Solved

How do I unhide a login error message with this code?

Posted on 2012-03-29
7
497 Views
Last Modified: 2012-03-30
I have the code below that handles the login.  If login fails, it just reloads the page so they can try again.  How do I have a message that displays on tha page only if their login fails?

<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/st2.asp" -->
<%
response.cookies("st2")("logintime") = now()
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername = CStr(Request.Form("username"))
If MM_valUsername <> "" Then
  Dim MM_fldUserAuthorization
  Dim MM_redirectLoginSuccess
  Dim MM_redirectLoginFailed
  Dim MM_loginSQL
  Dim MM_rsUser
  Dim MM_rsUser_cmd
 
  MM_fldUserAuthorization = ""
  MM_redirectLoginSuccess = "main.asp"
  MM_redirectLoginFailed = "default.asp"

  MM_loginSQL = "SELECT UserName, Password"
  If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
  MM_loginSQL = MM_loginSQL & " FROM dbo.tbl_SM2 WHERE UserName = ? AND Password = ?"
  Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
  MM_rsUser_cmd.ActiveConnection = MM_st2_STRING
  MM_rsUser_cmd.CommandText = MM_loginSQL
  MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 25, MM_valUsername) ' adVarChar
  MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 20, Request.Form("password")) ' adVarChar
  MM_rsUser_cmd.Prepared = true
  Set MM_rsUser = MM_rsUser_cmd.Execute

  If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
    Else
      Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
      MM_redirectLoginSuccess = Request.QueryString("accessdenied")
    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginSuccess)
  End If
  MM_rsUser.Close
  Response.Redirect(MM_redirectLoginFailed)
End If
0
Comment
Question by:Kevin Smith
7 Comments
 
LVL 5

Expert Comment

by:gman84
ID: 37782916
You could pass a parameter into the query string which you can then extract on the login page, "request.querystring!message"
MM_redirectLoginFailed = "default.asp?message=Login Failed"

Open in new window

0
 
LVL 28

Expert Comment

by:sammySeltzer
ID: 37782917
I personally have some serious dislike for dreamweaver.

So, I would like to help but not with code you have above.

However, if you can integrate my code then great.

On your validation page; I suppose one above, I would have something like this:

  If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
    Else
 Session("Message") = "<font color='#CC0000'>Invalid username or password. Please, try again.</font>"
    response.redirect "yourLoginPage.asp"
    ' Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
      MM_redirectLoginSuccess = Request.QueryString("accessdenied")
    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginSuccess)
  End If
  MM_rsUser.Close
  Response.Redirect(MM_redirectLoginFailed)
End If

Then on yourLoginPage.asp, you have the following:

top of page, enter this:

<%
Sub DrawPage
%>

Then have this anywhere you wish the bolded message above to appear:

<center><% = message %></center>

Finally, at the bottom of page after </html>, have this:
<%
End Sub

'------------------------------------------------
' END OF PROCEDURES AND START OF MAIN CODE
'------------------------------------------------

      dim message

      'Get any incoming message/title
      message = Session("message")

      'Then clear out the message Session variable
      Session("message") = ""

      'Draw the form
      Call DrawPage
%>

Now, when login fails for whatever reason, the user gets a nice "Invalid username or password. Please, try again." and the user gets redirected to your login page.

That's it!
0
 

Author Comment

by:Kevin Smith
ID: 37783126
gman...how do i hid the request until the user fails?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:gman84
ID: 37786090
Not sure what you mean... According to your code my solution would work as the user would only be redirected to "default.asp?message=Login Failed" if the login failed for a user, so long as this is assigned to the variable "MM_redirectLoginFailed"
0
 
LVL 6

Accepted Solution

by:
worthyking1 earned 500 total points
ID: 37786927
Change your second to last line of code from:

Response.Redirect(MM_redirectLoginFailed)

to:

ErrorMsg = "Sorry, your login was not recognized..."

Then in the body of your page display the error message like so:

<% If ErrorMsg <> "" then %>
<p><%=ErrorMsg%></p>
<% End if %>

Style it with css of your choice. I usually put it right above the login box and use a bright yellow div with red text or something that catches the eye.
0
 

Author Comment

by:Kevin Smith
ID: 37787751
gman...I did yours but it didn't show up when failed.  worthy, your's worked perfectly.  thanks for the help gman, and maybe I was doing something wrong but it wouldn't work properly.
0
 

Author Closing Comment

by:Kevin Smith
ID: 37787753
thanks for everyone's help!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question