vishalsomani 0 Newbie Poster

Hi,

I have got a login page whose code is as follows ...

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="Connections/testing.asp" -->
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
MM_valUsername=CStr(Request.Form("EmailAddress"))
If MM_valUsername <> "" Then
  MM_fldUserAuthorization=""
  MM_redirectLoginSuccess="/pass.asp"
  MM_redirectLoginFailed="/fail.asp"
  MM_flag="ADODB.Recordset"
  set MM_rsUser = Server.CreateObject(MM_flag)
  MM_rsUser.ActiveConnection = MM_testing_STRING
  MM_rsUser.Source = "SELECT EmailAddress, MyPassword"
  If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
  MM_rsUser.Source = MM_rsUser.Source & " FROM admin WHERE EmailAddress='" & Replace(MM_valUsername,"'","''") &"' AND MyPassword='" & Replace(Request.Form("MyPassword"),"'","''") & "'"
  MM_rsUser.CursorType = 0
  MM_rsUser.CursorLocation = 2
  MM_rsUser.LockType = 3
  MM_rsUser.Open
  If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then 
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization  ).Value)
    Else
      Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
      MM_redirectLoginSuccess = Request.QueryString("accessdenied")
    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginSuccess)
  End If
  MM_rsUser.Close
  Response.Redirect(MM_redirectLoginFailed)
End If
%>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<form name="form1" method="POST" action="<%=MM_LoginAction%>">
  <table width="75%" border="1">
    <tr> 
      <td>user name</td>
      <td><input type="text" name="EmailAddress"></td>
    </tr>
    <tr> 
      <td>password</td>
      <td><input type="text" name="MyPassword"></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Login"></td>
    </tr>
  </table>
</form>
<p><a href="/adminonly.asp">View Admin Area</a></p>
</body>
</html>

...and my success page code is

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="Connections/testing.asp" -->
<%
Dim rs1__MMColParam
rs1__MMColParam = "1"
If (Session("MM_Username") <> "") Then 
  rs1__MMColParam = Session("MM_Username")
End If
%>
<%
Dim rs1
Dim rs1_numRows

Set rs1 = Server.CreateObject("ADODB.Recordset")
rs1.ActiveConnection = MM_testing_STRING
rs1.Source = "SELECT * FROM admin WHERE EmailAddress = '" + Replace(rs1__MMColParam, "'", "''") + "'"
rs1.CursorType = 0
rs1.CursorLocation = 2
rs1.LockType = 1
rs1.Open()

rs1_numRows = 0
%>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<p>Success login</p>
<p>&nbsp;</p>
<p>your user name is <%=(rs1.Fields.Item("EmailAddress").Value)%></p>
<p><a href="/adminonly.asp">Admin</a> </p>
</body>
</html>
<%
rs1.Close()
Set rs1 = Nothing
%>

When I enter the incorrect credentials, it takes me to the fail page but when I enter them correctly, it gives me an error ,

The page cannot be displayed.
ADODB.Field (0x800A0BCD)
Either BOF or EOF is True, or the current record has been deleted. Requested operation requires a current record.
/pass.asp, line 33

Please help why its not passing the session variable and I end up getting this error. All the code above is generated by Dreamweaver.

Many thanks in advance.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.