Print Page | Close Window

where to call db field in asp?

Printed From: Web Wiz Forums
Category: General Discussion
Forum Name: Classic ASP Discussion
Forum Description: Discussion on Active Server Pages (Classic ASP).
URL: https://forums.webwiz.net/forum_posts.asp?TID=7041
Printed Date: 31 March 2026 at 6:23pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com


Topic: where to call db field in asp?
Posted By: collie
Subject: where to call db field in asp?
Date Posted: 06 November 2003 at 4:46am
Hi,

Can someone please help me?

I have a db with a table called users and fields u_id, u_password and access.
Now if access =admin then i need to create a cetain cookie and if access=user then another cookie.

However, I am not sure how to identify the access field.
A user has to first login with his username and password in myads.asp and if login is successful then the user is redirected again to myads.asp where certaint information regarding his membership is displayed. To edit his details he clicks on another button that takes him to an aspx page.

Here is part of the code. the part in bold is where i want my cookies to go.

Thanks in advance for the help

<!--#include file="Connections/connDUclassified.asp" -->
<%
Dim rsUser__MMColParam
rsUser__MMColParam = "0"
if (Session("MM_Username") <> "") then rsUser__MMColParam = Session
("MM_Username") end if


%>
<%
set rsUser = Server.CreateObject("ADODB.Recordset")
rsUser.ActiveConnection = MM_connDUclassified_STRING
rsUser.Source = "SELECT U_ID, U_FIRST, U_LAST, ACCESS FROM USERS
WHERE U_ID = '" + Replace(rsUser__MMColParam, "'", "''") + "'"
rsUser.CursorType = 0
rsUser.CursorLocation = 2
rsUser.LockType = 3
rsUser.Open()
rsUser_numRows = 0

%>
<%
Dim rsAds__MMColParam
rsAds__MMColParam = "0"
if (Session("MM_Username") <> "") then rsAds__MMColParam = Session
("MM_Username")
%>

<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction
+ "?" + Request.QueryString
MM_valUsername=CStr(Request.Form("Username"))

If MM_valUsername <> "" Then


MM_fldUserAuthorization=""
MM_redirectLoginSuccess="myAds.asp"


MM_redirectLoginFailed="myAds.asp"


MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connDUclassified_STRING
MM_rsUser.Source = "SELECT U_ID, U_PASSWORD, ACCESS"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source =
MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE U_ID='" &
MM_valUsername &"' AND U_PASSWORD='" & CStr(Request.Form
("Password")) & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open

If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then


' username and password match - this is a valid user
DIM ACCESS
DIM U_ID
DIM U_PWORD


'---create user cookie
if access="user" then
Response.Cookies("Name")("Username") = Request.Form("UserName")
Response.Cookies ("Name")("Password")=Request.Form
("Password")
Response.Cookies("Name").Path = "/"
Response.Cookies ("Name").expires =dateadd("h",1,now())
'Response.Write(Request.Cookies("Name")("Username"))
'Response.Write (Request.Cookies("Name")("Password"))

'---end user cookie
else
'create admin cookie

Response.Cookies("Name")("ADMINusername") = Request.Form
("UserName")
Response.Cookies ("Name")("ADMINPassword")=Request.Form
("Password")
Response.Cookies("Name").Path = "/"
Response.Cookies ("Name").expires =dateadd("h",1,now())


'---end admin cookie


end if


Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then

Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item
(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""

End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")

End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)


End If

MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)

End If
%>

</SCRIPT>


Replies:
Posted By: svpworld
Date Posted: 07 November 2003 at 5:17am
Heck complicated way to do things!  Dont you just mean something like username = rsUser("userscolumnname").. after you've opened the record set and done your SQL query.

Posted By: collie
Date Posted: 08 November 2003 at 11:58pm

Hi,

I also don't like the way this code was written but it was written by me and now I have to work with it.

I am trying to call the ACCESS field after I have opened the record set but it doesn't work. Even if ACCESS=USER then I receive that Access =admin in the next page.

Here is the code of the first page. the recordset is in bold:

MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString MM_valUsername=CStr(Request.Form("Username")) If MM_valUsername <> "" Then MM_fldUserAuthorization="" MM_redirectLoginSuccess="myAds.asp" MM_redirectLoginFailed="myAds.asp" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_connDUclassified_STRING MM_rsUser.Source = "SELECT U_ID, U_PASSWORD, ACCESS" If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE U_ID='" & MM_valUsername &"' AND U_PASSWORD='" & CStr(Request.Form("Password")) & "'" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open

If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then

' username and password match - this is a valid user DIM ACCESS access=(mm_rsuser.fields.item ("ACCESS").value)

DIM U_ID

DIM U_PWORD

'---create user cookie

if ACCESS<>"admin" then Response.Cookies("UserCookie")("Username") = Request.Form("UserName")

 Response.Cookies ("UserCookie")("Password")=Request.Form ("Password")

 Response.Cookies("UserCookie").Path = "/"

Response.Cookies ("UserCookie").expires =dateadd("h",1,now()) Response.Write(Request.Cookies("UserCookie")("Username")) Response.Write (Request.Cookies("UserCookie")("Password"))

 '---end user cookie

else

'create admin cookie Response.Cookies("adminCOOKIE")("ADMINusername") = Request.Form("UserName")

 Response.Cookies ("adminCOOKIE")("ADMINPassword")=Request.Form ("Password")

 Response.Cookies("adminCOOKIE").Path = "/"

response.Cookies ("adminCOOKIE").expires =dateadd("h",1,now()) Response.Write(Request.Cookies("adminCOOKIE")("ADMINusername ")) Response.Write (Request.Cookies("adminCOOKIE")("ADMINPassword"))

'---end admin cookie

end if

Session("MM_Username") = MM_valUsername If (MM_fldUserAuthorization <> "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "" End If if CStr(Request.QueryString("accessdenied")) <> "" And false Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed) End If


Print Page | Close Window

Forum Software by Web Wiz Forums® version 12.08 - https://www.webwizforums.com
Copyright ©2001-2026 Web Wiz Ltd. - https://www.webwiz.net