create session without GLOSAL file ?

Results 1 to 3 of 3

Thread: create session without GLOSAL file ?

  1. #1
    Join Date
    Dec 1969
    Posts
    41

    Default create session without GLOSAL file ?

    can u create session without GLOSAL file ?<BR><BR>I&#039s create a session("authent") without GLOSAL file,<BR>but i can&#039t detect it in another page , but when i tried type "set session("authent") = true ", it&#039s can! why?<BR><BR>as i know set session is set object to session.<BR><BR>anyone can help m , TQ.

  2. #2
    Jason Buck Guest

    Default RE: create session without GLOSAL file ?

    Yes, can do it without a global.asa file.<BR><BR>But you still have to make an include file and have it on every page.<BR><BR>I have the login.asp that creates a session for a username.<BR><BR>Here is the login page that creates the session:<BR><BR>&#060;%<BR><BR>strName = request.form("UserName")<BR>strPass = request.form("password")<BR><BR>if Instr(Request.ServerVariables("HTTP_REFERER"),te) Then<BR><BR> <BR> strConnect = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=C:database e1.mdb"<BR><BR> dim objconn, objrec, mysql, strStatus, Mytest, strLength<BR> set objconn = server.createobject("ADODB.Connection")<BR><BR><BR > objConn.open strConnect<BR><BR><BR><BR> mysql = "SELECT SUser.User_Name FROM SUser WHERE (((SUser.Userid)=&#039" & strName & "&#039) AND ((SUser.Password)=&#039" & strPass & "&#039));"<BR><BR><BR><BR> set rstemp=objConn.execute(mysql)<BR><BR> If rstemp.eof then<BR> jjj="notvalid"<BR><BR> Set FileObject = Server.CreateObject("Scripting.FileSystemObject")< BR><BR> TestFile = Server.MapPath ("/telogs") & " elogin.txt"<BR> Set OutStream= FileObject.OpenTextFile (TestFile, 8, TRUE)<BR><BR> ipaddr=Request.ServerVariables("REMOTE_ADDR") & " : "<BR> <BR> OutStream.Write ipaddr & "tried to login using UserName: &#060;b&#062;" & request.form("UserName") & "&#060;/b&#062; or Password: &#060;b&#062;" & request.form("password") & "&#060;/b&#062;. One of these was incorrect." & " " & Now()<BR> OutStream.WriteLine textstr & "<BR>"<BR> Set OutStream = Nothing<BR><BR><BR> Session.Abandon<BR> response.redirect "default.htm"<BR> <BR> Else<BR> jjj="valid"<BR> Set FileObject = Server.CreateObject("Scripting.FileSystemObject")< BR><BR> TestFile = Server.MapPath ("/telogs") & " esuccess.txt"<BR> Set OutStream= FileObject.OpenTextFile (TestFile, 8, TRUE)<BR><BR> ipaddr=Request.ServerVariables("REMOTE_ADDR") & " : "<BR> <BR> OutStream.Write ipaddr & "Login was Successful using UserName: &#060;b&#062;" & request.form("UserName") & "&#060;/b&#062; at " & Now()<BR> OutStream.WriteLine textstr & "<BR>"<BR> Set OutStream = Nothing<BR> Response.Cookies("teCookie")("tedb") = strName<BR> <BR> &#039Session("strName") = strName <BR> &#039Session("Junk") = "Car"<BR> &#039Session.Abandon<BR><BR>&#039*****This is where the session is created<BR> Session("strName") = strName <BR> response.redirect "home.asp"<BR> End if<BR> <BR> rstemp.close<BR><BR> Set rstemp = nothing<BR> objConn.close<BR> Set objConn = nothing<BR><BR>Else<BR><BR> Set FileObject = Server.CreateObject("Scripting.FileSystemObject")< BR><BR> TestFile = Server.MapPath ("/telogs") & "adlogin.txt"<BR> Set OutStream= FileObject.OpenTextFile (TestFile, 8, TRUE)<BR><BR> ipaddr=Request.ServerVariables("REMOTE_ADDR") & " : " <BR> OutStream.Write ipaddr & " Tried to access page without logging in " & Now()<BR> OutStream.WriteLine textstr & "<BR>"<BR> Set OutStream = Nothing<BR> response.redirect "http://www.wnj.com"<BR> <BR><BR><BR><BR>End if<BR><BR><BR>%&#062;<BR><BR>Here is the include file that you have to have on everypage after the login in. I call it checklogin.asp....<BR><BR>&#060;%<BR>Dim strFred<BR>strFred = Session.Contents("strName")<BR>Response.ExpiresAbs olute = Now() -1<BR><BR>if Len(strFred) = 0 Then<BR> <BR> response.redirect "default.htm"<BR>End if<BR>%&#062;<BR><BR>I use these pages on my intranet. For real web apps I would not use this method because there are a few ways to fake the session and allow anyone access to the site.<BR><BR>I hope this helps you get started.<BR>any other questions, feel free to contact me.<BR><BR>Respectfully,<BR><BR>Jason<BR>webmaster @wnj.com

  3. #3
    Keith Fowler Guest

    Default RE: create session without GLOSAL file ?

    Unfortunately, including this much code in every page will surely put a load on your server every time it serves a page.<BR>Besides, it&#039s not necessary!<BR><BR>Fortunately, once you initialize a session variable like so:<BR><BR>Session("Login_Auth") = True<BR><BR>It is available throughout the session unless you change it somewhere along the way. You only need to initialize it one time!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •