Avatar of Stiebel Eltron
Stiebel Eltron
Flag for Thailand asked on

How to add "STATUS" event from the attached verify script?

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%
On Error Resume Next

Dim myConnection, rsUsers, connectString, sqlContent, Email, Password
	
'Build myConnectionection with database
connectString = "DRIVER={MySQL ODBC 3.51 Driver}; SERVER=DBServer; PORT=3306; DATABASE=DB; USER=DBUSER; PASSWORD=DBPW; OPTION=0;"

Set myConnection = Server.CreateObject("ADODB.Connection")
myConnection.Open connectString

If Err.Number <> 0 Then
	Response.Write Err.Number & " " & Err.Description
	Err.Clear
Else
     If 1 <> myConnection.state Then
     	Response.Write "Unable to open a connection to the db"
     Else
		Set rsUsers = Server.CreateObject("ADODB.Recordset")

		'Save the entered username and password
     	Email = Request.Form("Email")	
     	Password = Request.Form("Password")
     
     	sqlContent = "SELECT * FROM `users` WHERE `Password`='" & Replace(Password,"'","''") & "' AND `Email`='" & Replace(Email,"'","''") & "'"
     	rsUsers.Open sqlContent, myConnection, 1, 3
		
		
     
		If Err.Number <> 0 Then
			Response.Write Err.Number & " " & Err.Description
			Err.Clear
		Else
			If Not rsUsers.eof Then
				'Session("FName") = rsUsers.Fields("FName").Value
				FName = rsUsers("FName")
				Session("email") = Email				
				Session("FName") = FName
				Session("loggedin") = true                '// set flag indicating logged in
				Response.Redirect("../ste-iphoto.asp")
			Else
				'NOTE: Typically you do NOT want to have two separate "error" notifications
				'One for "invalid username" and another one for "Invalid Password".  The reason
				'for this is that to get into an account you need two pieces of information.
				'	1. a valid/existing username
				'	2. a password that is "tied" to the username specified.
				'if you explicitly tell me that I entered an incorrect username, I'll keep trying
				'until that error message changes to "invalid password".  In other words, if I
				'manage to see "Invalid password", then that implies I guessed that the username
				'I previously entered is valid/existent in the db!  So essentially I'm half way
				'in (thanks to you).
				'By contrast, if you just tell them "Invalid username or password", it is not clear
				'which of the two is incorrect.
				Response.Redirect("../ste-iphoto-login2.asp?login=passfailed")
			End if
		End If
	
		If rs.state<>0 Then rsUsers.Close
		Set rsUsers=nothing
     End If
End If

If myConnection.state<>0 Then myConnection.Close
Set myConnection=nothing

Response.End
%>

Open in new window

- attached script, advise from EE expert, hielo.

From the attached embed script, we would like to ask for tech support again, on how to add STATUS of users. Because there's a column "STATUS" from the MySql db, and any new users are set to be Status = 0 (unless activated by admin, users' status will be change to "1").
If user status = 0, user can't login yet.
If user status = 1, user can login.

Thank you!
ASPWeb Development

Avatar of undefined
Last Comment
Stiebel Eltron

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Scott Fell

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Stiebel Eltron

ASKER
Great! Thanks so much for the idea... :)
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck