home *** CD-ROM | disk | FTP | other *** search
/ Internet Pratica / IPRAT_01.iso / ASP / ASPProtect / check_user_inc.asp < prev    next >
Encoding:
Text File  |  2001-01-17  |  4.1 KB  |  105 lines
  1. <%
  2. ' Populating variables from the HTTP Header and the Server
  3. STATUS = Request("STATUS")
  4. USERNAME = Replace(Request("USERNAME"),"'","")
  5. PASSWORD = Replace(Request("PASSWORD"),"'","")
  6. THISPAGE = "http://" & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("URL")
  7.     
  8. ' These are the variables you may need to change
  9. DATA_PATH = "C:\Inetpub\wwwroot\advpasswordlite\_database\passwords.mdb"
  10. ConnPasswords_RuntimeUserName = "admin"
  11. ConnPasswords_RuntimePassword = "Xpass"
  12.     
  13. ' checks to see if login form was submitted..if so its runs the validation code
  14. If STATUS = "CHECKEM" Then
  15.     
  16.     '****************************************************************************
  17.     ' The following checks for a user and if it finds one it stores all their     
  18.     ' information in session variables that will be available to you at all times
  19.     '****************************************************************************
  20.     
  21.     
  22.     Set ConnPasswords = Server.CreateObject("ADODB.Connection")
  23.     Set CmdCheckUser = Server.CreateObject("ADODB.Recordset")
  24.     ConnPasswords.Open "DBQ=" & DATA_PATH &   ";Driver={Microsoft Access Driver (*.mdb)};UID=" & ConnPasswords_RuntimeUserName & ";PASSWORD=" & ConnPasswords_RuntimePassword
  25.     SQL = "SELECT FULL_NAME, USERNAME, PASSWORD, ACCESS_LEVEL, NOTES, ADMIN, ID FROM USERS WHERE (USERNAME = '" & USERNAME & "') AND (PASSWORD = '" & PASSWORD & "')"
  26.     CmdCheckUser.Open SQL, ConnPasswords
  27.     
  28.         If CmdCheckUser.EOF And CmdCheckUser.BOF Then
  29.             
  30.             Session("PASSWORDACCESS") = "No"
  31.             
  32.         Else
  33.             
  34.             Session("PASSWORDACCESS") = "Yes"
  35.             Session("FULL_NAME") = CmdCheckUser("FULL_NAME")
  36.             Session("PASSWORD") = CmdCheckUser("PASSWORD")
  37.             Session("USERNAME") = CmdCheckUser("USERNAME")
  38.             Session("ADMIN") = CmdCheckUser("ADMIN")
  39.             
  40.         End If
  41.     
  42.     CmdCheckUser.Close
  43.     Set CmdCheckUser = Nothing
  44.     ConnPasswords.Close
  45.     Set ConnPasswords = Nothing
  46.     
  47.     '*********************
  48.     '*********************
  49.     
  50. End If    
  51.     
  52.     '**************************************************************
  53.     ' The following checks for proper Access for the Admins           
  54.     '**************************************************************
  55.     
  56.     If CHECKFOR = "ADMIN" Then
  57.         If Session("ADMIN") = "False" Then
  58.             Session("PASSWORDACCESS") = "No"
  59.         End If
  60.     End    IF
  61.     
  62.     '*********************
  63.     '*********************
  64.     
  65.     
  66.     
  67.     '**************************************************************
  68.     ' The following checks to see if a user has been validated yet 
  69.     ' If not it will show the login screen                           
  70.     '**************************************************************
  71.     
  72.     
  73. If Session("PASSWORDACCESS") <> "Yes" Then
  74.     Response.Write("<HTML>")
  75.     Response.Write("<BODY bgcolor=""#FFFFFF"">")
  76.     
  77.         If Session("PASSWORDACCESS") = "No" Then
  78.             Response.Write("<p align=""center""><font face=""Arial"" color=""#FF0000""><strong>ACCESS DENIED</strong></font></p>")
  79.             Response.Write("<p align=""center""><small><strong><font face=""Arial"">INVALID USERNAME & PASSWORD</font></strong></small></p>")
  80.         End If
  81.     
  82.     Response.Write("<form method=""POST"" action=""" & THISPAGE & """>")
  83.     Response.Write("  <input type=""hidden"" name=""STATUS"" value=""CHECKEM""><div align=""center""><center><table")
  84.     Response.Write("  border=""0"" bgcolor=""#C0C0C0"">")
  85.     Response.Write("    <tr>")
  86.     Response.Write("      <td bgcolor=""#FF0000""><strong><small><font face=""Arial"">USERNAME</font></small></strong></td>")
  87.     Response.Write("      <td><input type=""text"" name=""USERNAME"" size=""10""></td>")
  88.     Response.Write("    </tr>")
  89.     Response.Write("    <tr>")
  90.     Response.Write("      <td bgcolor=""#FF0000""><strong><small><font face=""Arial"">PASSWORD</font></small></strong></td>")
  91.     Response.Write("      <td><input type=""password"" name=""PASSWORD"" size=""10""></td>")
  92.     Response.Write("    </tr>")
  93.     Response.Write("  </table>")
  94.     Response.Write("  </center></div><div align=""center""><center><p> <input type=""submit"" value=""Login""></p>")
  95.     Response.Write("  </center></div>")
  96.     Response.Write("</form>")
  97.     Response.Write("</BODY>")
  98.     Response.Write("</HTML>")
  99.     
  100.     Response.End
  101. End If
  102.     
  103.     '*********************
  104.     '*********************
  105. %>