopRec %> of <%= totalRecs %></font>

<% Else %>
<br><br>
<font face="Arial" size="2">No records found!</font>
<p align="center">
    &nbsp;<p align="center"><font face="Arial" size="2"><a href="pre_database_changes1.htm">View
    Pre-Database Changes</a></font>
<br><br>
<% End If %>

<%
' Close recordset and connection
rs.Close
Set rs = Nothing
conn.Close
Set conn = Nothing %>


<script><!--var today_date= new Date()var month=today_date.getMonth()+1var today=today_date.getDate()var year=today_date.getYear()//document.write("Today's date is: ")document.write(month+"-"+today+"-"+year)//--> </script>

<!--#include file="footer.asp"-->

---->  this is what i had originally at the top to check login.

<% if Session("cwnaosat_status") <> "login" then response.redirect "login.asp" %>

but when i have that, it wont allow me to access the page, as if it doesnt accept the password.





0
 
Robson8112Author Commented:
hi,

I've had a play around with code you supplied above and my own login page, i've got it working!

All i did was add 'Session("IsAdmin") = True or False' under either my admin login or guest login.

Everything works fine.

Thanks for your time.
0
 
gator4lifeCommented:
Robson8112 -

Sorry that I did not get a chance to get back to you sooner, but I had a *long* day at work and stayed away from my home computer for a bit (s@#t happens!).  I am happy to hear that you got everything working like you wanted, and I am glad that I could help.  Good luck in your programming! ;-)

gator4life
(chomp, chomp)
0
All Courses

From novice to tech pro — start learning today.