retain user rights
am 21.01.2008 18:51:44 von navinHi All,
i have created a login page for my intranet website. when user logs
in, it also check for the rights which the user has ("admin", "user").
what i want to acheive is that, once user log in, based on the type of
permission, they will be allowed to delete data dispplayed in the
page.
I tried doing this by creating a session variable at the time of
logging in but when i try to retrieve this session variable, it does
not return anything.
Please help and let me know how can i retain the login information for
a user so that it can be used till user leaves the site. below is the
code from login page:
Set cnnSimple = Server.CreateObject("ADODB.Connection")
SQLstr="SELECT * FROM tblBuyers WHERE buyerUserName='" & userName & "'
AND buyerPassword='" & pwd & "';"
'Response.Write(SQLstr)
cnnSimple.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
strDBPath & ";"
Set rstSimple = cnnSimple.Execute(SQLstr)
if rstSimple.EOF=True Then 'and (IsNull(userName)=True OR
IsNull(pwd)=True) then
ValFound=False
Response.Write ("Login Not Found")
else
ValFound=True
'Response.Redirect("/indportal/Home.html")
end if
if valFound=True Then
Response.Redirect("/indportal/Home.html")
Session("UserRights")=rstSimple.Fields("buyerRights")
else
Response.Redirect("/indportal/login.asp")
end if
In the below code i am trying to retrieve the session variable which
was created a login time which come shows blank:
If Session("UserRights") = "admin" Then
Display the link for admin
else
Display the link for user.
end if
Please help!!
Thanks,
Navin