Results 1 to 9 of 9
  1. #1
    Join Date
    Sep 2004
    Posts
    21

    Unanswered: need help..i am newbie...urgent...

    i am working on my small system e-zakat...i am using asp and ms access...it's just small system...i have problem on my login page...i want to use 1 login page for admin and ordinary users...in my database, there are uid, pwd and also level...i used level=1 for admin...but how to check the level from database?? so admin will see their menu page while users also see their own menu page...about my database connection, can anyone give opinion?? i have tried so many codes but only this worked...i am newbie in web development...here i enclosed my check.asp codes.

    <% @ Language="JavaScript" %>
    <%
    //here is the connection string
    //var conn = Server.CreateObject("adodb.connection");
    //this connection uses JET 4 it is the prefered method of connecting to an access database
    //var DSNtemp = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("/ezakat/zakat.mdb");
    //if you cant use JET then comment out the line above and uncomment the line below
    //var DSNtemp="DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("/ezakat/zakat.mdb");
    //conn.Open(DSNtemp);
    var DSN = "DSN=dsnZakat";
    //var DSN = "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("/Zakat/zakat.mdb");
    var Conn = Server.CreateObject("ADODB.Connection");

    Conn.Open(DSN);

    var RS = Server.CreateObject("ADODB.Recordset");
    var uid = Request.Form("uid");
    var pwd = Request.Form("pwd");

    var SQL = "Select * From users Where uid = '" + uid + "' And pwd = '" + pwd + "'";
    //var RS = Conn.Execute(SQL)
    RS.Open(SQL, Conn);
    //if the user is found we will set the session okeydokey to TRUE allowing the user to gain entrance
    if (!RS.EOF)
    {
    Session("okeydokey") = "True";
    /*if (RS.Recordset("level") == 1)
    {
    Response.Redirect("menu2.asp");
    }
    else
    {
    Response.Redirect("menu1.asp");
    }*/
    RS = null;
    Conn.Close();
    //Response.Redirect("menu.asp");
    }
    else
    {
    RS = null;
    Conn.Close();
    Response.Redirect("login.asp");
    }
    %>

  2. #2
    Join Date
    Jul 2003
    Location
    SoCal
    Posts
    721
    Ok.. if that code works, what's your question?
    That which does not kill me postpones the inevitable.

  3. #3
    Join Date
    Sep 2004
    Posts
    21
    the database connection is ok but i always saw people using Server.MapPath("database name"). I have tried it but there was an error on driver.what's that mean???

    i have problem on how to check user level from the database. suppose level 1 is for admin and level 2 is for ordinary users. because after they successfully login, they will view different menu. here is my code to check the user level.is it right??

    if (RS.Recordset("level") == 1)
    {
    Response.Redirect("menu2.asp");
    }
    else
    {
    Response.Redirect("menu1.asp");
    }


    or i need to change it to RS.Fields("level")???

  4. #4
    Join Date
    Jul 2003
    Location
    SoCal
    Posts
    721
    Server.MapPath is used to convert a virtual path to an absolute path:

    Server.MapPath("/folder1/folder2/mypage.asp") MIGHT resolve to the absolute path: c:\inetpub\wwwroot\folder1\folder2\mypage.asp

    But if you're going to do this, then your database needs to be under your website, which could potentially be a security hole if someone knew the path to it. Instead, a better idea is to keep your DB under a separate directory, and use an absolute path or DSN.

    As for your If statement, I don't write Server-Side JavaScript, but I'd say you should use RS.Fields("level") or RS("level").
    That which does not kill me postpones the inevitable.

  5. #5
    Join Date
    Sep 2004
    Posts
    21
    <% @ Language="JavaScript" %>
    <%
    var DSN = "DSN=dsnZakat";
    var Conn = Server.CreateObject("ADODB.Connection");

    Conn.Open(DSN);

    var RS = Server.CreateObject("ADODB.Recordset");
    var uid = Request.Form("uid");
    var pwd = Request.Form("pwd");

    var SQL = "Select * From users Where uid = '" + uid + "' And pwd = '" + pwd + "'";
    RS.Open(SQL, Conn);
    //if the user is found we will set the session okeydokey to TRUE allowing the user to gain entrance
    if (!RS.EOF)
    {
    Session("okeydokey") = "True";
    if (RS.Fields("level") == 1)
    {
    Response.Redirect("menu2.asp");
    }
    else
    {
    Response.Redirect("menu1.asp");
    }
    RS = null;
    Conn.Close();
    }
    else
    {
    RS = null;
    Conn.Close();
    Response.Redirect("login.asp");
    }
    %>

    i have tried both methods u gave me but it didn't work... above is my latest codes that i have tried it failed to check the user level from the database...i have set the uid and pwd in the database as a TEXT and level as a NUMBER...

  6. #6
    Join Date
    Jul 2003
    Location
    SoCal
    Posts
    721
    Ok.. try:

    if ( RS.level == 1 )
    That which does not kill me postpones the inevitable.

  7. #7
    Join Date
    Sep 2004
    Posts
    21
    i have tried ur code but it always redirect to menu1.asp...even the level is 1...1 friend gave me this code (in vbscript)...i have tried to convert it into javascript but since i am newbie in web development using javascript...maybe i made some mistakes somewhere and i couldnt find the error...can u show the code in javascript?


    Set Conn = Server.CreateObject("ADODB.Connection")
    Conn.Open "DSN=dsnZakat"

    strSql = "SELECT * FROM [Users] WHERE uid = '" & uid & "' AND pwd = '" & pwd & "'"

    Set rs = Conn.Execute(strSql)

    If rs.eof Then
    Response.write("Invalid Login")
    Else
    If CStr(rs("UserLevel")) = "1" Then
    Response.Redirect("menu2.asp")
    Else
    Response.Redirect("menu1.asp")
    End If
    End If

    Conn.Close
    Set Conn = Nothing

  8. #8
    Join Date
    Jul 2003
    Location
    SoCal
    Posts
    721
    Ok.. VBScript I can help with... What error are you getting?
    That which does not kill me postpones the inevitable.

  9. #9
    Join Date
    Sep 2004
    Posts
    21
    No...can u write the code in the javascript?my system should be in the javascript...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •