Home arrow ASP arrow Page 4 - Session Replacement in ASP
ASP

Session Replacement in ASP


An alternative to using ASP's session object is to build your own using a database. In this article Rogier shows us how...

Author Info:
By: Rogier Doekes
Poor Best
Rating: 5 stars5 stars5 stars5 stars5 stars / 27
June 18, 2003
TABLE OF CONTENTS:
  1. · Session Replacement in ASP
  2. · Creating the Database
  3. · Session Check
  4. · The Login Page
  5. · Conclusion

print this article
SEARCH DEVARTICLES

TOOLS YOU CAN USE

advertisement
Session Replacement in ASP - The Login Page
(Page 4 of 5 )

The login page contains a form which gets submitted to itself, after which the results are handed to the database. The database comes back with a valid sessionID or with the value –1 if the login fails:

<%
Dim oCnn, oRs, sMessage, sSessionID
If Len(Request.Form(“cmdSubmit”)) > 0 Then

 Set oCnn = Server.CreateObject(“ADODB.Connection”)
 OCnn.Open “dsn=myDSN;uid=MyUid;pwd=myPwd;”
Set oRs = oCnn.Execute(“EXECUTE usp_ CheckLogin” & _
 “ @usid = ‘” & Trim(Lcase(Request.Form(“usid”))) & _
 “’, @password = ‘” & Trim(Request.Form(“password”)) & _
 “’”)

 sSessionID = oRs.Fields(0).Value
 ORs.Close
 OCnn.Close
 Set oCnn = Nothing

 If sSessionID = -1 Then
  SMessage = “username or password invalid”
 Else
  Response.Redirect (“/?id=” & sSessionID)
 End If
Else
 SMessage = “ ”
End If
%>
<html><head><title>login page</title></head>
<body>
<form method=”post” action=”login.asp”>
<table>
<tr><td colspan=”2”><h3>Login Page</h3></td></tr>
<tr><td colspan=”2”><% = sMessage%></td></tr>
<tr>
<td>user name<td>
<td><input type=”text” name=”usid”
value=”<% = Request.Form(“usid”)%>”></td>
</tr>
<tr>
<td>password<td>
<td><input type=”password” name=”password”
value=”<% = Request.Form(“password”)%>”></td>
</tr>
<tr>
<td> <td>
<td><input type=”submit” name=”cmdSubmit”
value=”login”></td>
</tr>
</table>
</form>
</body>
</html>

The section

If Len(Request.Form(“cmdSubmit”)) > 0 Then
..... End If

... will be executed when the form is submitted.

<%
Dim oCnn, oRs, sMessage, sSessionID
If Len(Request.Form(“cmdSubmit”)) > 0 Then

 Set oCnn = Server.CreateObject(“ADODB.Connection”)
 OCnn.Open “dsn=myDSN;uid=MyUid;pwd=myPwd;”
Set oRs = oCnn.Execute(“EXECUTE usp_CheckLogin” & _
 “ @usid = ‘” & Trim(Lcase(Request.Form(“usid”))) & _
 “’, @password = ‘” & Trim(Request.Form(“password”)) & _
 “’”)

 sSessionID = oRs.Fields(0).Value
 ORs.Close
 OCnn.Close
 Set oCnn = Nothing

 If sSessionID = -1 Then
  SMessage = “username or password invalid”
 Else
  Response.Redirect (“/?id=” & sSessionID)
 End If
Else
 SMessage = “ ”
End If
%>

Again, we establish a connection to the database, and this time pass the form elements “usid” en “password” to the stored procedure usp_CheckLogin.

We store the returning value in a variable called sSessionID and close the connection to the database. If the value of sSessionID is –1, we give a message which will be displayed in the form we just filled out, otherwise we redirect to the home page and tag the querystring(“id”) with the new sessionID.


blog comments powered by Disqus
ASP ARTICLES

- Central Scoreboard with Flash and ASP
- Calorie Counter Using WAP and ASP
- Creating PGP-Encrypted E-Mails Using ASP
- Be My Guest in ASP
- Session Replacement in ASP
- Securing ASP Data Access Credentials Using t...
- The Not So Ordinary Address Book
- Adding and Displaying Data Easily via ASP an...
- Sending Email From a Form in ASP
- Adding Member Services in ASP
- Removing Unconfirmed Members
- Trapping HTTP 500.100 - Internal Server Error
- So Many Rows, So Little Time! - Case Study
- XDO: An XML Engine Class for Classic ASP
- Credit Card Fraud Prevention Using ASP and C...
Find More ASP Tutorials

Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Weekly Newsletter
 
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 
Support 



© 2003-2012 by Developer Shed. All rights reserved. DS Cluster 2 - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials