Add field to password logon.

[Dave Lagergren]

I am using the followign code for logon to a site. I need to add a fiedl
named LVL to define the level of access. I have it defined as text in the
access database. How do I retreive it ? Here is the code I am using in an
..inc file:

' This function checks for a username/password combination.
Function ComparePassword(UID,PWD,LVL)
' Define your variables. LVL is used to set the level of access granted
to a user.
Dim strSQL, objCN, objRS, objLVL
' Set up your SQL string.
strSQL = "SELECT * FROM " & USERS_TABLE & _
" WHERE (UID='" & ParseText(UID) & _
"' AND PWD='" & ParseText(PWD) & "');"
' Create a database connection object.
Set objCN = Server.CreateObject("ADODB.Connection")
' Open the database connection object.
objCN.Open "driver={Microsoft Access Driver (*.mdb)}; dbq=" & _
Server.MapPath(MDB_URL) & "; uid=admin; pwd="
' Run the database query.
Set objRS = objCN.Execute(strSQL)
' Set the status to true/false for the database lookup.
ComparePassword = Not(objRS.EOF)
' Get the access level for this user

' HERE I NEED TO GET THE VALUE FOR LVL AND SET IT TO A SESSION VARIABLE

' Close your database objects.
Set objRS = Nothing
Set objCN = Nothing
End Function

 

[Stefan B Rusynko]

Just Add

Session("UserRights") = objRS("YourRightsFieldName")

PS
also include a function to return them to the login page if validation fails
_____________________________________________
SBR @ ENJOY (-: [ Microsoft MVP - FrontPage ]
"Warning - Using the F1 Key will not break anything!" (-;
_____________________________________________


|I am using the followign code for logon to a site. I need to add a fiedl
| named LVL to define the level of access. I have it defined as text in the
| access database. How do I retreive it ? Here is the code I am using in an
| .inc file:
|
| ' This function checks for a username/password combination.
| Function ComparePassword(UID,PWD,LVL)
| ' Define your variables. LVL is used to set the level of access granted
| to a user.
| Dim strSQL, objCN, objRS, objLVL
| ' Set up your SQL string.
| strSQL = "SELECT * FROM " & USERS_TABLE & _
| " WHERE (UID='" & ParseText(UID) & _
| "' AND PWD='" & ParseText(PWD) & "');"
| ' Create a database connection object.
| Set objCN = Server.CreateObject("ADODB.Connection")
| ' Open the database connection object.
| objCN.Open "driver={Microsoft Access Driver (*.mdb)}; dbq=" & _
| Server.MapPath(MDB_URL) & "; uid=admin; pwd="
| ' Run the database query.
| Set objRS = objCN.Execute(strSQL)
| ' Set the status to true/false for the database lookup.
| ComparePassword = Not(objRS.EOF)
| ' Get the access level for this user
|
| ' HERE I NEED TO GET THE VALUE FOR LVL AND SET IT TO A SESSION VARIABLE
|
| ' Close your database objects.
| Set objRS = Nothing
| Set objCN = Nothing
| End Function
|
|
| --
| Dave Lagergren
| Manager - Data Applications
| Wireless Management, Inc
| Specializing in cellular wireless applications

 

[Ronx]

The code I use for is:

If UCase(Request.ServerVariables("HTTP_METHOD")) = "POST" Then
strSQL = "Select UserId,Password,cCode,Pages FROM " & USERS_TABLE & "
WHERE (UserId=""" & ParseText(request("UID")) & """ AND Password=""" &
ParseText(request("PWD")) & """);"

myConnString = Application("Database1_ConnectionString")
set objCN = Server.CreateObject("ADODB.Connection")
objCN.open myConnString

Set objRS = objCN.Execute(strSQL)
'set status to True or False for the database lookup
ComparePassword = Not(objRS.EOF)

If ComparePassword Then
' If comparison was good, store the user name...
Session("UID") = objRS("UserId")
Session("PGE") = objRS("Pages")
Session("CDE") = objRS("cCode")
' ...and redirect back to the original page.
Response.Redirect Session("REFERRER")
End If
Set objRS = Nothing
Set objCN = Nothing
End If


Here, either cCode or Pages would be equivalent to your LVL

I think we both started from the same article here...

 

[Dave Lagergren]

Got it. Thanks. I was really close in how I was going to do it but you got me
right where I needed to be.