<% @language="vbscript" %>
<%
' Do not cache this page.
Response.CacheControl = "no-cache"
' Define the name of the Home Page
Const HOME_PAGE = "/default.asp"
' Define the name of the users table.
Const USERS_TABLE = "tblUsers"
' Define the path to the logon page.
Const LOGON_PAGE = "/Logon/logon.asp"
' Define the path to the logout page.
Const LOGOUT_PAGE = "/Logon/logout.asp"
' Define the path to the logon database.
Const MDB_URL = "/fpdb/logon.mdb"
Const dbUserName = "" ' username for db
Const dbPassword = "" ' password for db
' Check to see whether you have a current user name.
If Len(Session("uid")) = 0 Then
' Are you currently on the logon page?
If LCase(LOGON_PAGE) <> LCase(Request.ServerVariables("url")) Then
' If not, set a session variable for the page that made the request...
Session("REFERRER") = Request.ServerVariables("url")
' ...and redirect to the logon page.
Response.Redirect LOGON_PAGE
End If
End If
' This function checks for a username/password combination.
Function ComparePassword(uid,pwd)
' Define your variables.
Dim strSQL, objCN, objRS
' Set up your SQL string.
strSQL = "SELECT * FROM " & USERS_TABLE & " WHERE (UID='" & uid & "' AND PWD='" & pwd & "');"
' Create a database connection object.
Set objCN = Server.CreateObject("ADODB.Connection")
' Open the database connection object.
'objCN.Open "driver={Microsoft Access Driver (*.mdb)}; dbq=" & Server.MapPath(MDB_URL) & "; uid=admin; pwd="
objCN.Open "PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE=" & Server.MapPath(MDB_URL), dbUserName, dbPassword
' Run the database query.
Set objRS = objCN.Execute(strSQL)
if Not objRS.EOF then
if len(objRS("Admin"))=4 then
Session("admin")="1" ' TRUE or true = 4 it's a little trick
else Session("admin")=Empty
end if
if len(objRS("Enabled"))=4 then
Session("enabled")="1"
else Session("enabled")=Empty
end if
ComparePassword = True
else
ComparePassword = False 'Wrong UID or PWD
end if
' Close your database objects.
Set objRS = Nothing
Set objCN = Nothing
End Function
Function isLogged() ' Function Return True for Logged User, something like this must called in the begin of each protected asp file.
if Len(Session("uid"))=0 then
isLogged=False
else isLogged=True
end if
End Function
Function logState() ' Function Return String Shows user state in system and logout text link
If Len(Session("uid")) = 0 Then
Response.Write "You are not logged on.
"
Else
Response.Write "You are logged on as: " & Session("uid") & " | Logout
"
End If
End Function
Function isAdmin() 'Function Return True for Admin and Else for other users.
isAdmin=Cbool(Len(Session("admin")))
End function
Function isEnabled() ' Function return True for Enabled users and Else for others.
isEnabled=CBool(Len(Session("enabled")))
End function
%>
<%
' Was this page posted to?
If UCase(Request.ServerVariables("HTTP_METHOD")) = "POST" Then
' If so, check the username/password that was entered.
If ComparePassword(Request("uid"),Request("pwd")) Then
' If comparison was good, store the user name...
Session("uid") = Request("uid")
if Request.Form("cbrem")="on" then 'Remember me flag is ON: storing UID and PWD in cookies
Response.Cookies("jsfpl")("1") = Request("uid")
Response.Cookies("jsfpl")("2") = Request("pwd")
Response.Cookies("jsfpl").Expires = Now+30 ' Cookie keep time in days: here is 30 days from present
else 'Erase Cookie if flag is not set
Response.Cookies("jsfpl")("1") = ""
Response.Cookies("jsfpl")("2") = ""
Response.Cookies("jsfpl").Expires = Now-1
end if
on error resume next
' ...and redirect back to the original page.
Response.Redirect Session("REFERRER")
if err then
response.write "
Error is: " & Err.Description
response.write "
Uid is: " & Session("UID")
response.write "
Ref is: " & Session("REFERRER")
End if
End If
End If
'If this page is not posted then run code below:
Dim User,Pass,chb
User="" & Request.Cookies("jsfpl")("1")
Pass="" & Request.Cookies("jsfpl")("2")
if Not( User="" and Pass="") then
chb="checked"
end if
%>
Logon Page