Hiya!

I have a big problem.  On my site I have a member area ppl can join and log in to but recently I found out that if you join with say the name 'Michelle' and there is already a 'michelle' in the database it would allow that but when it is verifying a log in its not case sensitive anymore and so it just looks for the first michelle.

How do I change it so that its not case sensitive?  So that it woudln't allow a michelle and a Michelle?

Here is the part of the script that creates a new user:

________________________________________________________

  'Build connection
 set conn = server.CreateObject ("ADODB.Connection")
 conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=e:\home\Default\**********************"
 set rs = server.CreateObject ("ADODB.Recordset")
 'Open all records
 rs.Open "SELECT * FROM admin", conn, 3, 3
   
 'Check if username doesn't already exist
 do while not rs.EOF
  if rs("username")=username then
   set rs=nothing
   set conn=nothing
   Response.Redirect("taken.asp")
  end if
  rs.MoveNext
 loop

_________________________________________________________

Please help me! 
Thanks so much for reading

Loadsa love,
Vicky xxx

You could only allow users to have lower case usernames.

For example

username="ULTRAMODS"

RESPONSE.WRITE(LCase(username))

would change username to ultramods

thanks for the fast reply!  but I guess that wouldn't really work since I already have hundreds of members in the database

How could I change it so that when it was verfiying it remained case sensitive?

Here is the verifying part of the script:

__________________________________________________________

'Build connection with database
 set conn = server.CreateObject ("ADODB.Connection")  
 conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=e:\home\Default\*******************************"
 set rs = server.CreateObject ("ADODB.Recordset")  
 rs.Open "SELECT * FROM admin where username='"& username &"'", conn, 1

__________________________________________________________

Thanks so much!

when users are actually loggin in you would be using a query such as: "SELECT * FROM admin where username='"& username &"' AND password=' " & password " ' ",

The chances of lets say Michelle and michelle having the same password of birkett1 are quite slim. So this would be ok for your already registered members. But then you could use LCase() to make sure all new usernames are all lower case

It would be possible to check for a difference between michelle and Michelle howerver it means more coding, which thenresults in slower loading times.

OK if you want to do it the way you first said you could try using.

'Build connection
 set conn = server.CreateObject ("ADODB.Connection")
 conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=e:\home\Default\**********************"
 set rs = server.CreateObject ("ADODB.Recordset")
 'Open all records
 rs.Open "SELECT * FROM admin where username= " & username & " ' " ", conn, 3, 3 

   
IF rs.EOF THEN                                                             

        RESPONSE.WRITE("yes you can have that username")

ELSE

          RESPONSE.WRITE("sorry username taken")

END IF

If Michelle is registered it wont allow michelle to be registered.

Thanks soooooo much!  You're my saviour!!!!

I'm just gonna go try that just now!!!

Mwah! xxx

Loadsa love,
Vicky  xxx

Ok, I tried both methods and neither worked...I keep getting error messages.  I must be doing something wrong   for the first method when logging in and you search for the username and password, wot would the next line be after

"SELECT * FROM admin where username='"& username &"' AND password1=' " & password1 " ' ",

just now i have:

If not rs("username") = username AND rs("password1") = password1 then
  rs.close
  conn.close
  set rs=nothing
  set conn=nothing
  Response.Redirect("login_id.asp")
 end if

can u see where I have gone wrong?

Thanks for your help I really appreciate it!

IF not rs.EOF  THEN

Response.Cookies("userLoggedIN") = username 

Response.redirect("loggedin.asp")

Else

        Response.redirect("login_id.asp")

END IF

rs.close
set rs=nothing

conn.close
set conn=nothing

ultramods wrote: You could only allow users to have lower case usernames. For example username="ULTRAMODS" RESPONSE.WRITE(LCase(username)) would change username to ultramods

sorry to bother you again but where would this part go?

I was gonna give it a try cos the otha thing neva worked   it was sayin sumthin about it cant carry out the operation cos it wasn't valid .  So if i just change the log in so that they're all lowercase now then at least it should work from now on and ill deal with the ppl who have the same usernames some other way.

Thanks! 

you could do. If you are wanting to use the LCase(). You can use it in the next part of server side code that you use, after the user has entered the username.

What error message were you getting.

Well this is what I had for the full verify page:

____________________________________________________

<%
 'Save the entered username and password
 username = Request.Form("username") 
 password1 = Request.Form("password1")
 
 if username = "" then Response.redirect("empty.asp")
 if password1 = "" then Response.Redirect("empty.asp")
 
 'Build connection with database
 set conn = server.CreateObject ("ADODB.Connection")  
 conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=e:\home\Default\****************************"
 set rs = server.CreateObject ("ADODB.Recordset")  
 rs.Open "SELECT * FROM admin where username='"& username &"' AND password=' " & password " ' ",
 
 
 IF not rs.EOF  THEN
 Session("name") = rs("fullname")
 

 else
  Resonse.Redirect("login_id.asp")
  
 end if

  rs.Close
  conn.Close
  set rs=nothing
  set conn=nothing

%>

_________________________________________________

And this is the error message I got:

ADODB.Recordset error '800a0e7d'

The connection cannot be used to perform this operation. It is either closed or invalid in this context.

/members/verify.asp, line 13

Line 13 is this one:

rs.Open "SELECT * FROM admin where username='"& username &"' AND password1=' " & password1 &" ' "

Any idea what went wrong?

Thanks so much for helping me!!

Try:

rs.Open "SELECT * FROM admin where username='"& username &"' AND password1=' " & password1 &" ' ", conn, 3, 3

ok. test it by using the following, to see if the variables are being passed the correct data.

RESPONSE.WRITE(username)
RESPONSE.WRITE(password1) 

Also try Trim(Request.Form("username") )

            Trim(Request.Form("password1") )

Nope it didn't work and the lower case thing didn't work either.

It's ok!  I got it working! 

Thanks soooo much for all your help!!  You're a star!!!

Loadsa love,
Vicky  xxx