troubleshooting Question

How to add "STATUS" event from the attached verify script?

Avatar of Stiebel Eltron
Stiebel EltronFlag for Thailand asked on
Web DevelopmentASP
2 Comments1 Solution318 ViewsLast Modified:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%
On Error Resume Next

Dim myConnection, rsUsers, connectString, sqlContent, Email, Password
	
'Build myConnectionection with database
connectString = "DRIVER={MySQL ODBC 3.51 Driver}; SERVER=DBServer; PORT=3306; DATABASE=DB; USER=DBUSER; PASSWORD=DBPW; OPTION=0;"

Set myConnection = Server.CreateObject("ADODB.Connection")
myConnection.Open connectString

If Err.Number <> 0 Then
	Response.Write Err.Number & " " & Err.Description
	Err.Clear
Else
     If 1 <> myConnection.state Then
     	Response.Write "Unable to open a connection to the db"
     Else
		Set rsUsers = Server.CreateObject("ADODB.Recordset")

		'Save the entered username and password
     	Email = Request.Form("Email")	
     	Password = Request.Form("Password")
     
     	sqlContent = "SELECT * FROM `users` WHERE `Password`='" & Replace(Password,"'","''") & "' AND `Email`='" & Replace(Email,"'","''") & "'"
     	rsUsers.Open sqlContent, myConnection, 1, 3
		
		
     
		If Err.Number <> 0 Then
			Response.Write Err.Number & " " & Err.Description
			Err.Clear
		Else
			If Not rsUsers.eof Then
				'Session("FName") = rsUsers.Fields("FName").Value
				FName = rsUsers("FName")
				Session("email") = Email				
				Session("FName") = FName
				Session("loggedin") = true                '// set flag indicating logged in
				Response.Redirect("../ste-iphoto.asp")
			Else
				'NOTE: Typically you do NOT want to have two separate "error" notifications
				'One for "invalid username" and another one for "Invalid Password".  The reason
				'for this is that to get into an account you need two pieces of information.
				'	1. a valid/existing username
				'	2. a password that is "tied" to the username specified.
				'if you explicitly tell me that I entered an incorrect username, I'll keep trying
				'until that error message changes to "invalid password".  In other words, if I
				'manage to see "Invalid password", then that implies I guessed that the username
				'I previously entered is valid/existent in the db!  So essentially I'm half way
				'in (thanks to you).
				'By contrast, if you just tell them "Invalid username or password", it is not clear
				'which of the two is incorrect.
				Response.Redirect("../ste-iphoto-login2.asp?login=passfailed")
			End if
		End If
	
		If rs.state<>0 Then rsUsers.Close
		Set rsUsers=nothing
     End If
End If

If myConnection.state<>0 Then myConnection.Close
Set myConnection=nothing

Response.End
%>
- attached script, advise from EE expert, hielo.

From the attached embed script, we would like to ask for tech support again, on how to add STATUS of users. Because there's a column "STATUS" from the MySql db, and any new users are set to be Status = 0 (unless activated by admin, users' status will be change to "1").
If user status = 0, user can't login yet.
If user status = 1, user can login.

Thank you!
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros