Login and check password from Database

Question

roby4eldiablo 7 Newbie Poster

16 Years Ago

Hi all. I have a login Form where user can insert Nickname & Password.
I have a database where i have listed new registered user and store their information.
The problem is when I control the Form data "pass" and check if it's equal to the rst("pwd")
into the database.
It never match....
The 2 password are equal but it look like if they are different.
Someone can help me please?

var con;
var conString;
con = Server.CreateObject("ADODB.Connection");
conString = "Provider=Microsoft.Jet.OLEDB.4.0; "+ "Data Source= " + Server.MapPath("/negozio.mdb");
con.Open(conString);
var n, p, q;
n=Request.Form("nick");
p=Request.Form("pass");
var sSQLString;
var rst;
rst = Server.CreateObject("ADODB.Recordset");
sSQLString = "SELECT pwd FROM utenti WHERE nick='"+n+"';";
rst = con.Execute(sSQLString);
q=rst("pwd");
if (p != q)
{Response.write ("Password errata, reinserire la password corretta");
Response.AddHeader ("Refresh", "5;URL=login.asp"); 
con.Close( );
con = null;
}
else {Response.write ("Salve " + n + " benvenuto, tra un attimo potra accedere alle opzioni del sito");
Response.AddHeader ("Refresh", "5;URL=home.asp"); 
con.Close( );
con = null;
}

asp

1 Contributor
1 Reply
98 Views
2 Days Discussion Span
Latest Post 16 Years Ago Latest Post by roby4eldiablo

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

roby4eldiablo 7 Newbie Poster · Answer 1 · 2008-05-02T14:12:19+00:00

I modify the sql string and the condition and all work properly.
I hope that someone can benefit from this article.

var con;
var conString;
con = Server.CreateObject("ADODB.Connection");
conString = "Provider=Microsoft.Jet.OLEDB.4.0; "+ "Data Source= " + Server.MapPath("/negozio.mdb");
con.Open(conString);
var n, p;
n=Request.Form("nick");
p=Request.Form("pass");
var sSQLString;
Response.write (" "+n+"</br>");
Response.write (" "+p+"</br>");
var rst;
var sSQLString;
rst = Server.CreateObject("ADODB.Recordset");
sSQLString = "SELECT * FROM utenti WHERE nick='"+n+"' AND pwd='"+p+"';";
Response.write (" "+sSQLString+"</br>");
rst = con.Execute(sSQLString);
if(rst.EOF)
{Response.write ("Password errata, reinserire la password corretta");
Response.AddHeader ("Refresh", "5;URL=login.asp"); 
con.Close( );
con = null;
}
else {Response.write ("Salve " + n + " benvenuto, tra un attimo potra accedere alle opzioni del sito");
Response.AddHeader ("Refresh", "5;URL=home.asp"); 
con.Close( );
con = null;
}