ADODB.Field error '80020009'

I am trying to figure out why I continue to receive the above error when working with an ASP Login script. The core goal is to offer a graceful denial as opposed to obtaining the above error. I know the script works for valid username/ password combinations. However, when entering an invalid combination I receive the above error. My code is below:

<%
' Global Variables
Dim strEmail, strPassword, KeepChecking
Dim strStatus, strMessage, strRedirect, strSQL, rsUser

strStatus = Request("FormStatus")
strEmail = Replace(Request("txtEmail"),"'","`")
strPassword = Replace(Request("txtPassword"),"'","`")
strRedirect = Session("Redirect")

' Check to see if Login form was submitted or if a cookie exists
If strStatus = "Check" Or (Request.Cookies("Agency")("SignedIn") = "True" And Session("Authenticated") = 0) Then

      ' Validate the user
      If (Request.Cookies("Agency")("SignedIn") = "True") And (Request.Cookies("Agency")("Email") <> "") Then
            strSQL = "SELECT UserID, Email, Password, FirstName, LastName, SupervisorID, FK_AgencyID FROM Agency_Users WHERE (Email = '" & Request.Cookies("Agency")("Email") & "')"
      Else
            strSQL = "SELECT UserID, Email, Password, FirstName, LastName, SupervisorID, FK_AgencyID FROM Agency_Users WHERE (Email = '" & strEmail & "') AND (Password = '" & strPassword & "')"
      End If
      'Response.Write(strSQL)
      Set rsUser = conn_Agency.Execute(strSQL)

      If rsUser.EOF AND rsUser.BOF Then
            Session("Authenticated") = 0
            Response.Cookies ("Agency")("Email") = ""
            Response.Cookies ("Agency")("SignedIn") = "False"
            Response.Cookies ("Agency").Expires = DATE + 90
            KeepChecking = "No"
      Else
            KeepChecking = "Yes"
      End If
      
      If Request.Cookies("Agency")("SignedIn") <> "True" Then
            If strPassword <> rsUser("Password") Then
                  Session("Authenticated") = 0
                  Response.Cookies ("Agency")("Email") = ""
                  Response.Cookies ("Agency")("SignedIn") = "False"
                  Response.Cookies ("Agency").Expires = DATE + 90
                  KeepChecking = "No"
                  strMessage = "Invalid Password"
            Else
                  KeepChecking = "Yes"
            End If
      End If
      
      If KeepChecking = "Yes" Then
            Session("Email") = rsUser("Email")
            Session("Password") = rsUser("Password")
            Session("UserID") = rsUser("UserID")
            Session("UserName") = rsUser("FirstName") & " " & rsUser("LastName")
            Session("SupervisorID") = rsUser("SupervisorID")
            Session("AgencyID") = rsUser("FK_AgencyID")
            Session("Authenticated") = 1

            If Request("chkRemember") = "True" Then
                  Response.Cookies("Agency")("Email") = rsUser("Email")
                  Response.Cookies("Agency")("SignedIn") = "True"
                  Response.Cookies("Agency").Expires = DATE + 90
            End If
            
            conn_Agency.Close
            Set conn_Agency = Nothing

            Response.Redirect(strRedirect)
      End If
      
      conn_Agency.Close
      Set conn_Agency = Nothing
      Response.Redirect("default.asp")
End If
%>
Leo_NelAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

appariCommented:
try changing

     If Request.Cookies("Agency")("SignedIn") <> "True" Then
          If strPassword <> rsUser("Password") Then
               Session("Authenticated") = 0
               Response.Cookies ("Agency")("Email") = ""
               Response.Cookies ("Agency")("SignedIn") = "False"
               Response.Cookies ("Agency").Expires = DATE + 90
               KeepChecking = "No"
               strMessage = "Invalid Password"
          Else
               KeepChecking = "Yes"
          End If
     End If

with

     If Request.Cookies("Agency")("SignedIn") <> "True" Then
          if KeepChecking = "Yes" then           ' Added by me
          If strPassword <> rsUser("Password") Then
               Session("Authenticated") = 0
               Response.Cookies ("Agency")("Email") = ""
               Response.Cookies ("Agency")("SignedIn") = "False"
               Response.Cookies ("Agency").Expires = DATE + 90
               KeepChecking = "No"
               strMessage = "Invalid Password"
          Else
               KeepChecking = "Yes"
          End If
          end if         ' Added by me
     End If
0
kingsfan76Commented:
here's the problem with this section of your code:
----------------
If Request.Cookies("Agency")("SignedIn") <> "True" Then
         If strPassword <> rsUser("Password") Then
              Session("Authenticated") = 0
              Response.Cookies ("Agency")("Email") = ""
              Response.Cookies ("Agency")("SignedIn") = "False"
              Response.Cookies ("Agency").Expires = DATE + 90
              KeepChecking = "No"
              strMessage = "Invalid Password"
         Else
              KeepChecking = "Yes"
         End If
    End If
------------------
>> If strPassword <> rsUser("Password") Then
if they are not equal, you'll never have a recordset in the first place (EOF).
so when you try to reference rsUser("Password") without having a recordset (password does not match), system will throw you an error.

i try not to change too much of your code, so here's a small fix that you might try:

<%
' Global Variables
Dim strEmail, strPassword, KeepChecking
Dim strStatus, strMessage, strRedirect, strSQL, rsUser

strStatus = Request("FormStatus")
strEmail = Replace(Request("txtEmail"),"'","`")
strPassword = Replace(Request("txtPassword"),"'","`")
strRedirect = Session("Redirect")

' Check to see if Login form was submitted or if a cookie exists
If strStatus = "Check" Or (Request.Cookies("Agency")("SignedIn") = "True" And Session("Authenticated") = 0) Then
    ' Validate the user
    If (Request.Cookies("Agency")("SignedIn") = "True") And (Request.Cookies("Agency")("Email") <> "") Then
         strSQL = "SELECT UserID, Email, Password, FirstName, LastName, SupervisorID, FK_AgencyID FROM Agency_Users WHERE (Email = '" & Request.Cookies("Agency")("Email") & "')"
    Else
         strSQL = "SELECT UserID, Email, Password, FirstName, LastName, SupervisorID, FK_AgencyID FROM Agency_Users WHERE (Email = '" & strEmail & "') AND (Password = '" & strPassword & "')"
    End If
    'Response.Write(strSQL)
    Set rsUser = conn_Agency.Execute(strSQL)

    If rsUser.EOF AND rsUser.BOF Then
         Session("Authenticated") = 0
         Response.Cookies ("Agency")("Email") = ""
         Response.Cookies ("Agency")("SignedIn") = "False"
         Response.Cookies ("Agency").Expires = DATE + 90
         KeepChecking = "No"
         if Request.Cookies("Agency")("SignedIn") <> "True" then
              strMessage = "Invalid Password"
         end if
    Else
         Session("Email") = rsUser("Email")
         Session("Password") = rsUser("Password")
         Session("UserID") = rsUser("UserID")
         Session("UserName") = rsUser("FirstName") & " " & rsUser("LastName")
         Session("SupervisorID") = rsUser("SupervisorID")
         Session("AgencyID") = rsUser("FK_AgencyID")
         Session("Authenticated") = 1

         If Request("chkRemember") = "True" Then
              Response.Cookies("Agency")("Email") = rsUser("Email")
              Response.Cookies("Agency")("SignedIn") = "True"
              Response.Cookies("Agency").Expires = DATE + 90
         End If
         
         conn_Agency.Close
         Set conn_Agency = Nothing

         Response.Redirect(strRedirect)
    End If
   
    conn_Agency.Close
    Set conn_Agency = Nothing
    Response.Redirect("default.asp")
End If

%>

p.s. it seems you want to print the strMessage for incorrect password, but i don't see where you want to print the message from your codes.   I believe if password is incorrect, then the page will redirect user to "default.asp".

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gladxmlCommented:
Or you can also try this...

Happy programming...

replace this lines of code...  

    If rsUser.EOF AND rsUser.BOF Then
          Session("Authenticated") = 0
          Response.Cookies ("Agency")("Email") = ""
          Response.Cookies ("Agency")("SignedIn") = "False"
          Response.Cookies ("Agency").Expires = DATE + 90
          KeepChecking = "No"
     Else
          KeepChecking = "Yes"
     End If
     
     If Request.Cookies("Agency")("SignedIn") <> "True" Then
          If strPassword <> rsUser("Password") Then
               Session("Authenticated") = 0
               Response.Cookies ("Agency")("Email") = ""
               Response.Cookies ("Agency")("SignedIn") = "False"
               Response.Cookies ("Agency").Expires = DATE + 90
               KeepChecking = "No"
               strMessage = "Invalid Password"
          Else
               KeepChecking = "Yes"
          End If
     End If
 
with this

If rsUser.EOF AND rsUser.BOF Then
          Session("Authenticated") = 0
          Response.Cookies ("Agency")("Email") = ""
          Response.Cookies ("Agency")("SignedIn") = "False"
          Response.Cookies ("Agency").Expires = DATE + 90
          KeepChecking = "No"
     Else
            If Request.Cookies("Agency")("SignedIn") <> "True" Then
          If strPassword <> rsUser("Password") Then
               Session("Authenticated") = 0
               Response.Cookies ("Agency")("Email") = ""
               Response.Cookies ("Agency")("SignedIn") = "False"
               Response.Cookies ("Agency").Expires = DATE + 90
               KeepChecking = "No"
               strMessage = "Invalid Password"
          Else
               KeepChecking = "Yes"
          End If
              End If
     End If
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP

From novice to tech pro — start learning today.