2. ASPRunnerPro General questions
  3. Session Variables
This topic is locked

Session Variables

 		9/8/2008 10:26:00 AM
ASPRunnerPro General questions
T
 tlalle author

At a successful login, I need to use the data in the field MerchantID. In the login page I have defined Account & Password as the fields to verify credentials. Below is my table.

[indent]SELECT

ServiceID,

MerchantID,

ServiceType,

Status,

Account,

Password,

BusinessName,

DBA

FROM dbo.Travel[/indent]

what is the syntax for capturing the data in the field "MerchantID". After reading a through the forum... it appears I should be setting a SESSION variable.
I then need to use that data in a URL redirect, such as:

[indent]<%

// After successful login

Sub AfterSuccessfulLogin(username,password)

'** Redirect to another page ****

Response.Redirect "http://www.mydomain.com/nexres/search/power_search.cgi?&src=10021365&src_aid="; & $MerchantID

End Sub ' AfterSuccessfulLogin

%>[/indent]
thank you in advance.
Sergey Kornilov admin 9/8/2008

This SQL query returns multiple records. As a first step you need modify this query to return one matching record only.
Do you use the same table as login table in your project?
T
 		tlalle author 9/8/2008

Sorry,

I should have given more details:

That is my table SQL query.

It is the only table used from that database, in this project.

That table contains the username & password as well as some additional data I need as a session variable.
My goal:

setup a logon page, once a user properly authenticates:

pull the data in field "MerchantID" that belogs to that users record set.

append that data to a URL and redirect the browser.
I hope this makes more since..
thanks again.
Sergey Kornilov admin 9/8/2008

I assume that Account holds the user name and both Account and Password fields are text fields

str = "select * from dbo.Travel where Account='" & username & "' and password='" & password "'"

Set rstmp = server.CreateObject("ADODB.Recordset")

rstmp.open str,dbConnection
if not rstmp.eof then

Session("MerchantID") = rstmp("MerchantID")
end if
rstmp.close

set rstmp=nothing
Response.Redirect "http://www.mydomain.com/nexres/search/power_search.cgi?&src=10021365&src_aid="; & Session("MerchantID")
T
 		tlalle author 9/8/2008

your assumption is correct..
however I am now getting a different error:
*Microsoft VBScript compilation error '800a0401'
Expected end of statement
/travel/include/events.asp, line 13
str = "select from dbo.Travel where Account='" & username & "' and password='" & password "'"

--------------------------------------------------------------------------------------------^**
T
 		tlalle author 9/8/2008

i am adding this code into the events.asp... after successful logon.
Sergey Kornilov admin 9/8/2008
str = "select * from dbo.Travel where Account='" & username & "' and password='" & password & "'"
T
 		tlalle author 9/15/2008

This resolved my issue... thanks again.