i am working on my small system e-zakat...i am using asp and ms access...it's just small system...i have problem on my login page...i want to use 1 login page for admin and ordinary users...in my database, there are uid, pwd and also level...i used level=1 for admin...but how to check the level from database?? so admin will see their menu page while users also see their own menu page...about my database connection, can anyone give opinion?? i have tried so many codes but only this worked...i am newbie in web development...here i enclosed my check.asp codes.

<% @ Language="JavaScript" %>
<%
//here is the connection string
//var conn = Server.CreateObject("adodb.connection");
//this connection uses JET 4 it is the prefered method of connecting to an access database
//var DSNtemp = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("/ezakat/zakat.mdb");
//if you cant use JET then comment out the line above and uncomment the line below
//var DSNtemp="DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("/ezakat/zakat.mdb");
//conn.Open(DSNtemp);
var DSN = "DSN=dsnZakat";
//var DSN = "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("/Zakat/zakat.mdb");
var Conn = Server.CreateObject("ADODB.Connection");

Conn.Open(DSN);

var RS = Server.CreateObject("ADODB.Recordset");
var uid = Request.Form("uid");
var pwd = Request.Form("pwd");

var SQL = "Select * From users Where uid = '" + uid + "' And pwd = '" + pwd + "'";
//var RS = Conn.Execute(SQL)
RS.Open(SQL, Conn);
//if the user is found we will set the session okeydokey to TRUE allowing the user to gain entrance
if (!RS.EOF)
{
Session("okeydokey") = "True";
/*if (RS.Recordset("level") == 1)
{
Response.Redirect("menu2.asp");
}
else
{
Response.Redirect("menu1.asp");
}*/
RS = null;
Conn.Close();
//Response.Redirect("menu.asp");
}
else
{
RS = null;
Conn.Close();
Response.Redirect("login.asp");
}
%>

Ok.. if that code works, what's your question?

the database connection is ok but i always saw people using Server.MapPath("database name"). I have tried it but there was an error on driver.what's that mean???

i have problem on how to check user level from the database. suppose level 1 is for admin and level 2 is for ordinary users. because after they successfully login, they will view different menu. here is my code to check the user level.is it right??

if (RS.Recordset("level") == 1)
{
Response.Redirect("menu2.asp");
}
else
{
Response.Redirect("menu1.asp");
}

or i need to change it to RS.Fields("level")???

Server.MapPath is used to convert a virtual path to an absolute path:

Server.MapPath("/folder1/folder2/mypage.asp") MIGHT resolve to the absolute path: c:\inetpub\wwwroot\folder1\folder2\mypage.asp

But if you're going to do this, then your database needs to be under your website, which could potentially be a security hole if someone knew the path to it. Instead, a better idea is to keep your DB under a separate directory, and use an absolute path or DSN.

As for your If statement, I don't write Server-Side JavaScript, but I'd say you should use RS.Fields("level") or RS("level").

<% @ Language="JavaScript" %>
<%
var DSN = "DSN=dsnZakat";
var Conn = Server.CreateObject("ADODB.Connection");

Conn.Open(DSN);

var RS = Server.CreateObject("ADODB.Recordset");
var uid = Request.Form("uid");
var pwd = Request.Form("pwd");

var SQL = "Select * From users Where uid = '" + uid + "' And pwd = '" + pwd + "'";
RS.Open(SQL, Conn);
//if the user is found we will set the session okeydokey to TRUE allowing the user to gain entrance
if (!RS.EOF)
{
Session("okeydokey") = "True";
if (RS.Fields("level") == 1)
{
Response.Redirect("menu2.asp");
}
else
{
Response.Redirect("menu1.asp");
}
RS = null;
Conn.Close();
}
else
{
RS = null;
Conn.Close();
Response.Redirect("login.asp");
}
%>

i have tried both methods u gave me but it didn't work... above is my latest codes that i have tried it failed to check the user level from the database...i have set the uid and pwd in the database as a TEXT and level as a NUMBER...

Ok.. try:

if ( RS.level == 1 )

i have tried ur code but it always redirect to menu1.asp...even the level is 1...1 friend gave me this code (in vbscript)...i have tried to convert it into javascript but since i am newbie in web development using javascript...maybe i made some mistakes somewhere and i couldnt find the error...can u show the code in javascript?


Set Conn = Server.CreateObject("ADODB.Connection")
Conn.Open "DSN=dsnZakat"

strSql = "SELECT * FROM [Users] WHERE uid = '" & uid & "' AND pwd = '" & pwd & "'"

Set rs = Conn.Execute(strSql)

If rs.eof Then
Response.write("Invalid Login")
Else
If CStr(rs("UserLevel")) = "1" Then
Response.Redirect("menu2.asp")
Else
Response.Redirect("menu1.asp")
End If
End If

Conn.Close
Set Conn = Nothing

Ok.. VBScript I can help with... What error are you getting?

No...can u write the code in the javascript?my system should be in the javascript...