Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

INSTR function problem

Posted on 2006-11-22
3
Medium Priority
?
243 Views
Last Modified: 2006-11-22
Hi,
      I am writing a login script with a permission level authenication for a web page, there are 5 sections that require logins on the page.  I am trying assign a letter to each section ie,

A - Admin
B - Process
C - HR
D - Management
E - Escalation

     Depending on the type user ID users can have access to one or many of the sections, so an admin level with access to Process and Escalation would look like "BE" or admin HR would look like "AC".  I am trying to use an INSTR function to facilitate this.  Here is the code I am using.
<%
If request.form.count => 1 Then

            ManagerID = request.Form(ucase("ManagerID"))
            ManagerPassword = request.Form(ucase("ManagerPassword"))
            
            If ManagerPein = "" Or ManagerPassword = "" Then
                  error = "*You Did Not Enter Either A Pein Or Password.<br>"
            End If
                        
            Set verifyRS = objADOConn.execute("Select Top 1 * From tb_Docs Where ManagerID = '"&ManagerID&"' And ManagerPassword = '"&ManagerPassword&"'")
                                                
            if verifyRS.BOF or VerifyRS.EOF Then
                  verify = "*ID Or Password Entered Does Not Match DataBase.<br>"                    
            end if
            
                                'this is where the INSTR function comes in, trying to access escalation section.
                                'compare adminlevel from recordset to required level to access section - "E"  
            if INSTR(1,cstr(verifyRS("AdminLevel")),"E",0) = 0 Then
                  verify = verify & "*You Do Not Have Permission To Enter This Section.<br>"                  end if
            
            if error = "" and verify = "" Then
                                               'if id and password entered are correct and admin level is correct go to escalation section                  
                  response.Redirect("http://escalationlog.asp")
            End If
      End If
%>

     The problem I am having is that if the user enters the correct ID and password the script will take them to the correct section; however, if they don't they get an error stating:

error '80020009'
Exception occurred.
line 30     'this is the line with the INSTR function.

     Also if I take out the part where I use the INSTR function the script works fine.  I have varified using vartype that the datatype reading from the db is a string, so I can't figure out why I am getting this error,  can anyone spot a flaw in my syntax or logic?  Thanks in advance for any help...
0
Comment
Question by:marcus72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 8

Accepted Solution

by:
esw074 earned 1500 total points
ID: 17997059
If the username and password don't pull a record (which is what happens when one is mistyped), then you've got an empty recordset - and in that line you're trying to perform operations on an empty field, which is creating the error.  Try dumping the access level value from the database to a variable, then check to ensure the variable isn't empty, THEN perform this operation on the variable.

0
 

Author Comment

by:marcus72
ID: 17997196
Thanks esw074, I think that helped:

I added an else in my eof or bof

Set verifyRS = objADOConn.execute("Select Top 1 * From tb_OCCNetDocs Where Pein = '"&ManagerPein&"' And OccPassword = '"&ManagerPassword&"'")
            
            if verifyRS.BOF or VerifyRS.EOF Then
                  verify = "*Pein Or Password Entered Does Not Match DataBase.<br>"
            else
'here is the change...                  a_level = verifyRS("AdminLevel")
            end if
                        
            'if a_level = "" then
            '      response.Write("blank")
            'end if
            
            if instr(1,cstr(a_level),"E",1) < 1 Then
                  verify = verify & "*You Do Not Have Permission To Enter This Section.<br>"            
            end if
                  
            if error = "" and verify = "" Then
                  links = "<a href='http://occnet.int.bell.ca/includes/duty/escalationlog.asp'>Create Ticket</a><br><a href='http://escalationview.asp'>View Open Tickets</a>"
                  'response.Redirect("http://occnet.int.bell.ca/includes/duty/escalationlog.asp")
            End If

i am going to do a little more testing before i sign off on this.  but that made sense.  i'll respond again within an hour.
0
 

Author Comment

by:marcus72
ID: 17997843
I changed it again to the following code which I think is better.

                               if verifyRS.BOF or VerifyRS.EOF Then
                  verify = "*Pein Or Password Entered Does Not Match DataBase.<br>"
                 else
                        if INSTR(1,cstr(verifyRS("AdminLevel")),"E",0) = 0 Then
                        verify = verify & "*You Do Not Have Permission To Enter This Section.<br>"
                 end if            
            end if
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question