Good Afternoon All,
I am having an issue with ASPRunnerPro When i create the site i cannot logon the first time although the second time it works fine. Any assistance would be amazing!
Mark
login.asp is here:
<!--#include file="include/dbcommon.asp"-->
<%if request.form("a")="logout" or request.querystring("a")="logout" then
session.Abandon()
Response.Cookies("username")=""
Response.Cookies("password")=""
Response.Redirect "login.asp"
response.end
end if%>
<!--#include file="libs/smarty.asp"-->
<%
dbConnection = ""
db_connect()
DoEvent "BeforeProcessLogin dbConnection"
myurl=SESSION("MyURL")
SESSION("MyURL")=""
defaulturl=""
defaulturl="menu.asp"
strMessage=""
pUsername=postvalue("username")
pPassword=postvalue("password")
if request.form("btnSubmit") = "Login" then
if request.form("remember_password") = 1 then
Response.Cookies("username") = pUsername
Response.Cookies("username").Expires = DateAdd("yyyy", 1, Now())
Response.Cookies("password") = pPassword
Response.Cookies("password").Expires = DateAdd("yyyy", 1, Now())
smarty.Add "checked"," checked"
else
Response.Cookies("username") = ""
Response.Cookies("password") = ""
smarty.Add "checked",""
end if
' username and password are stored in the database
Set rs = server.CreateObject("ADODB.Recordset")
strUsername = pUsername
strPassword = pPassword
Set rsTemp = server.CreateObject("ADODB.Recordset")
rsTemp.Open "select from [dbo].[_Security] where 1=0",dbConnection,1,2
if FieldNeedQuotes(rsTemp,cUserNameField) then
strUsername="'" & db_addslashes(strUsername) & "'"
else
strUsername=my_numeric(strUsername)
end if
if FieldNeedQuotes(rsTemp,cPasswordField) then
strPassword="'" & db_addslashes(strPassword) & "'"
else
strPassword=my_numeric(strPassword)
end if
rsTemp.close
strSQL = "select from [dbo].[Security] where " & AddFieldWrappers(cUserNameField) &
"=" & strUsername & " and " & AddFieldWrappers(cPasswordField) & "=" & strPassword
RetVal = True
DoEvent "RetVal = BeforeLogin(pUsername, pPassword)"
if RetVal = False then strSQL="select * from [dbo].[_Security] where 1<0"
rs.Open strSQL,dbConnection, 1, 2
'Call ReportError
if not rs.EOF then
strPassword = pPassword
if CStr(rs(cUserNameField))=pUsername and CStr(rs(cPasswordField))=strPassword then
SESSION("UserID") = pUsername
SESSION("AccessLevel") = ACCESS_LEVEL_USER
SESSION("GroupID") = dbvalue(rs("Access"))
SESSION("OwnerID") = dbvalue(rs("Username"))
SESSION("_dbo._Departments_OwnerID") = dbvalue(rs("Username"))
SESSION("_dbo._Holiday Quota_OwnerID") = dbvalue(rs("Username"))
SESSION("_dbo._Leave_OwnerID") = dbvalue(rs("Username"))
SESSION("_dbo._Security_OwnerID") = dbvalue(rs("Username"))
SESSION("_dbo._Staff_OwnerID") = dbvalue(rs("Username"))
SESSION("_dbo._Staff Group_OwnerID") = dbvalue(rs("Username"))
DoEvent "AfterSuccessfulLogin pUsername,pPassword"
if myurl<>"" then
response.Redirect myurl
else
response.Redirect defaulturl
end if
response.End
else
DoEvent "AfterUnsuccessfulLogin pUsername,pPassword"
strMessage = "Invalid Login"
end if
rs.MoveNext
else
DoEvent "AfterUnsuccessfulLogin pUsername,pPassword"
strMessage = "Invalid Login"
end if
rs.close
end if
SESSION("MyURL")=myurl
if myurl<>"" then
smarty.Add "url",myurl
else
smarty.Add "url",defaulturl
end if
if request.form("username")<>"" or request.querystring("username")<>"" then
smarty.Add "value_username","value=""" & my_htmlspecialchars(pUsername) & """"
else
smarty.Add "value_username","value=""" & my_htmlspecialchars(request.Cookies("username")) & """"
end if
if request.form("password")<>"" then
smarty.Add "value_password","value=""" & my_htmlspecialchars(pPassword) & """"
else
smarty.Add "value_password","value=""" & my_htmlspecialchars(request.Cookies("password")) & """"
end if
if request.querystring("message")="expired" then strMessage = "Your session has expired. Please login again."
smarty.Add "message",strMessage
templatefile = "login.htm"
DoEvent "BeforeShowLogin smarty,templatefile"
smarty_display(templatefile)
%>
