Web Developer's Virtual Library: Encyclopedia of Web Design Tutorials, Articles and Discussions

WDVL Newsletter
Active Server Pages
JSP/Java Servlets
Microsoft SQL Server
Daily Backup
Dedicated Servers
Streaming Audio/Video
24-hour Support    
jobs.webdeveloper.com

Hiermenus

e-commerce
Partner With Us

Developer Channel
FlashKit.com
JavaScript.com
JavaScriptSource
Developer Jobs
ScriptSearch
StreamingMediaWorld
Web Developer's Journal
Web Developer's Virtual Library
WebDeveloper.com
Webreference
Web Hosts
XMLfiles.com

internet.com
IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers


Using the Registration Database

Chris Assenza

November 13, 2000

Now I have it, what do I do with it?

Good question actually, once you have collected user data from a form and stored it in a database, what do you do with that data? One thing you can do is allow access to special portions of your site. For instance, say a user registered as "brainman" with the password "flobe" and you wanted to give this user (and all others) access to your subscription content. The answer is, as usual, really very easy - in fact, if you have been following this series along, you have already done it, just for different reasons!

The answer involves a simple form, some ASP validation and processing (with SQL) and a redirect! Let's take a look at the form: 

<html>
<head><title>Login Page</title></head>
<body>
<form name="logon" action="logon.asp">
Username: <input type="text" name="username">
Password: <input type="text" name="password">
<input type="hidden" name="isSubmitted" value="yes">
<input type="submit" value="Login">
</form>
</body>
</html>

You cannot get much easier then that, right? This form asks for a username, password and has a submit button. The form is using the post method so we will use "request.form" in our ASP code and the action is pointing to itself (pretend the page is named "login.asp"). If you have not understood so far, now is the time to pick it up - with computer stuff, repetition is the key to expertise in any particular area. Now, let's move on to the ASP code, which should also be old hat to you by now! 

<%
if request.form("isSubmitted") = "yes" then
username = request.form("username")
password = request.form("password")


dim conn, strSQL, rst
set conn = Server.CreateObject("ADODB.Connection")
conn.ConnectionString = "dsn=wdvl_test"
conn.Open
set rst = Server.CreateObject("ADODB.Recordset")


strSQL = "SELECT * FROM tbl_Users;"
rst.Open strSQL, conn, 3, 3


found = 0
while not rst.EOF
if ((username = rst("Username")) AND 
	(password = rst("Password"))) then
found = 1
end if
wend


if found = 1 then
response.redirect 'subscription_zone.html'
else
ErrorMsg = "Username or password incorrect, please try again."
end if
end if
%>
<html>
<head><title>Login Page</title></head>
<body>
<% if ErrorMsg <> "" then %>
<font color="red" size="+2">
<b><%= ErrorMsg %></b>
</font>
<% end if %>
<form name="logon" method="post" action="logon.asp">
Username: <input type="text" name="username">
Password: <input type="text" name="password">
<input type="hidden" name="isSubmitted" value="yes">
<input type="submit" value="Login">
</form>
</body>
</html>
Note: The line "if ((username = rst("Username")) AND (password = rst("Password"))) then" is split at the word AND for display purposes, but in actual use it should be one line.

Rather then going through that code line-by-line, I will simply explain the concepts because you should recognize this code by now. First, the ASP checks the value of the isSubmitted form-field. If it is equal to "yes" the page proceeds to do some processing. After assigning the fields to variables, the next step is to establish a connection to the backend database. The SQL statement selects all the records from the tbl_Users table and makes them available as a recordset called "rst." Next, it is necessary to compare the values submitted on the page and the values in the recordset. We do this using a while loop that iterates through the recordset until it hits the end of the file. Each time, the if ((username = rst("Username")) AND (password = rst("Password"))) then statement asks if username (the variable) is equal to the current username in the recordset and asks if the passwords match. If a match is found, then the found variable is given a value of one, otherwise it stays equal to zero. Following the while loop, the next block of code checks to see what value found ended with. If it was a one, then response.redirect 'subscription_zone.html' sends the user to another page (whatever is defined in the single quotes). If found still equals zero, an ErrorMsg is stored and displayed when the form is redisplayed. On the next page, we will take a look at another use of the registration database - sending bulk email to your subscribers.

Advanced CDONTS Techniques
Using ASP for Form Handling: Part 4 - Filling the Gaps
Sending Mass Emails to Subscribers

Up to => Home / Authoring / ASP / FormHandling



Jupiter Online Media: internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and Jupiter Online Media

Jupitermedia Corporate Info


Legal Notices, Licensing, & Permissions, Privacy Policy.

Web Hosting | Newsletters | Tech Jobs | Shopping | E-mail Offers