I want to prevent multiple logins in my web application. For eg:If a user "userA" logs into the application,some other user with same userid "userA" should not be allowed to login as long as previously logged in "userA" is active.
Is there any solution? One method I thought was when user logs into application,
I set a flag in table.If user logs out of application from the logout button explicitly provided in application, I reset the flag for that userid.But if user closes the application from browser(close) , I am unable to find a way to reset a flag.
I have a problem with restricting multiple users to get access to my site with the same username and password.
I allready set up a table getting the UserID of the user and putting it in the table, therefore restricting access for future logins as long as the users Session is still valid.
Now to my problem. When the user logs out everything is great, but when he just closes IE the session is still valid and the field in the DB will not be deleted. I have put a SQL in the Sessoin_OnEnd in the global.asa file, but since this site is a micro site in another folder than the root, the global.asa can effect the main site aswell. And it will take at least 15 minutes before he can login again (and I do not want to set session.timeout any lower).
I'm trying to make my login page also insert into a seperate table a list of users when they login. The current code returns no errors but does not write to the table. It is still checking the user and password correctly but that's it. Any ideas? I'm sure it's something stupid but I can't see it. Also is there anyway to encrypt the login too? Code:
I would like to prevent a user from logging in with their user/password combination on a different computer or even a different browser window, if they are already logged in. I have a login page, from which I use a DB check to verify user/password info. Also, I have a bit loggedIN field in the DB, which I use to see if they are currently logged in; if so, I prevent them from logging in a second time.
Unless they click the "Log Out" button, then the DB value does not get changed. Any suggestions as to how I can log them out, even if they simply close the browser window or jump to a different page?
I need to display the # of online users on my system, as well as the 10 users that last logged in at that moment....How would I do this? Im sorry if question is vague but I've never done this before and I've no idea how to do it. Will I be needing an application variable? Do I have to use it on a global.asa file?
I would like to create an auto-lock out module where users are unable to continue login attempt after 3-5 unsuccessful logins. In addition, the user account are automatically suspended after stipulated unsuccessful logins. Is there any sample coding in ASP or Javascript for me to refer to??
I am a webdesigner.We have recently taken over a site created in ASP. The site remains on the original server, but my company does the updates on the site.I do not touch the ASP at all, as I not familiar with it other then I know ASP automatically becomes html when you view it from the browser and u can save the file from there.Anyways, I edit the pages as required, new text, new photos, new links, and create new pages (any new pages I create in html if not tied to the database). I save the pages with a .asp extension and upload. This does not seem to mess anything up. The person who hosts the site, is upset that someone else is editing the site, so he's really not easy to work with. Anyways, after uploading files, everything works fine, and then a day later, all of a sudden, any .ASP pgs you click on give the following error or similar pasted below. What I'd like to know is if these errors are because of me..and if so, how do I prevent it.
I've got an intranet application that presents a list of files in sort of a 'central repository' web page. Each file is an href in the form <a href=file://server/share/path/filename.ext>.
When the user clicks on an excel file,it is opening within the browser,which unforntuntely confuses the heck out of them because the usual Print/Print Preview menu options are not available. I would like the user to be presented with the typical Open/Save dialog when clicking on this link.
Is there any way that I can force the browser to do the same thing as 'Save Target As', without modifying the user mime configuration in IE (another common suggestion), or hosting the files on the web server?
i have a form by asp and database by MS access.so i want to prevent the duplicate value in empID because when i add a new employee with the same id ASP gives me this error.
Error Type: Microsoft OLE DB Provider for ODBC Drivers (0x80040E14) [Microsoft][ODBC Microsoft Access Driver] The changes you requested to the table were not successful because they would create duplicate values in the index, primary key, or relationship. Change the data in the field or fields that contain duplicate data, remove the index, or redefine the index to permit duplicate entries and try again. /employee/admin/addemp1.asp, line 48
so i want the employee to get a message like this empID already exist or somthing like this.
If you look around on the web for advice on cache-control and using 'Option Explicit' you get a paradox. Both features are supposed to be the first piece of ASP code on the page. Well they can't BOTH be first can they?
What would the logic be to prevent flooding? On my forum they have a timer, so if the user has submitted a post, it starts the timer, and after 30 seconds it will allow him to post again.
When the user comments, record the date in a session (StartTime) and when the user tries again, DateDiff in seconds to see if the Now() time is more than 30 seconds after the StartTime. If it is, clear the session.
i tried to open Window B using window.open() from Main Window. And from Window B i open another new Window C which fires up session("topic")="something"
So i tried to open another window link from Main Window, and the session("topic") value is still the same. how can i overcome it? Beacuse im using same session("Topic") var for all the sql query statement. so if 1 window is opening and another different session window start, it will overwrite it each other.
How can you prevent the database error from displaying on screen? Can you redirect users to a more friendly error screen that is custom created. Using ASP/SQL Server. For instance, if the database cannot be found, instead of displaying,
Microsoft OLE DB Provider for SQL Server error '80004005' [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied. /myConn.asp, line 7
Can you make it to where you could display something like this:
"I'm sorry, a database error has occured, please try your request later, click hyperlink for list of possibilities."
Currently i am doing a file management project where user are able to create folder and upload files to it. The file ownner would be able to set permission (from database linking to the file path) if a user able to download it or not.
*each file info will be stored into a table e.g. fileid, filename, path, access.
Now i am facing a problem where if a user does not have permission to click on the link to download, the user can guess the path and the file name and directly type the path on the address bar to download the file.
I have a form which when submitted will validate the fields and then add the record to a database. If a mandatory field is not completed, there is an instruction to return to the form and complete the mandatory fields and then submit.
The problem I have is preventing the user from resubmitting the same form once it has been added to the database. I cannot deactivate the submit button, because if they need to return to complete mandatory fields, the submit button is still required.
I have read the article "Programming Forms To Submit Only Once" from 15seconds.com and this looks exactly what I need......
To prevent the same form from being submitted more than once we must:
Initialize the data structures. Create a mechanism to give each form a unique identification. Find a way to store a list of already submitted forms. When processing a form submit, we just have to check if its ID is on the list.
I am having problems when adding the recommended code to my form and my process form pages.
This may not be possible on the server side, so apologies if this is the wrong group for this post.My form consists of an unknown number of pairs of text boxes. They are named textbox_a and textbox_b. I then split the comma separated list that gets posted:
textbox_a = split(Request.Form("textbox_a"),",") for i = ubound(textbox_a) ...insert into db
then do the same for textbox_b
If anyone puts a comma into one of the text boxes, this will result in unmatched pairs. How can I deal with the comma, or prevent it?
due to my 'Language for non-Unicode Setting' in Regional Settings,my ASP page keeps outputing the date format as Chinese Simplified characters when issuing say, <%=Now()%>. In addition, my client script also interpret it as Chinese characters, which I don't want it to behave this way.
However, I can't remove my 'Chinese (PRC)' settings in control panel as I need it for other Chinese version software. Does anyone knows how can I display the date in my ASP page in normal English? I did try out the META tag Content Type and put in several charset to try out, but seems like it doesn't work at all.
I assume it has to do with cache control, but how do I prevent the form from clearing when a user hits the back button? The form I am referring to is my registration page. After the registration is submitted, they are taken to an error handling page. If an error comes up, they are required to hit the back button and correct the mistake.
It seems like for the most part it retains all of the information in the fields, but occasionally it clears it out. How can I prevent this?
I have a file that SHOULD only be made accessable to registered users. They must login to get to the download page. The problem I have is that once a user logs in an gets to that page they can potentially share the web link to that file with anyone and that unregistered user can bypass logging in.
I was thinking something along the lines of download.com where when you click download, the actual files location only appears for a split second, pops up the download box, then it switches to another webaddress?
I have a site which gives access to 2,000 Hi-Res photos for free. We noticed that people began to use programs like Offline Explorer and WebStripper to download our entire collection all at once. - This is a problem because it hogs our bandwidth, and we are scared that people are going to use our entire collection for their own financial gain, when we are providing it for free.
We actually have two web servers, one is the website where the user interface is located, the other is a server where we store all the image files (at an educational institution, unlimited storage). We link the images to the external server. Is there a way in ASP to limit access to the images by setting up a rule like so:
"Only allow access to these images if the referer is www.ourdomain.com" ? We would prefer not to use any 3rd party software.
I need help ASAP. I have a form where users can fill out the fields firstname, lastname, and emailaddress. When the user submits the form, I need ASP to call out to a SQL Server database to see if the firstname, lastname and emailaddress the user submitted already exists in the database.
If they all do exist, the user should not be allowed to submit the data but should be redirected to a page saying "sorry, you have already entered that information" or something to that effect.
Below is a segment of an ASP file that takes information from an HTML file that contains a form and then passes the information in the form via the VB variable "Request.Form(*)". I have already placed form field validation on the client side via JavaScript code. The ASP file won't be called unless the user has filled in ALL information on the form. How do I validate the data on the server side .. in other words, can someone please provide me a few lines of code to validate that data has been passed to the "Request.Form" variable and if it is not, how would I perform an immediate exit. I am not very adept at VB scripting and I am trying to prevent anyone or anything from compromising the website by allowing blank e-mails to be generated, which is what is happening presently........
