Hello everyone. I am working on this assignment, that is suppose to allow users to login using a database to verify the account. However I'm having several issues and was wondering if somone could provide me with some help. This script should verify the users input with the database upon submitting and redirect to menu.asp here is the code: Also for some reason variables userName and passwd are not showing any input from the user. Thank you in advance.
<% OPTION EXPLICIT %><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><%
' Please do not modify this part
'
'Debugging Statements
Response.write "var=" & Server.HTMLEncode(userName) & " [" & TypeName(userName) & "]" & "</br>"
Response.write "var=" & Server.HTMLEncode(passwd) & " [" & TypeName(passwd) & "]" & "</br>"
'ASP CODE BLOCK STARTS HERE!!
'These are used to capture HTML input from the form below
Dim userName, submit, passwd
'Output Messages for error checking
Dim usrMsg, passwdMsg
Dim welcomSession, userNameFlag, passwdFlag, recordFound
'Used to capture the users input
username = trim(request.form("userName")) 'Trims the input for trailing spaces
passwd = trim(request.form("passwd")) 'Trims the input for trailing spaces
submit = request.form("submit") 'Trims the input for trailing spaces
if submit <> "" then 'This is used to submit the form
'This validates the first user input field
if len(userName) = 0 then 'checks to see if the username has zero characters
usrMsg = "Please enter a valid username" 'outputs correct message
userNameFlag = FALSE
elseif len(userName) < 4 then 'Checks if username meets the 8 charcter min
usrMsg = "Please enter a username with at least 4 characters"
userNameFlag = FALSE
elseif isNumeric(userName) = TRUE then 'Validates if the string isNumericc
usrMsg = "Username cannot be just numbers"
userNameFlag = FALSE
end if 'ends the first field
'Validates the password feild
if len(passwd) = 0 then 'If the length = 0 then error message is sent to the page
passwdMsg = "Please enter a valid password"
passwdFlag = FALSE
elseif len(passwd) < 7 then
passwdMsg = "Please enter a password with at least 7 characters" 'Password must be at least 7 characters or error message will prompt the user
passwdFlag = FALSE
elseif isNumeric(passwd) = TRUE then 'Looks for a numeric value
passwdMsg = "Password cannot be just numbers"
passwdFlag = FALSE
end if 'Closes the second feild
'Database Stuff Starts Here
if submit = submit and userNameFlag = TRUE and passwdFlag = TRUE Then
'Look up user inside the database
'Create the connection object
set conn = server.createobject("ADODB.Connection")
'Opena DSN-Less Database Connection
MdbFilePath = server.MapPath("DB-Repair")
conn.open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=" & MdbFilePath &";"
'Create the SQL Statement to request a single user record
sql = "SELECT * FROM ACCOUNTS WHERE userid = '" & userName & "'"
set rs = server.createobject("ADODB.RecordSet")
rs.open sql, conn
'Check if email entered is in the record database
if rs.BOF AND rs.EOF then
usrMsg = "User cannot be found"
recordFound = FALSE
else
recordFound = TRUE
if submit = submit then
if passwd <> rs("passwd") then
passwdMsg = "Password cannot be found"
passwdFlag = FALSE
elseif submit = submit and userName = rs("userid") and passwd = rs("password") then 'There is a record
session("userName") = rs("userid")
session("passwd") = rs("password")
session("fname") = rs("fname")
session("lname") = rs("lname")
session("dept") = rs("dept")
session("ext") = rs("ext")
session("admin") = rs("admin")
response.redirect = "menu.asp"
end if
end if 'Ends the database stuff
rs.close
set rs = nothing
conn.close
set conn = nothing
end if
end if
end if
%><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>ABC Company - Login</title><style type="text/css"><!--
body {
background-color: #FFC;
}
#form1 div table tr td strong {
color: #F00;
}
strong {
color: #F00;
}
--></style></head><body><h1 align="center"><font color="red">Group XX Company<br />
Desktop Maintenance</font></h1><p align="center"><strong>Please login below </strong></p><!-- Form information is used to capture the HTML from the page and process it. Names correspond with the above ASP code --><form name="form1" method = "post" action=""><p align="center">Employee ID: <input name="userName" id="userName" type="text" /> </p><p align="center">Password: <input name="passwd" id="passwd" type="password" /> </p><p align="center"><input checked="checked" name="remember" value="checkit" type="checkbox" />Remember Employee ID<br /></p><p align="center"> <input name="submit" id="submit" value="submit" type="submit" /> </p><p align="center"><font color="red"><%=usrMsg%> </br> <%=passwdMsg%></font></p></form><p align="center"> </p></body></html>