Thread: ASP-MySQL: Advance Login Page [Step-By-Step Tutorial - Example In Action]
View Single Post
  #2 (permalink)  
Old Oct 25th, 2007, 04:58
Monie Monie is offline
Most Reputable Member
Join Date: Feb 2004
Location: Borneo
Age: 27
Posts: 1,608
Blog Entries: 2
Thanks: 0
Thanked 4 Times in 3 Posts
Send a message via Yahoo to Monie
Re: ASP-MySQL: Advance Login Page [Part 2: Validation]
Welcome to Part 2 of our tutorial...

Ok, we have created our login form in the "ASP-Way", I would say, now it is time for us to process them!

In this page, we are going to validate the user input that they have entered in the login form before performing any further proces.
Below is the validate.asp page, and I have included enough comment that I hope will make you better understand what's is going on in each line of code.

Code: Select all
<%
   'Capture and Assign the username and password value that the user have entered, input to a variable!
    Username = Request.Form("txtUsername")    
    Password = Request.Form("txtPassword")
    
   'If user did not enter anything into the textfield or accidentally press the submit button, alert user with QueryString!
    If Username = "" or Password = "" Then
        Response.Redirect("login.asp?login=bothempty")
    End If

    'MySQL Database connection to retrieve all the information according to the username!
    Dim connectionString, conn, rs
    connectionString = "DRIVER={MySQL ODBC 3.51 Driver}; SERVER=localhost; DATABASE=mydatabase; UID=root; PASSWORD=mypassword;"
    Set conn = Server.CreateObject("ADODB.Connection")
    conn.Open(connectionString)
    Set rs = conn.Execute("SELECT * FROM userlogin where username='"& Username &"'")   

    'If there is no record with the entered username, close connection and go back to main page with QueryString!
    'Or in other words, if the username does not exist in the database, then the system will alert the user!
     If rs.BOF AND rs.EOF Then
        rs.Close
        conn.Close
        set rs=nothing
        set conn=nothing
        Response.Redirect("login.asp?login=usernamefailed")
     End If

    'If entered password exist in the database, close connection and open mainpage (Success Login)
    'ASP will check whether the password entered by the user exist in the database, 
    'If it exist then you will be rediredted to the success page!
     If rs("password") = Password Then
        
        'Assign Session variable value to the entered username for login security!
        'Once you Log Out, the session value will be cleared off in the logout.asp page!
        Session("name") = Request.Form("txtUsername")
        
        rs.Close
        conn.Close
        set rs=nothing
        set conn=nothing
        Response.Redirect("success.asp") 'Redirect user to the success page!
    
    'If entered password does not exist in the database, close connection and return to main page with QueryString!
     Else
        rs.Close
        conn.Close
        set rs=nothing
        set conn=nothing
        Response.Redirect("login.asp?login=passfailed")
     End If
%>
Alright, we have successfully validate our user login information.
On our next tutorial, we will look into the Log Out page, but first, let us see what is the success.asp looks like.

Last edited by Monie; Oct 25th, 2007 at 05:06.