Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

sqldatasource dal, wwwxxxenden, convert raid5 to raid 10 mdadm, apache force chunked, nrao wwwxxx, xxxxxdup, procmail change subject header, wwwXxx not20, Wwwxxx.doks sas, linux raid resync after reboot

Links

XODOX
Impressum

#1: retain user rights

Posted on 2008-01-21 18:51:44 by navin

Hi All,

i have created a login page for my intranet website. when user logs
in, it also check for the rights which the user has ("admin", "user").
what i want to acheive is that, once user log in, based on the type of
permission, they will be allowed to delete data dispplayed in the
page.

I tried doing this by creating a session variable at the time of
logging in but when i try to retrieve this session variable, it does
not return anything.

Please help and let me know how can i retain the login information for
a user so that it can be used till user leaves the site. below is the
code from login page:

Set cnnSimple = Server.CreateObject("ADODB.Connection")

SQLstr="SELECT * FROM tblBuyers WHERE buyerUserName='" & userName & "'
AND buyerPassword='" & pwd & "';"

'Response.Write(SQLstr)

cnnSimple.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
strDBPath & ";"
Set rstSimple = cnnSimple.Execute(SQLstr)

if rstSimple.EOF=True Then 'and (IsNull(userName)=True OR
IsNull(pwd)=True) then
ValFound=False
Response.Write ("Login Not Found")

else
ValFound=True
'Response.Redirect("/indportal/Home.html")

end if

if valFound=True Then
Response.Redirect("/indportal/Home.html")
Session("UserRights")=rstSimple.Fields("buyerRights")
else
Response.Redirect("/indportal/login.asp")
end if

In the below code i am trying to retrieve the session variable which
was created a login time which come shows blank:

If Session("UserRights") = "admin" Then

Display the link for admin

else
Display the link for user.

end if

Please help!!

Thanks,
Navin

Report this message

#2: Re: retain user rights

Posted on 2008-01-22 00:58:43 by reb01501

navin wrote:
> if valFound=True Then
> Response.Redirect("/indportal/Home.html")
> Session("UserRights")=rstSimple.Fields("buyerRights")

Try reversing these last two lines. IOW, write the value to Session BEFORE
redirecting.
Plus, make sure rstSimple.Fields("buyerRights") contains a value.

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Report this message