Why is passed in value not being matched with fields.item

ASP Free Forums Sponsor:

November 4th, 2009, 01:05 PM

mike777

Registered User

Join Date: Oct 2009

Posts: 11

Time spent in forums: 4 h 12 sec
Reputation Power: 0

VBScript - Database - Recordset - Why is passed in value not being matched with fields.item

Hi, I'm using access backend and I just want a form value to be matched up with a fields record on submit. My code is below...

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%
Dim conn, sConnString
Set conn = Server.CreateObject("ADODB.Connection")
sConnString = "PROVIDER=Microsoft.Jet.OLEDB.4.0;DATA SOURCE=" & Server.MapPath("database\myDB.mdb")
conn.Open(sConnString)

Set rs = Server.CreateObject("ADODB.Recordset")
'rs.Open "SELECT ID FROM tblIDs ORDER BY ID", conn
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
</head>

<body>
<%
'login
If Request.ServerVariables("REQUEST_METHOD") <> "POST" Then
Response.Write("<p>Please Log in with provided ID Number:</p>")
Response.Write("<form id=""form1"" name=""form1"" action=""Index.asp"" method=""Post"">")
Response.Write("<input type=""text"" id=""IDLogin"" name=""IDLogin"" /><br />")
Response.Write("<input type=""submit"" id=""loginSubmit"" name=""loginSubmit"" value=""Login"" /><br />")
Response.Write("</form>")
End If

If Request.ServerVariables("REQUEST_METHOD") = "POST" Then
rs.open "SELECT ID FROM tblIDs WHERE ID = 1", conn
If rs.RecordCount > 0 Then
Response.Redirect("Index1.asp?ID=" & Request.Form("IDLogin"))
End If
' Do while Not rs.Eof
' if Request.Form("coachIDLogin") = rs.Fields.Item("coachID") Then
' response.Redirect("Index1.asp?ID=" & Request.Form("IDLogin"))
' End If
' rs.MoveNext
'Loop
End If
%>
</body>
</html>

the bolded part above is where it's failing. The code is not going into the block where it detects if a record match is found. It just won't find a match it seems! above, I even just hardcoded a value in. And it's not detecting it.

November 4th, 2009, 03:10 PM

bigmike1212

Option Explicit, baby.

Join Date: Jan 2009

Location: Neighborhood of Make-Believe

Posts: 554

Time spent in forums: 5 Days 17 h 55 m 27 sec
Reputation Power: 146

I wouldn't check using request.servervariables. I'm sure one can do it that way, but I thougth sometimes the server stuff has values and sometimes it doesn't depending on where the user came from. A page that submits to itself complicates things also I think. Others will know better.

I would use the submit button.

If Request.Form("loginSubmit") = "Login" Then

__________________
Fremen United! Folding@Home team ID 169647. All Fremen welcome.

November 4th, 2009, 03:11 PM

mike777

Registered User

Join Date: Oct 2009

Posts: 11

Time spent in forums: 4 h 12 sec
Reputation Power: 0

Quote:

Originally Posted by bigmike1212

I wouldn't check it request.servervariables. I'm sure one can do it that way, but I thougth sometimes the server stuff has values and sometimes it doesn't depending on where the user came from. A page that submits to itself complicates things also I think. Others will know better.

I would use the submit button.

If Request.Form("loginSubmit") = "Login" Then

Hm, well that would work just to make sure they clicked login, but I want to make sure they are entering a number that will be in the db

November 4th, 2009, 03:15 PM

bigmike1212

Option Explicit, baby.

Join Date: Jan 2009

Location: Neighborhood of Make-Believe

Posts: 554

Time spent in forums: 5 Days 17 h 55 m 27 sec
Reputation Power: 146

Quote:

Originally Posted by mike777

Hm, well that would work just to make sure they clicked login, but I want to make sure they are entering a number that will be in the db

Yes, you check if they hit login. If they did you do your SQL query and authenticate them. If they didn't you show them the login form. Just what you are doing now essentially just using a different method to make the choice.

November 4th, 2009, 11:28 PM

bigmike1212

Option Explicit, baby.

Join Date: Jan 2009

Location: Neighborhood of Make-Believe

Posts: 554

Time spent in forums: 5 Days 17 h 55 m 27 sec
Reputation Power: 146

Mike777,

This is the unsophisticated amateur login script I use. Maybe it will help your thinking.

asp Code:

Original - asp Code

<%@ Language="VBScript" %>
<%Option Explicit %>
<%Response.Expires = -1000 %>
<%Response.Buffer = True %>
 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
   "http://www.w3.org/TR/html4/strict.dtd">
<html>
 
<head>
<title>login.asp</title>
 
 
<h2>Login</h2>
 
 
<%
'set up a function to clean user input
dim regex
Function DeleteChars(str)
Set regex = New RegExp
regex.pattern="(http://|\.js|[\\{}':;%()])"
regex.Global = True
DeleteChars = regex.Replace(str,"")
Set regex = Nothing
End Function 
 
'heart of the matter
If Request.Form("submit") = "Login" Then
CheckLoginForm
Else
ShowLoginForm
End If
%>
 
 
<%
Sub CheckLoginForm
 
Dim rs, data_source, SQL, buser_id, bpass
 
data_source = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" &_
Server.MapPath("databasename.mdb")
set rs = Server.CreateObject("ADODB.Recordset")
 
'get your user submitted login info
buser_id = request.form("username")
bpass= request.form("password")
 
'clean it 
buser_id= DeleteChars(buser_id)
bpass= DeleteChars(bpass)
 
'go see if it exists
SQL= "SELECT * FROM table where user='" & buser_id & "' and pass='" & bpass & "'"
rs.Open SQL, data_source
 
'if it is eof then it doesn't exist so don't let them in
If rs.Eof Then 
Response.Write "<p>Please log in.</p>"
ShowLoginForm 
Else
'if it exists they are good to go let them in
Session("logged_in") = True
Session("user_logged_in") = rs("user")
response.redirect "main.asp"
End If
End Sub
%>
 
 
<p>
<% Sub ShowLoginForm %>
 
<!-- basic form -->
<form name="form" style="width:30%;" action="login.asp" method="post">
 
<fieldset>
    <legend>Login</legend>
 
<label for="username"> Username:</label>
<input name="username" id="username" type="text" />
<br>
<label for="password"> Password:</label>
<input name="password" id="password" type="password" />
 
</fieldset>
<br>
<input class="fm-req" id="fm-submit" name="Submit" value="Login" type="submit" />
</form>
<% End Sub %>
</p>
 
</body>
</html>

Then on your pages behind the login you check to see if they are logged in

asp Code:

Original - asp Code
<%@ Language="VBScript" %> <% Option Explicit %> <% Response.CacheControl = "no-cache" Response.AddHeader "Pragma", "no-cache" Response.AddHeader "cache-control","private" Response.Expires = -1%> <% If Session("logged_in") <> True Then Response.Redirect("login.asp") End If %>

<%@ Language="VBScript" %> 
<% Option Explicit %> 
<%
Response.CacheControl = "no-cache"
Response.AddHeader "Pragma", "no-cache"
Response.AddHeader "cache-control","private"
Response.Expires = -1%>
 
<%
If Session("logged_in") <> True Then
Response.Redirect("login.asp")
End If
%>

You can then echo back on those pages with:

asp Code:

Original - asp Code
<div style="float:right;"> <p>Logged in as: <%= Session("user_logged_in") %> </div>

 
<div style="float:right;">
<p>Logged in as: <%= Session("user_logged_in") %>
</div>

HTH,

BigMike

Last edited by bigmike1212 : November 4th, 2009 at 11:32 PM.

November 7th, 2009, 10:00 PM

bigmike1212

Option Explicit, baby.

Join Date: Jan 2009

Location: Neighborhood of Make-Believe

Posts: 554

Time spent in forums: 5 Days 17 h 55 m 27 sec
Reputation Power: 146

You're welcome.

Viewing: ASP Free Forums > Programming > ASP Development > VBScript - Database - Recordset - Why is passed in value not being matched with fields.item

« Previous Thread | Next Thread »

Thread Tools	Search this Thread
Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox

Forum Jump

Free IT White Papers!

How to Present Effectively Online
This white paper offers practical and actionable advice on the key steps that any presenter should consider as they plan and execute a Webinar or online meeting.

Open Source Security Myths
Open Source Software (OSS) is computer software whose source code is available to the general public with relaxed or non-existent intellectual property restrictions (or arrangement such as the public domain), and is usually developed with the input of many contributors.

Power and Cooling Capacity Management for Data Centers
This paper describes the principles for achieving power and cooling capacity management.

Scalable, Fault-Tolerant NAS for Oracle - The Next Generation
For several years NAS has been evolving as a storage alternative for Oracle databases, and for good reason: NAS is quite often the simplest, most cost-effective storage approach for Oracle. Learn about the benefits that HP's approach to scalable NAS brings to Oracle environments in this comprehensive white paper.

Understanding Web Application Security Challenges
This white paper discusses many common threats and preventive measures for Web application security, and explains what you can do to help protect your organization.

More Free IT White Papers!