Log-in feature

[Jeremy Williams]

Okay, I have run into a little problem in creating an asp site. Many thanks to
anyone who has any ideas. This is a rather complicated site--let me explain
what I'm trying to accomplish. There is a registration log-in page in which a
visitor is given a "guest" level access user name and password. After
submitting the guest user name and password, they are taken to a registration
page where they fill out their profile information, including their own user
name and password. After they submit the profile information and the
information is inserted to the "clients" table on the "clients" database, they
are taken to the main log-in page. After logging into the secure area of the
site, they are able to fill out data in forms that will then submit to another
table on a separate database.

HERE IS THE PROBLEM: The forms are dynamic and pull certain information off
of the clients table that they filled out during the registration process.
Somehow, I have to get the information specific to the client who has logged in
to pre-fill the forms. (It automatically enters their company name, address,
phone, email, etc. so they only have to enter the other info.) For some
reason, no matter who logs in the same information is pulled from the table
which happens to be the first recordset in the table. I know I must be missing
something completely simple to tell Dreamweaver to pull down the information
from the client who just logged in--not the information from the first client
listed in the table.

Everything else is going so well--I have multiple pages set up with dynamic
information pulled down saying, Welcome, {client name} throughout the secure
pages. Again, it is the name listed in the first recordset of the table that
is pulled down, no matter who else is logged in. There has to be a way to do
this?

Also, if anyone has any ideas on how I can have a notification email
automatically generated to send to an administrator to notify him/her that an
addition to the database has been made?

Thank you in advance,
Jeremy Williams

[-D-]

Jeremy,

I'm not sure I Sounds like you just need to add a WHERE clause in your
recordset so you can return the specfic record you want. How are you
filtering your recordset?

Also, for your notification, you can use CDO to send auto-generated emails.

-D-


"Jeremy Williams" <webforumsuser@macromedia.com> wrote in message
news:dmd32d$6iu$1@forums.macromedia.com...

> Okay, I have run into a little problem in creating an asp site. Many

thanks to

> anyone who has any ideas. This is a rather complicated site--let me

explain

> what I'm trying to accomplish. There is a registration log-in page in

which a

> visitor is given a "guest" level access user name and password. After
> submitting the guest user name and password, they are taken to a

registration

> page where they fill out their profile information, including their own

user

> name and password. After they submit the profile information and the
> information is inserted to the "clients" table on the "clients" database,

they

> are taken to the main log-in page. After logging into the secure area of

the

> site, they are able to fill out data in forms that will then submit to

another

> table on a separate database.
>
> HERE IS THE PROBLEM: The forms are dynamic and pull certain information

off

> of the clients table that they filled out during the registration process.
> Somehow, I have to get the information specific to the client who has

logged in

> to pre-fill the forms. (It automatically enters their company name,

address,

> phone, email, etc. so they only have to enter the other info.) For some
> reason, no matter who logs in the same information is pulled from the

table

> which happens to be the first recordset in the table. I know I must be

missing

> something completely simple to tell Dreamweaver to pull down the

information

> from the client who just logged in--not the information from the first

client

> listed in the table.
>
> Everything else is going so well--I have multiple pages set up with

dynamic

> information pulled down saying, Welcome, {client name} throughout the

secure

> pages. Again, it is the name listed in the first recordset of the table

that

> is pulled down, no matter who else is logged in. There has to be a way to

do

> this?
>
> Also, if anyone has any ideas on how I can have a notification email
> automatically generated to send to an administrator to notify him/her that

an

> addition to the database has been made?
>
> Thank you in advance,
> Jeremy Williams
>

[Jeremy Williams]

Hi -D-,

Yes, I think there is definitely something that needs to be done with the
filtering. I have honestly played around with that and cannot for the life of
me figure out which combination to use. I have sorted the recordset differently
and have had the different columns pull down with the different information.

One of the columns is ClientID which is automatically numbered and set by
Microsoft Access. The other columns I tried to play around with were the
"UserName" and "Password" which the user/client sets during the registration
process. I think it is one of these two columns that I need to sort. I am not
sure as to whether I need to use. Every time I try to set a filter combination,
I get an error message or the page does not load so I am struggling with that.

There are four boxes there in the filter section: ______________ = URL
Parameter ____________. As I mentioned, I think I need to use the UserName or
Password in the two blanks and possibly "URL Parameter, "Form Variable" or
"Session Variable?" I am working with three books here, and just can't seem to
get the combination right.

I had not thought about using a "WHERE" clause. Could you give me a little
more information about that?

Thanks,
Jeremy Williams

[-D-]

Hi Jeremy,

Using a WHERE clause in your SELECT statement allows you to obtain the
specific records you want rather than just all records.

For example:

SELECT *
FROM ClientTable
(this gives you every column and every record in the Client table)

SELECT username
FROM ClientTable
WHERE username = 'jeremy'
(this only returns the username column that matches the name jeremy in all
lowercase letters)

So, if I understand what you are trying to do. When the user logs in and
fills out a form with their information, you want to capture in a variable
who they are, then pre-populate some other form fields on another page where
they have to fill in some additional information. Is this correct?

If so, when the user logs in, use the value in the ClientID column and set
that value into a variable so you have the unique id for that user. Then
when you are creating a new recordset to obtain the information you wish to
pre-populate in your other forms that is specific for that user you can
filter on the ClientID value.

Here is a very basic example:
Select *
FROM yourtable
WHERE ClientID = 'yourvariabe'

If your database structure is normalized then you will probably need to get
information from multiple tables. You will need to use joins in order to
obtain information from multiple tables. Your SELECT statement will be a
little more involved than the simple example I used.

Hope this helps.
Regards,
-D-

"Jeremy Williams" <webforumsuser@macromedia.com> wrote in message
news:dmgs29$1gc$1@forums.macromedia.com...

> Hi -D-,
>
> Yes, I think there is definitely something that needs to be done with the
> filtering. I have honestly played around with that and cannot for the life

of

> me figure out which combination to use. I have sorted the recordset

differently

> and have had the different columns pull down with the different

information.

>
> One of the columns is ClientID which is automatically numbered and set by
> Microsoft Access. The other columns I tried to play around with were the
> "UserName" and "Password" which the user/client sets during the

registration

> process. I think it is one of these two columns that I need to sort. I am

not

> sure as to whether I need to use. Every time I try to set a filter

combination,

> I get an error message or the page does not load so I am struggling with

that.

>
> There are four boxes there in the filter section: ______________ = URL
> Parameter ____________. As I mentioned, I think I need to use the UserName

or

> Password in the two blanks and possibly "URL Parameter, "Form Variable" or
> "Session Variable?" I am working with three books here, and just can't

seem to

> get the combination right.
>
> I had not thought about using a "WHERE" clause. Could you give me a

little

> more information about that?
>
> Thanks,
> Jeremy Williams
>

[Jeremy Williams]

Hi -D-,

Thank you for your help! Yes, you understand correctly that I am trying to
capture a variable of who the user is when they log in to then pre-ppuulate
some other form fields on the page that they log into and then they fill in
some additional information. Perfect!

Okay, so I need to use the value in the ClientID column and set that value
into a variable so I have the unique ID for that user. Yes, I do understand.
I have a couple of questions:

#1, do I need to have a recordset on the log-in page or just on the page that
they go to once they are logged in that has the form on it (part of which will
be pre-populated according to their ClientID)?

#2, what should "yourvariable" be in the following code that you showed me:

Select *
FROM Clients
WHERE ClientID = 'yourvariable'

Luckily, I only need to get the information to pre-populate the forms from ONE
database (called "Clients," where the ClientID is listed). Once the form is
submitted, it is being inserted to a separate database. All of this code is
working fine.)

Thank you for your patience and further explanation. You are greatly helping
me with this project!!

Sincerely,
Jeremy Williams

[Jeremy Williams]

-D-,

I don't know whether this helps, but here is what is showing in the Recordset
Advanced box within Dreamweaver:

SELECT *
FROM Clients
WHERE ClientID = MMColParam

Then, in the variables, it shows:

Name: MMColParam
Default Value: 1
Run-Time Value: Session("ClientID")

Somehow, I've got to get rid of the Default Value being 1, because it
continues to pull up the first record's information each time, no matter who
logs in.

Jeremy

[-D-]

Hi Jeremy,

MMColParam is just a variable name Dreamweaver assigns:

You need to specify MMColParam = (the variable that holds ClientID value)

Right now, it shows that MMColParam is equal to a session variable
Session("ClientID"). Did you store this value in a session variable?

Can you cut and paste the recordset code you used to validate a user when
they login?

I need to see some of your code to help you set your variable and then plug
that value into your new recordset.

Also, pastse the code for the recordset you are creating below.

Regards,
-D-


"Jeremy Williams" <webforumsuser@macromedia.com> wrote in message
news:dmihgt$i93$1@forums.macromedia.com...

> -D-,
>
> I don't know whether this helps, but here is what is showing in the

Recordset

> Advanced box within Dreamweaver:
>
> SELECT *
> FROM Clients
> WHERE ClientID = MMColParam
>
> Then, in the variables, it shows:
>
> Name: MMColParam
> Default Value: 1
> Run-Time Value: Session("ClientID")
>
> Somehow, I've got to get rid of the Default Value being 1, because it
> continues to pull up the first record's information each time, no matter

who

> logs in.
>
> Jeremy
>

[Jeremy Williams]

-D-

Thank you for your reply. I will gladly pay you for helping me figure this
all out! I very much appreciate your time and kind assistance. I know I'm in
a bit over my head here on this project.

Okay, on my log-in page I have created a session variable named "LogInIDusing
the bindings panel. I have binded it to a hidden field next to my submit
button within the pages form. I currently do not have a recordset on the
log-in page. I created a log-in user behavior which then sends the user to the
main index page if approved.

HERE IS THE CODE FOR THE LOG-IN BEHAVIOR LOCATED IN THE HEADER ON THE LOG-IN
PAGE:

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="../../Connections/connClients.asp" -->
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" +
Server.HTMLEncode(Request.QueryString)
MM_valUsername=CStr(Request.Form("UserName"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization="UserGroup"
MM_redirectLoginSuccess="../securePages/index.asp"
MM_redirectLoginFailed="loginFailed.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connClients_STRING
MM_rsUser.Source = "SELECT UserName, password"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source &
"," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM Clients WHERE UserName='" &
Replace(MM_valUsername,"'","''") &"' AND password='" &
Replace(Request.Form("password"),"'","''") & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") =
CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And true Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>

HERE IS THE CODE FOR THE SESSION VARIABLE THAT I HAVE BOUND TO A HIDDEN FIELD
WITHIN MY LOG-IN FORM ON THE LOG-IN PAGE:

<input name="hiddenField" type="hidden" value="<%= Session("LogInID") %>" />

HERE IS THE CODE THAT IS IN THE HEADER ON MY MAIN .../SecurePages/Index.asp
PAGE WHICH IS THE PAGE THAT NEEDS TO BE PRE-POPULATED. THE RECORDSET IS NAMED
"ClientName":

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="../../Connections/connClients.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="client,admin"
MM_authFailedURL="../logIn/index.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (false Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthor ization"))>=1) Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" &
Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" &
Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)
End If
%>
<%
Dim rsClientName__MMColParam
rsClientName__MMColParam = "1"
If (Session("LogInID") <> "") Then
rsClientName__MMColParam = Session("LogInID")
End If
%>
<%
Dim rsClientName
Dim rsClientName_numRows

Set rsClientName = Server.CreateObject("ADODB.Recordset")
rsClientName.ActiveConnection = MM_connClients_STRING
rsClientName.Source = "SELECT * FROM Clients WHERE ClientID = " +
Replace(rsClientName__MMColParam, "'", "''") + ""
rsClientName.CursorType = 0
rsClientName.CursorLocation = 2
rsClientName.LockType = 3
rsClientName.Open()

rsClientName_numRows = 0
%>TextText

[-D-]

Hi Jeremy,

No need to pay me...I'm happy to help. If it wasn't for these forums and
all the people that have helped me over the years, I still wouldn't know how
to turn on a PC:)

Okay, I think I have spotted the trouble. Let's see if this fixes the
problem.

In your login page right after the body tag <body> paste the following code:

<%

If Session("LogInIDusing") = "" Then

Response.Write("Session is Empty")

Else

Response.Write("Session is ")

Response.Write(Session("LogInIDusing"))

End If

%>



When you test your login page you will probably see: "Session is Empty" at
the top of your page.

So, what we need to do is ammend the SELECT statement in your login page and
then set your Session("LogInIDusing") to the ClientID value.

Change the following line:
MM_rsUser.Source = "SELECT UserName, password"

to

MM_rsUser.Source = "SELECT UserName, password, ClientID"



I'm assuming the name of the column in your Client table is ClientID for
your primary key field. If it's not, then let me know.



At the bottom of the LOG-IN BEHAVIOR code right after the this line:



Response.Redirect(MM_redirectLoginFailed)
End If



add the line:



Session("LogInIDusing") = MM_rsUser("ClientID")

So, you should have

Response.Redirect(MM_redirectLoginFailed)
End If
Session("LogInIDusing") = MM_rsUser("ClientID")
%>

You can delete your hidden form field. You will already have the Session
set, so no need to place it in a hidden form field.

Let me know if that works for you.

-D-


"Jeremy Williams" <webforumsuser@macromedia.com> wrote in message
news:dmio4g$qs9$1@forums.macromedia.com...

> -D-
>
> Thank you for your reply. I will gladly pay you for helping me figure

this

> all out! I very much appreciate your time and kind assistance. I know

I'm in

> a bit over my head here on this project.
>
> Okay, on my log-in page I have created a session variable named

"LogInIDusing

> the bindings panel. I have binded it to a hidden field next to my submit
> button within the pages form. I currently do not have a recordset on the
> log-in page. I created a log-in user behavior which then sends the user

to the

> main index page if approved.
>
> HERE IS THE CODE FOR THE LOG-IN BEHAVIOR LOCATED IN THE HEADER ON THE

LOG-IN

> PAGE:
>
> <%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
> <!--#include file="../../Connections/connClients.asp" -->
> <%
> ' *** Validate request to log in to this site.
> MM_LoginAction = Request.ServerVariables("URL")
> If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" +
> Server.HTMLEncode(Request.QueryString)
> MM_valUsername=CStr(Request.Form("UserName"))
> If MM_valUsername <> "" Then
> MM_fldUserAuthorization="UserGroup"
> MM_redirectLoginSuccess="../securePages/index.asp"
> MM_redirectLoginFailed="loginFailed.asp"
> MM_flag="ADODB.Recordset"
> set MM_rsUser = Server.CreateObject(MM_flag)
> MM_rsUser.ActiveConnection = MM_connClients_STRING
> MM_rsUser.Source = "SELECT UserName, password"
> If MM_fldUserAuthorization <> "" Then MM_rsUser.Source =

MM_rsUser.Source &

> "," & MM_fldUserAuthorization
> MM_rsUser.Source = MM_rsUser.Source & " FROM Clients WHERE UserName='"

&

> Replace(MM_valUsername,"'","''") &"' AND password='" &
> Replace(Request.Form("password"),"'","''") & "'"
> MM_rsUser.CursorType = 0
> MM_rsUser.CursorLocation = 2
> MM_rsUser.LockType = 3
> MM_rsUser.Open
> If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
> ' username and password match - this is a valid user
> Session("MM_Username") = MM_valUsername
> If (MM_fldUserAuthorization <> "") Then
> Session("MM_UserAuthorization") =
> CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
> Else
> Session("MM_UserAuthorization") = ""
> End If
> if CStr(Request.QueryString("accessdenied")) <> "" And true Then
> MM_redirectLoginSuccess = Request.QueryString("accessdenied")
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginSuccess)
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginFailed)
> End If
> %>
>
> HERE IS THE CODE FOR THE SESSION VARIABLE THAT I HAVE BOUND TO A HIDDEN

FIELD

> WITHIN MY LOG-IN FORM ON THE LOG-IN PAGE:
>
> <input name="hiddenField" type="hidden" value="<%= Session("LogInID") %>"

/>

>
> HERE IS THE CODE THAT IS IN THE HEADER ON MY MAIN

..../SecurePages/Index.asp

> PAGE WHICH IS THE PAGE THAT NEEDS TO BE PRE-POPULATED. THE RECORDSET IS

NAMED

> "ClientName":
>
> <%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
> <!--#include file="../../Connections/connClients.asp" -->
> <%
> ' *** Restrict Access To Page: Grant or deny access to this page
> MM_authorizedUsers="client,admin"
> MM_authFailedURL="../logIn/index.asp"
> MM_grantAccess=false
> If Session("MM_Username") <> "" Then
> If (false Or CStr(Session("MM_UserAuthorization"))="") Or _
> (InStr(1,MM_authorizedUsers,Session("MM_UserAuthor ization"))>=1)

Then

> MM_grantAccess = true
> End If
> End If
> If Not MM_grantAccess Then
> MM_qsChar = "?"
> If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
> MM_referrer = Request.ServerVariables("URL")
> if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer &

"?" &

> Request.QueryString()
> MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" &
> Server.URLEncode(MM_referrer)
> Response.Redirect(MM_authFailedURL)
> End If
> %>
> <%
> Dim rsClientName__MMColParam
> rsClientName__MMColParam = "1"
> If (Session("LogInID") <> "") Then
> rsClientName__MMColParam = Session("LogInID")
> End If
> %>
> <%
> Dim rsClientName
> Dim rsClientName_numRows
>
> Set rsClientName = Server.CreateObject("ADODB.Recordset")
> rsClientName.ActiveConnection = MM_connClients_STRING
> rsClientName.Source = "SELECT * FROM Clients WHERE ClientID = " +
> Replace(rsClientName__MMColParam, "'", "''") + ""
> rsClientName.CursorType = 0
> rsClientName.CursorLocation = 2
> rsClientName.LockType = 3
> rsClientName.Open()
>
> rsClientName_numRows = 0
> %>TextText
>

[Jeremy Williams]

HI -D-,

We are definitely on to something, here! Okay, when I tested the log-in page
using the additional code you had me insert, it did come up with "Session is
Empty" at the top of the page. When I went on to add the rest of the code you
told me to, I get the all-too-familiar "PAGE CANNOT BE DISPLAYED" error.

I have a couple of FYI's in case they help. I do not have a recordset on the
log-in page. Do I need one?

The session ID I created in the Application Bindings panel is named "LogInID".
I'm not sure what the "LogInIDusing" in your code is referring to. I know you
are the teacher, here, and I am probably not clueing in. Okay, the session ID
is not really bound to anything. It is just sitting there in the Bindings
panel.

Just to make you even more crazy, here is the complete code for your review
from the log-in page:

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="../../Connections/connClients.asp" -->
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" +
Server.HTMLEncode(Request.QueryString)
MM_valUsername=CStr(Request.Form("UserName"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization="UserGroup"
MM_redirectLoginSuccess="../securePages/index.asp"
MM_redirectLoginFailed="loginFailed.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connClients_STRING
MM_rsUser.Source = "SELECT UserName, password, ClientID"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source &
"," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM Clients WHERE UserName='" &
Replace(MM_valUsername,"'","''") &"' AND password='" &
Replace(Request.Form("password"),"'","''") & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") =
CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And true Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
Session("LogInID") = MM_rsUser("ClientID")
%>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="../../global_css/global.css" rel="stylesheet" type="text/css" />
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length;
i++)
if (a.indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a;}}
}
//-->
</script>
<script language='JavaScript'>
<!--
document.write("<scr"+"ipt language='JavaScript' SRC='" +
PL_adjustPath("/Pluginlab/Scripts/PLHFO.js") + "'></scr"+"ipt>");/* PLHFOMenu
script */

function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document;
if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++)
x=d.forms[n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++)
x=MM_findObj(n,d.layers.document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_valida teForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail
address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number
between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n';
}
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->
</script>
</head>

<%
If Session("LogInIDusing") = "" Then
Response.Write("Session is Empty")
Else
Response.Write("Session is ")
Response.Write(Session("LogInIDusing"))
End If
%>


Lastly, I may need your direction in how to filter the recordset on the
dynamically pre-populated pages. I am assuming the combination in the boxes
will be:

ClientID
=
Session Variable
ClientID

Thank you for hanging in there with me. You are a true Godsend!

Jeremy

[-D-]

Jeremy,

Sorry about that...I had a typo there.

Replace this code:

<%
If Session("LogInIDusing") = "" Then
Response.Write("Session is Empty")
Else
Response.Write("Session is ")
Response.Write(Session("LogInIDusing"))
End If
%>

With:

<%
If Session("LogInID") = "" Then
Response.Write("Session is Empty")
Else
Response.Write("Session is ")
Response.Write(Session("LogInID"))
End If
%>

Let me know if you get Session is Empty.
-D-


"Jeremy Williams" <webforumsuser@macromedia.com> wrote in message
news:dmjaf4$lbg$1@forums.macromedia.com...

> HI -D-,
>
> We are definitely on to something, here! Okay, when I tested the log-in

page

> using the additional code you had me insert, it did come up with "Session

is

> Empty" at the top of the page. When I went on to add the rest of the code

you

> told me to, I get the all-too-familiar "PAGE CANNOT BE DISPLAYED" error.
>
> I have a couple of FYI's in case they help. I do not have a recordset on

the

> log-in page. Do I need one?
>
> The session ID I created in the Application Bindings panel is named

"LogInID".

> I'm not sure what the "LogInIDusing" in your code is referring to. I

know you

> are the teacher, here, and I am probably not clueing in. Okay, the

session ID

> is not really bound to anything. It is just sitting there in the Bindings
> panel.
>
> Just to make you even more crazy, here is the complete code for your

review

> from the log-in page:
>
> <%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
> <!--#include file="../../Connections/connClients.asp" -->
> <%
> ' *** Validate request to log in to this site.
> MM_LoginAction = Request.ServerVariables("URL")
> If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" +
> Server.HTMLEncode(Request.QueryString)
> MM_valUsername=CStr(Request.Form("UserName"))
> If MM_valUsername <> "" Then
> MM_fldUserAuthorization="UserGroup"
> MM_redirectLoginSuccess="../securePages/index.asp"
> MM_redirectLoginFailed="loginFailed.asp"
> MM_flag="ADODB.Recordset"
> set MM_rsUser = Server.CreateObject(MM_flag)
> MM_rsUser.ActiveConnection = MM_connClients_STRING
> MM_rsUser.Source = "SELECT UserName, password, ClientID"
> If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source

&

> "," & MM_fldUserAuthorization
> MM_rsUser.Source = MM_rsUser.Source & " FROM Clients WHERE UserName='" &
> Replace(MM_valUsername,"'","''") &"' AND password='" &
> Replace(Request.Form("password"),"'","''") & "'"
> MM_rsUser.CursorType = 0
> MM_rsUser.CursorLocation = 2
> MM_rsUser.LockType = 3
> MM_rsUser.Open
> If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
> ' username and password match - this is a valid user
> Session("MM_Username") = MM_valUsername
> If (MM_fldUserAuthorization <> "") Then
> Session("MM_UserAuthorization") =
> CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
> Else
> Session("MM_UserAuthorization") = ""
> End If
> if CStr(Request.QueryString("accessdenied")) <> "" And true Then
> MM_redirectLoginSuccess = Request.QueryString("accessdenied")
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginSuccess)
> End If
> MM_rsUser.Close
> Response.Redirect(MM_redirectLoginFailed)
> End If
> Session("LogInID") = MM_rsUser("ClientID")
> %>
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml">
> <head>
>
> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"

/>

> <link href="../../global_css/global.css" rel="stylesheet" type="text/css"

/>

> <script language="JavaScript" type="text/JavaScript">
> <!--
> function MM_preloadImages() { //v3.0
> var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
> var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0;

i<a.length;

> i++)
> if (a.indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a;}}
> }
> //-->
> </script>
> <script language='JavaScript'>
> <!--
> document.write("<scr"+"ipt language='JavaScript' SRC='" +
> PL_adjustPath("/Pluginlab/Scripts/PLHFO.js") + "'></scr"+"ipt>");/*

PLHFOMenu

> script */
>
> function MM_findObj(n, d) { //v4.01
> var p,i,x; if(!d) d=document;
> if((p=n.indexOf("?"))>0&&parent.frames.length) {
> d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
> if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++)
> x=d.forms[n];
> for(i=0;!x&&d.layers&&i<d.layers.length;i++)
> x=MM_findObj(n,d.layers.document);
> if(!x && d.getElementById) x=d.getElementById(n); return x;
> }
>
> function MM_validateForm() { //v4.0
> var i,p,q,nm,test,num,min,max,errors='',args=MM_valida teForm.arguments;
> for (i=0; i<(args.length-2); i+=3) { test=args[i+2];

val=MM_findObj(args);

> if (val) { nm=val.name; if ((val=val.value)!="") {
> if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
> if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an

e-mail

> address.\n';
> } else if (test!='R') { num = parseFloat(val);
> if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
> if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
> min=test.substring(8,p); max=test.substring(p+1);
> if (num<min || max<num) errors+='- '+nm+' must contain a number
> between '+min+' and '+max+'.\n';
> } } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is

required.\n';

> }
> } if (errors) alert('The following error(s) occurred:\n'+errors);
> document.MM_returnValue = (errors == '');
> }
> //-->
> </script>
> </head>
>
> <%
> If Session("LogInIDusing") = "" Then
> Response.Write("Session is Empty")
> Else
> Response.Write("Session is ")
> Response.Write(Session("LogInIDusing"))
> End If
> %>
>
>
> Lastly, I may need your direction in how to filter the recordset on the
> dynamically pre-populated pages. I am assuming the combination in the

boxes

> will be:
>
> ClientID
> =
> Session Variable
> ClientID
>
> Thank you for hanging in there with me. You are a true Godsend!
>
> Jeremy
>

[Jeremy Williams]

I replaced the code and unfortunately, I am still getting the cannot open page error. Here is the link to that page:

[url]http://www.bwglaw.net/construction/logIn/index.asp[/url]

Jeremy

[-D-]

Jeremy,

Can you paste the code for line 39 where the error is occurring? I think it
is because no recordset is defined.

The reason why you are only getting the first record is because
Session("LogInID") is empty, so the default value of 1 is used in the WHERE
clause.

Create the recordset where you get the ClientID based on the username and
password, then set:

Session("LogInID") = the recordset value for the ClientID

Let me know if you have trouble creating the recordset that gives you the
ClientID.

-D-

"Jeremy Williams" <webforumsuser@macromedia.com> wrote in message
news:dmkn7b$o8p$1@forums.macromedia.com...

> I replaced the code and unfortunately, I am still getting the cannot open

page error. Here is the link to that page:

>
> [url]http://www.bwglaw.net/construction/logIn/index.asp[/url]
>
> Jeremy

[Jeremy Williams]

Hi -D-,

Here is the code from line 39 of my log-in page

Session("LogInID") = MM_rsUser("ClientID")

I'm attempting to make that recordset for the main "success" page once the
user is logged in.

Jeremy

[Jeremy Williams]

I think I may need some additional explanation on creating the recordset on the "success" page. Can we say I'm getting a bit brain dead?! :-)

[Jeremy Williams]

-D-

I think we may have gotten this thing to work! I've just been re-reading
through your posts and I think it has finally clicked! I'm working on it right
now. This is so cool if it keeps working!!! You are so cool!!

I do have one more question for you. I am setting up a CDONTS script to email
the administrator so he/she knows when a client has inserted a new record into
the database. Is there any way that the administrator can then go into the web
site and download the database with the new information without having to use
an external ftp program to download it?

Thank you so much,
Jeremy Williams

[-D-]

Hi Jeremy,

Glad you have it working!

Regarding your database question, are you using an Access database that
needs to be backed up to another database system? I'm not sure on the
different ways to backup one database to another? There is probably a way
to have a nightly process to backup and restore to a new database. I'm not
sure the best route to do that though. Wish I could be of more help with
that one.

Regards,
-D-

"Jeremy Williams" <webforumsuser@macromedia.com> wrote in message
news:dml4g2$ekn$1@forums.macromedia.com...

> -D-
>
> I think we may have gotten this thing to work! I've just been re-reading
> through your posts and I think it has finally clicked! I'm working on it

right

> now. This is so cool if it keeps working!!! You are so cool!!
>
> I do have one more question for you. I am setting up a CDONTS script to

email

> the administrator so he/she knows when a client has inserted a new record

into

> the database. Is there any way that the administrator can then go into

the web

> site and download the database with the new information without having to

use

> an external ftp program to download it?
>
> Thank you so much,
> Jeremy Williams
>