User login Script... Please help.

Results 1 to 3 of 3

Thread: User login Script... Please help.

  1. #1
    Raymond Guest

    Default User login Script... Please help.

    Hello,<BR>I am trying to write a login script that checks username and password from a database through ODBC. The username/password check is fine, but I have a problem that I cannot seem to solve. After the password check, when the user clicks on another page, do I run the SQL query to check the Username/password again? Or is there an easier way to keep track of a logged in user? How do I tell when a user logs off?<BR><BR>Thanks in advance,<BR>Raymond

  2. #2
    Join Date
    Dec 1969
    Los Angeles, CA

    Default RE: User login Script... Please help.

    well when you authenticate a user assign flag to a session variable. At the top of every page check for that flag if is not satisfied it means the session has been abandoned or the user is trying to access the page without logging in.<BR><BR>THere are a lot of articles on this you would have come accross them if you TRIED to FIND "stuff" in that regard

  3. #3 Guest

    Default RE: User login Script... Please help.

    Once you have verified the Username/Pwd, you set a session variable and then all subsequent pages can merely check for the session variable. If it is set then the user must be logged in, because the session var cannot be set unless your script does it.<BR>Eg:<BR>&#060;%<BR>rs.Open "Select User, Pwd from tblUsers where User=&#039" & request.form("User") & "&#039 and Pwd = &#039" & request.form("Pwd") & "&#039", Conn, 3,3,1<BR>if Rs.EOF then <BR> Session("User")=request.form("User")<BR> response.redirect "Go.asp"<BR>else<BR> response.redirect "Login.asp"<BR>End If<BR>%&#062;<BR><BR>Then first thing on other pages:<BR><BR>&#060;%<BR>If Session("User") = "" then response.redirect "login.asp"<BR>%&#062;<BR><BR>User will not be able to access any page unless logged on. Not session requires client browser to enable session-level cookies. Also sessions timeout. The default is usually 20 minutes, but can be altered via Session.TimeOut property. This can be used as a security feature as the user will automatically be logged out if after this timeout period.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts