Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


ASP - MDB Login with a Twist?

Posted on 2004-11-01
Medium Priority
Last Modified: 2008-02-01
Microsoft (MDB) Login validation.

Form login:

ASP question, How would you validate a Member & Password form fields in a Form named "login" to make sure they exist and match in a table, and if so, then pass another field (MailingListID) in that same table row to a string receiving ASP page to show that users data from that entire row.

I am currently using (<%=MM_LoginAction%>) for the action, a Macromedia extension
concidering using a custom script on ("member-update-now.asp" or "member-login.asp").

<form method="POST" action=" " name="LogIn">
Member Log In
Member : <input type="TEXT" name="Member" size="20">
Password: <input type="PASSWORD" name="Password" size="20">                
<input name="login" type="submit" value="Submit Login">

Redirect if success: member-update-now.asp
Redirect if failed: member-signup.asp or possibly self (member-login.asp)

Thanks in advance... please smart@sses need not reply!
Question by:mrwebdev
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Accepted Solution

dc_cypher earned 300 total points
ID: 12464357
Disclaimer: I'm not using Macrobedia for this and I don't have adequate testing resources on hand right now (might be a little buggy, sorry), but I hacked this together from an old script I did so it should be more than enough to get you started.  The following is the content for member-login.asp and member-update-now.asp, respectively.


FoundError = false
ErrorLog = ""
If Request.Form("login") <> "" OR Request.Form("Member") <> "" OR Request.Form("Password") <> "" Then

      If Request.Form("Member") = "" Then
            FoundError = true
            ErrorLog = ErrorLog & "Please enter a Member<BR>" & vbcrlf
      End If
      If Request.Form("Password") = "" Then
            FoundError = true
            ErrorLog = ErrorLog & "Please enter a Password<BR>" & vbcrlf

      End If
      If NOT FoundError Then
            SET DBC = Server.CreateObject("ADODB.Connection")
            DBC.Open "YOUR_DB_CONNECTION"

            SQL = "SELECT Member_ID FROM tbl_Members WHERE Member = '" & trim(Request.Form("Member")) & "' AND Password = '" & trim(Request.Form("Password")) & "'"
            SET RSCheckMember = DBC.Execute(SQL)
            If RSCheckMember.BOF AND RSCheckMember.EOF Then
                  FoundError = true
                  ErrorLog = ErrorLog & "Please enter a valid Member/password combination.<BR>" & vbcrlf
                  Session("Member") = trim(Request.Form("Member"))
                  Session("Cur_Login") = Now()
                  Response.Redirect "member-update-now.asp?Member_ID=" & RSCheckMember("Member_ID")
            End If

            SET RSCheckMember = nothing
            SET DBC = nothing
      End If
End If

If FoundError OR Request.Form("login") = "" Then
      <title>Member Login</title>

      <% If ErrorLog <> "" Then Response.Write "<div style=""color: red; font-weight: bold;"">" & ErrorLog & "</div><br />" & vbCrLf %>
      <form method="POST" action="member-login.asp" name="LogIn">
      Member Log In<br />
      Member: <input type="TEXT" name="Member" size="20" /><br />
      Password: <input type="PASSWORD" name="Password" size="20" /><br />
      <input name="login" type="submit" value="Submit Login" />

<% End If %>



If Session("Member") <> "" AND Request("Member_ID") <> "" Then
      SET DBC = Server.CreateObject("ADODB.Connection")

      SQL = "SELECT Field1, Field2, Field3 FROM tbl_Members WHERE Member_ID = " & Request("Member_ID")
      SET RSMemberInfo = DBC.Execute(SQL)
      If NOT (RSMemberInfo.BOF AND RSMemberInfo.EOF) Then
            Response.Write "Field 1: " & RSMemberInfo("Field1") & "<br />" & vbCrLf
            Response.Write "Field 1: " & RSMemberInfo("Field1") & "<br />" & vbCrLf
            Response.Write "Field 1: " & RSMemberInfo("Field1") & "<br />" & vbCrLf
      End If
      Set RSMemberInfo = Nothing
      Set DBC = Nothing
      Response.Write "Access Denied"
End If


Author Comment

ID: 12464531
Although I didnt use your answer it was a great response. I  changed the following code and it works like a charm. I am posting this so that it may help others.

' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
If MM_valUsername <> "" Then
  set MM_rsUser = Server.CreateObject(MM_flag)
  MM_rsUser.ActiveConnection = MM_my_STRING
  MM_rsUser.Source = "SELECT member, password"
  If MM_fldDynamicRedirect <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldDynamicRedirect
  If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
  MM_rsUser.Source = MM_rsUser.Source & " FROM members WHERE member='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("Password"),"'","''") & "'"
  MM_rsUser.CursorType = 0
  MM_rsUser.CursorLocation = 2
  MM_rsUser.LockType = 3
  If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
    ElseIf (MM_fldDynamicRedirect <> "") Then

'---------My Modifications---------note: --["member-account-detail.asp?MailingListID=" + ]---

      MM_redirectLoginSuccessDynamic = "member-account-detail.asp?MailingListID=" + CStr(MM_rsUser.Fields.Item(MM_fldDynamicRedirect).Value)


      Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
      MM_redirectLoginSuccessDynamic = Request.QueryString("accessdenied")
    End If
  End If
End If

This is a modified version of Login redirect to a URL in a databse extension from Macromedia's Exchange.

Author Comment

ID: 12464542
PS:  Instead of using the URL field I used the MailingListID field.

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question