The Global.asax and all those app vars do not need to be involved.
look @
http://www.learnasp.com/learn/security.asp
to do what you want in a simple understandable way.
On Thu, 13 Jan 2005 21:32:46 -0000, lis_tanz <[EMAIL PROTECTED]> wrote:
>
>
> Hi -
> I am creating a site that requires users to input their email
> address and password (both obtained when they register with the
> site). However, I can't seem to get the validation script to link
> with my database. (I will add that I'm not a Web designer by trade
> but am learning a lot through this process!) My db connection is
> called "registration" and the data is stored in "Results". In the
> db, I used contact_email and contact_password as the names. In the
> form it's just email and password in the form field properties.
>
> Below are two sets of code: the global.asa from my site and the
> validation code.
>
> Global asa:
> <SCRIPT LANGUAGE=VBScript RUNAT=Server>
> Sub Application_OnStart
> '==FrontPage Generated - startspan==
> Dim FrontPage_UrlVars(2)
> '--Project Data Connection
> Application("registration_ConnectionString")
> = "DRIVER={Microsoft Access Driver
> (*.mdb)};DBQ=URL=fpdb/registration.mdb"
> FrontPage_UrlVars(1)
> = "registration_ConnectionString"
> Application("registration_ConnectionTimeout") = 15
> Application("registration_CommandTimeout") = 30
> Application("registration_CursorLocation") = 3
> Application("registration_RuntimeUserName") = ""
> Application("registration_RuntimePassword") = ""
> '--
> Application("FrontPage_UrlVars") = FrontPage_UrlVars
> '==FrontPage Generated - endspan==
> End Sub
> Sub Session_OnStart
> FrontPage_StartSession '==FrontPage Generated==
> FrontPage_ConvertFromODBC '==FrontPage Generated==
> End Sub
> Sub FrontPage_StartSession
> On Error Resume Next
> if Len(Application("FrontPage_VRoot")) > 0 then Exit Sub
>
> sFile = "global.asa"
> sRootPath = Request.ServerVariables("APPL_PHYSICAL_PATH")
> if Left(sRootPath,1) = "/" then sSep = "/" else sSep = "\"
> if Right(sRootPath,1) <> sSep then sRootPath = sRootPath &
> sSep
> sRootPath = sRootPath & sFile
>
> ' discover the VRoot for the current page;
> ' walk back up VPath until we match VRoot
> Vroot = Request.ServerVariables("PATH_INFO")
> iCount = 0
> do while Len(Vroot) > 1
> idx = InStrRev(Vroot, "/")
> if idx > 0 then
> Vroot = Left(Vroot,idx)
> else
> ' error; assume root web
> Vroot = "/"
> end if
> if Server.MapPath(Vroot & sFile) = sRootPath then
> exit do
> if Right(Vroot,1) = "/" then Vroot = Left(Vroot,Len
> (Vroot)-1)
> iCount = iCount + 1
> if iCount > 100 then
> ' error; assume root web
> Vroot = "/"
> exit do
> end if
> loop
> ' map all URL= attributes in _ConnectionString variables
> Application.Lock
> if Len(Application("FrontPage_VRoot")) = 0 then
> Application("FrontPage_VRoot") = Vroot
> UrlVarArray = Application("FrontPage_UrlVars")
> for i = 0 to UBound(UrlVarArray)
> if Len(UrlVarArray(i)) > 0 then
> FrontPage_MapUrl(UrlVarArray(i))
> next
> end if
> Application.Unlock
> End Sub
> Sub FrontPage_MapUrl(AppVarName)
> ' convert URL attribute in conn string to absolute file
> location
> strVal = Application(AppVarName)
> strKey = "URL="
> idxStart = InStr(strVal, strKey)
> If idxStart = 0 Then Exit Sub
> strBefore = Left(strVal, idxStart - 1)
> idxStart = idxStart + Len(strKey)
> idxEnd = InStr(idxStart, strVal, ";")
> If idxEnd = 0 Then
> strAfter = ""
> strURL = Mid(strVal, idxStart)
> Else
> strAfter = ";" & Mid(strVal, idxEnd + 1)
> strURL = Mid(strVal, idxStart, idxEnd - idxStart)
> End If
> strOut = strBefore & Server.MapPath(Application
> ("FrontPage_VRoot") & strURL) & strAfter
> Application(AppVarName) = strOut
> End Sub
> Sub FrontPage_ConvertFromODBC
> On Error Resume Next
> if Len(Application("ASP_OS")) > 0 then exit sub
> str = "_ConnectionString"
> slen = Len(str)
> set oKnown = Server.CreateObject("Scripting.Dictionary")
> oKnown.Add "DRIVER",""
> oKnown.Add "DBQ",""
> oKnown.Add "SERVER",""
> oKnown.Add "DATABASE",""
> oKnown.Add "UID",""
> oKnown.Add "PWD",""
> Application.Lock
> For each item in Application.Contents
> if UCase(Right(item,slen)) = UCase(str) then
> sName = Left(item,Len(item)-slen)
> sConn = Application(item)
> if InStr(LCase(sConn),"provider=") < 1 and
> Len(Application(sName & "_ConnectionTimeout"))>0 then
> sArr = Split(sConn,";")
> set oDict = Server.CreateObject
> ("Scripting.Dictionary")
> bUnknown = False
> for i = 0 to UBound(sArr)
> s = sArr(i)
> idx = InStr(s,"=")
> sKey = UCase(Trim(Left(s,idx-
> 1)))
> sVal = Trim(Mid(s,idx+1))
> oDict.Add sKey, sVal
> if Not oKnown.Exists(sKey)
> then bUnknown = True
> next
> if bUnknown = False and oDict.Exists
> ("DRIVER") then
> sDrv = oDict.Item("DRIVER")
> sNew = ""
> if InStr(sDrv,"Microsoft
> Access") > 0 and oDict.Exists("DBQ") and not (oDict.Exists("UID") or
> oDict.Exists("PWD")) then
> sNew
> = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & oDict.Item("DBQ")
> elseif InStr(sDrv,"SQL
> Server") > 0 and oDict.Exists("SERVER") and oDict.Exists("DATABASE")
> then
> sNew
> = "Provider=SQLOLEDB;Data Source=" & oDict("SERVER") & ";Initial
> Catalog=" & oDict("DATABASE")
> if oDict.Exists
> ("UID") then sNew = sNew & ";User ID=" & oDict("UID")
> if oDict.Exists
> ("PWD") then sNew = sNew & ";Password=" & oDict("PWD")
> end if
> if sNew <> "" then
> Application(item) =
> sNew
> end if
> end if
> set oDict = Nothing
> end if
> end if
> Next
> Application.Unlock
> Set oKnown = Nothing
> End Sub
> </SCRIPT>
> <head><title>Web Settings for Active Server Pages</title><html
> xmlns:mso="urn:schemas-microsoft-com:office:office"
> xmlns:msdt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882">
> <!--[if gte mso 9]><xml>
> <mso:CustomDocumentProperties>
> <mso:connectionstatus
> msdt:dt="string">registration=2</mso:connectionstatus>
> </mso:CustomDocumentProperties>
> </xml><![endif]-->
> </head>
>
> Validation Script (gotten from Frontpagehowto.com and modified with
> my site's names):
> <%
> 'First we create a connection object
> Set Conn = Server.CreateObject ("ADODB.Connection")
> 'Next, we open the connection object by calling the connection string
> 'that FrontPage created and stored in the global.asa file when
> the "registration"
> 'connection was created
> Conn.Open Application("registration_ConnectionString")
>
> 'Then we create a record set object and a SQL statement
> Set RS = Conn.Execute ("SELECT * From Results WHERE contact_email
> = "'" & Request.Form("email") & "'"
> AND Contact_Password = "'" & Request.Form("password") & "'")
>
> 'Loop through the database to check for the users information
> Do until RS.EOF
> Pass = RS("Password")
> Name = RS("Email")
> RS.MoveNext
> loop
>
> 'Close the recordset and database connection
> RS.Close
> Conn.Close
>
> 'If the password given is not in the database then we don't do
> anything.
> 'Otherwise, we create the session objects
> IF pass = "" Then
> Message = "The Password you entered is either wrong or not found in
> our database. Please press the BACK button and try
>
> again."
> Else
> Session("Contact_Password") = Pass
> Session("Contact_Email") = Email
>
> 'Now we will check to see it there is a session object for an
> original URL.
> 'This would have been created (as you will see later) if the user
> first tried
> 'to visit a protected page. If so, we send them there. If not, we
> stay here.
> IF Session("Ori_URL") = "" Then do nothing
> Else
> Response.redirect(session("Ori_URL"))
> End IF
> End IF
> %>
>
> I have other ASP pages that seem to work fine but should I check
> with my hosting company to see if it's something on their end? BTW,
> the DB was created by FrontPage.
>
> The site is still in beta but is "live" since I don't have a server
> on my computer. You can reach it at www.stlcoaches.org.
>
> Thanks very much!
>
> Lis
>
>
>
>
>
>
>
> ________________________________
> Yahoo! Groups Links
>
> To visit your group on the web, go to:
> http://groups.yahoo.com/group/AspClassicAnyQuestionIsOk/
>
> To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
>
> Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/AspClassicAnyQuestionIsOk/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
