Please need your help in writing the cookies code to enter the user automaticly to the comments page with out login if he entered before to the site...
these are the code i wrote but now i need the cookies code to vlaideat if the user enterd before or not (if yes, redirect him to the comments page otherwoise let him login in)
I have created a website that uses cookies to check to make sure that someone is logged in on secure pages, but some people have e-mailed me saying that they cannot get in. It is because they do not have cookies enabled. A NEED TO FIND A WAY TO CHECK THE LOGIN ON SECURED PAGES WITHOUT USING COOKIES. It would be nice to also be able to know who is online and where they have been - maybe an activity log.
View Replies View RelatedDoes anyone know how to create a login system with ASP that does not use cookies? I am finding that more and more users seem to be setting their privacy settings to high, thus not accepting cookies.
What I am thinking about is to have some type of server side session that when a user logs in, I write the session ID to a database as well as the user ID so that I can keep track of the users that are loged in.
I have played with regular sessions, but if a user does not have cookies enabled, the session do not seem to maintain state and are basically useless.
My login_process.asp ...
<%
Dim L_ID, L_Pass, conn, rs
L_ID = Request.Form("member_id")
L_Pass = Request.Form("member_pass")
set conn=Server.CreateObject("ADODB.Connection")
conn.Provider="Microsoft.Jet.OLEDB.4.0"
conn.Open(Server.Mappath("Registration.mdb"))
set rs=Server.CreateObject("ADODB.Recordset")
rs.open "SELECT * from registration WHERE mem_id='"& L_ID & "' AND mem_pass='" & L_Pass & "'", conn
if rs.EOF then
Response.Cookies("LoginError")= "Wrong Member ID or Password"
Response.Redirect("Login_Fail.asp")
else
Response.Cookies("login") = Request.Form("L_ID")
Response.Redirect("Login_Success.asp")
end if
conn.Close
%>
I place this at the top of every page so that only those logged in can view the page ...
<%
if Request.Cookies("mem_id") <> "TRUE" then
Response.Redirect ("Default.asp")
end if
%>
CONCLUSION : IT'S NOT WORKING ...
I am building a website to pull data from a remote https site using xmlhttp. The data from the https site is behind a login screen. I can successfully get through the login screen with:
set objXMLHTTP = Server.CreateObject("Msxml2.ServerXMLHTTP")
objXMLHTTP.Open "POST", "https://website.com/validate-login2.asp", false
objXMLHTTP.SetRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXMLHTTP.Send "Username=uname&password=pwd&company=O"
That works great - but then, when I try to go to the next page (where the data is that I want to pull) - I use the same process and I get kicked back out to the login screen? Could there be some cookies, referer, strings being passed normally that I am not including in my second request - How do i find out for sure?
I have used the software IETrace and it looks like some cookies being passed, but how do I know for sure if (and what exactly) it is using?
I want to login to a page using MSXML2.ServerXMLHTTP.4.0 or an object like this, I must send the form variables needed to login when I try to login to the page. But the problem is, that the page looks like a exe file (not a asp file or php file or what ever). The name of the page I try to login is something like "/pw?/session/login", nothing more, without extension. I have tried the code with a normal asp file with session registration and login process and it worked, but not with this file.
View Replies View RelatedI have page for user to update his/her details. What i want is after idle for more than 20 mins, the page will redirect to login page automatically. So that the user knows that his/her session already expired and need to login again.
But it doesn't working. This is because if he/she update the details (after idle more than 20 mins), and click the Submit button, it will go to login page and all the data will be lost. Code:
I have an asp page with a form:
the username field must have the last user who connected ( saved using cookie)
When i press the "cancel " botton of the form this username should disappear and appear again once i close and open the browser again
I have a problem doing it: .....
When something doesn't work, disable error skipping stuff like "on error resume next" which just tend to cover up the problems, sweeping them under the rug as it were...
Echo important variables as you go along to make sure they are getting set as you expect: what is the "query" variable, is it the string you are expecting?
Response.Write "inside Database Recordset Loop, query has a value of" & query & "<br />" & VbCrLf
If not, echo each of the three pieces and see if one or more is not getting passed from the form.
I don't understand the
Call data.MoveNext()
Wend
Call data.Close()
Call objConn.Close()
part at all, what are you trying to do here?
Use flags along the way, to signal how far you get, like echoing when you enter and after you leave key loops or control structures:
Response.Write "inside Database Query Section<br />" & VbCrLf
Response.Write "inside Database Recordset Loop<br />" & VbCrLf
Response.Write "Database Connection just closed successfully<br />" & VbCrLf
etc. etc.
ASP Session/Cookies, Help to Protect Page from Non users I am a beginner and very urgently need some help
I have created a asp page, that takes in a username and password and validates it as follows and then if true continues to the pages requested.
Code:
'Read in the password for the user from the database
If (((Request.Form("txtUser")) = rsCheckUser("User_pass")) and (rsCheckUser("User_lev") = 1) ) Then
'If rsCheckUser("User_level") = 1 Then
'THE ABOVE CHECKS THE INFO IS CORRECT AND IT REDIRECTS TO THE PAGE BELOW and Session=True
'If the password is correct then set the session variable to True
Session("blnIsUserGood") = "True"
'Redirect to the authorised user page and send the users name
Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
'Close Objects before redirecting
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing
End If
Now this code takes you to page :Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
Which is something like /project/user_self_update_form.asp?ID=1
Since after the login you do to this, you are allowed to see this page.
But The page user_self_update_form.asp?ID= can also be access if you just put the link on the browser. Lets say i log in as ID 2, and just change the ID to 3 on the address bar in the browser, i will log into someone elses page.
How to i block this from random access and only the SPECIFIC USER?
Code for user_self_update_form.asp (the protected page unless you are logged it):
The Session = False part just does not work here, so if you get this link of someone, you can just get it, and you are not redirected.
<%
'If the session variable is False or does not exsist then redirect the user to the unauthorised user page
If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) = True then
'Redirect to unathorised user page
Response.Redirect"unauthorised_user_page.htm"
End If
%>
<%
'Dimension variables
Dim adoCon 'Holds the Database Connection Object
Dim rsGuestbook 'Holds the recordset for the record to be updated
Dim strSQL 'Holds the SQL query for the database
Dim lngRecordNo 'Holds the record number to be updated
'Read in the record number to be updated
lngRecordNo = CLng(Request.QueryString("ID"))
and all the other protected into here:
I need help with setting up a page where the viewer has to accept terms before they can access the rest of the website.
The page will have a bit of text explaining why they need to accept oor decline the terms and then have 2 buttons. ie. accept or decline.
What I need to be able to do is set this up so that if the viewer tries to bypass the accept/ decline page they will get re-directed to it. If they have clicked the accept button then they can view anywhere on the site.
I understand that 'sessions' in IIS don't actually close until about 20 mins after the user has left the site and can live with that. But if they come back the next day they must go through the accept/decline page to get into the site. It doesn't have to have usernames or password, they just have to accept.
I understand that you set up several pages to do this, i.e. the accept/decline page, a 'checkterms' page (which sets the session cookie?) and then some code on every other page on the site to check for the presence of the session cookie and let you view if it is there. If not, redirects you to the Accept/Decline page.
The problem I have is I don't know what code to write and where to put it into the page.
I had just created a login page called login.asp and proc page login_proc.asp. I'm using MS Access for db. The prob is when I uploaded it into the web, a msg comes up saying 500 Internal Error and could not find login_proc. I have uploaded it dozens of times but it still comes out the same. When I test it in my local server, everything goes smoothly. Can nebody plz help? I'm running out of idea. I feel like jumping off the bridge rite now.
View Replies View RelatedI have existing login page that will check accounts table from my database
if the user is allowed to log on to the system. I use session to save user
variable.
Every page that I will make, I always ask if the session where I
save the user variable exist, and if not, it will redirect to login page. Is
the the best way to control a web application using ASP. If not, can you
give me your thoughts?
I got a web page and I want the user to login everytime he view the page. Something like email where u need to login be4 u can view the inbox. What can I do so that if the user want to go straight into the page I will direct him to the login in page to ask him to login first? Another question is what does this mean?
<!--#include file="setting.asp" -->
I want to be able to send users links to pages in my website. But if
they arent logged in I want them to first be redirected to the login
page and after they login automatically be redirected to the page i
sent them in the link. How would i accomplish this.
We have a requirement where we have to develop a custom Login Page which
will accept user's NT credentials ( Username , password, domain name).
This then needs to be passed to a website which uses Windows Authentication
my question is how do we pass these credentials to IIS in classic ASP?
I created a Login User page with VBScript in Dreamweaver MX but whenever I preview the page I get the following error:
Microsoft VBScript compilation error '800a0401'
Expected end of statement
/website/TMP2n38d8z06e.asp, line 24
MM_redirectLoginSuccess="customer_section.asp?id=<%=(rsCustomerLogin.Fields.It em("username").Value)
(It's pointing to the beginning of "username.")
Line 24 of my code is:
MM_redirectLoginSuccess="customer_section.asp?id=<%=(rsCustomerLogin.Fields.It em("username").Value)%>
What I'm doing here is trying to pass the corresponding record to the next page for the user that just logged in. If I don't pass the link parameters, I can preview the page and log in with no problems. So the problem only occurs when I try to set those link params.
I noticed that the first quotation mark isn't closed, so I started placing quotation marks in that line trying to close it, but still get the error. I also noticed that under this line of code there was a quotation mark on a line by itself which I removed to see if that would help, but didn't. Code:
I have a login page where i validate my user id and password... this part is done... I need to get the user id to the next page i am showing...
Example like:
-------------------------------
Login Page
userid : abc
pwd : XXXXX
Authentication Successful
---------------------------------
Next Page:
Welcome abc ---> i want it here
----------------------------------
Anyone can show me how shld i do it...
I've tried several users code, and everytime i try to do the redirect part it fails, this webpage at least gave me a confirm that it is the redirect part failing.
View Replies View RelatedI created this logon page that takes a user ID and password and logs in the user. The user Id is the email address of the person loging in.
I also have the reset password option on my page. Here is bug on my page, even if the user's email address doesnt exist in the database as they have not requested access but because they know that the userID is email address they think that because they have email address they should be able to login and when they cant login and get message access denied they try and reset their password which works.
I dont want the reset password option to work if the user has not been provided the access yet.
Here is my login code can anyone tell me how to put a flag to check and see if the user's email address exist. Code:
How to provide remember me check box on login page in asp coding. So that user can be remembered by his local m/c if he wants. Any code support / link in this regard.
View Replies View RelatedHow can I secure the pages for login users in a "professional way"? I could set a global variable to true when a user successfully sign in but that's not how the experts do it right?
View Replies View RelatedI developed a login page and use Access as the database. When I test it using http://localhost, it works perfectly. When I upload it to the web server and click on the link, a file download box pops up asking me if I want to save or open the login.asp file. Why doesn't it work now?
View Replies View Relatedi did not see from that view point of yours. anyway, i guess everyone reading this thread learned something about sessions & querystrings.
View Replies View RelatedI have a login page that Test's for the username and then tests for the password. If these test true then I redirect them to the member area. What I want to test for is if there is 1 user logged in with Session("test") = 1 and another user logs in with the credentials to set Session("Test") = 1 then the first session will terminate. The new user will then be able to navigate the member area.There will also be other user on with a Session("Test") = xxx where xxx is the Primary key of the validation table.
View Replies View RelatedI am creating my student website. I have completed with student registration parts (student enrolment form, personal details) but now my client requirement is that if any student come to my website , he/she needs to register first so if they log on next time , screen will comes up with their all details.
I tried to create login page and if they are not in database , they can register on my website. But I could not able to create in my website. There might be more users so need to have loop in my code.
Once user log in their name and password , it will search in database and if database found that record in it , that page will redirect to my website page which will comes up with perticular student information.
project details : XHTML (Front End), Java Script (Validation), ASP (Connectivity), MS ACCESS (DATABASE).
I am learning asp and I want to create a page that will provide the user with a user name and password box from there it would authenticate them against my ldap (sun) or AD ldap servers ( I would prefer to use the sun ldap server but I can use either)
from there if they are successfull they would get a special website, if they are not successfull they get an error.
I have been reading for the past couple hours now about this and searching google and I just can't find a solid answer, I found some information on how to make a ldap edit page but not just a simple ldap authentication page.
another question I have is how I can use this to then edit a database. for example after the user logs in they get a page that asks them a couple of questions. when they fill out there answers and hit submit I want it to get sent to a database but classified under there user id so I can run reports on provided what answers. Code:
I want to abandon session everytime when user come to login page. The problem is that if
1) user comes from login page to welcome page and session is created
2) but if he clicks the "back" button session is not abandoned. I have
Session.Abandon
on login page, but it does not work untill page refreshed. Is there any way to refresh page if user comes back to it using button "back" of browser? Or may be the right way is very different to what i try to do?
I have a client who wants a customized special announcements page similar to WordPress They however, want it some custom and want it to reside entirely on their servers, with a folder that is only accessible with a user login and password. They want the ability to be able to edit the page directly on the server so that the changes are instant.
I have no experience with server-side scripting, or servers period expect for uploading or downloading files onto the server with an FTP. I would like to hire someone to help me complete this project however, I'm not even sure what to ask for.
On allot of professional web sites, i have notised that When you are looking for something on the site and it needs you to login first
before you can see the content, when you do login it knows exactly where to take you before you loged in, how do they do this???
what type of code do they use??? i would love to apply it to my site.
Unless you declared those session variables earlier, they have no data in them. Assuming this information is coming from a form, try using request.form("fieldname") instead of the session variables.
If this doesn't address your problem, give more detail about what "isn't working"
I have a login page in ASP and I am trying to block a folder with pictures to make the unavailable to people who doesn't loged in to see them. How can I do to block this folder or put some kind script to allow only the pople who loged in to see them?
View Replies View RelatedI have a hosted Sharepoint solution, and would like to create online portals for each of our customers, what this means is i have to create a single login page (Or have it created!), for all visitors to see. Dependant on their credentials, i want the correct Sharepoint Portal (Web-address essentially) to be displayed.
View Replies View Related