cheekynorton
Technical User
Hi I could use some help with my forum.
Firstly i have default.asp which is the login page:-
<html>
<head>
<title>My Forum</title>
</head>
<body>
<form name="login" action="login_process.asp" method="POST">
<input type="hidden" name="action" value="login">
<table border="0" cellpadding="0" cellspacing="0" width="250">
<tr>
<td colspan="2" align="center" bgcolor="orange"><b>User Login</b></td>
</tr>
<tr>
<td><b>Username</b></td><td align="right">
<input type="text" name="username" size="20"></td>
</tr>
<tr>
<td><b>Password</b></td><td align="right">
<input type="password" name="password" size="20"></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<form name="login" action="login_process.asp" method="POST">
<input type="hidden" name="action" value="register">
<table border="0" cellpadding="0" cellspacing="0" width="250">
<tr>
<td colspan="2" align="center" bgcolor="orange"><b>No username? Register here.</b></td>
</tr>
<tr>
<td><b>Username</b></td><td align="right">
<input type="text" name="username" size="20"></td>
</tr>
<tr>
<td><b>Password</b></td><td align="right">
<input type="password" name="password" size="20"></td>
</tr>
<tr>
<td><b>Confirm</b></td><td align="right">
<input type="password" name="confirm" size="20"></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" value="Register"></td>
</tr>
</table>
</form>
</body>
</html>
---------------------------------------
Secondly the login_process.asp. Code to execute the form, registering a new user to the database or login, then taking the user to the main forum.
<%@LANGUAGE = "VBSCRIPT"%>
<%
strErr = ""
Set Conn = Server.CreateObject("ADODB.Connection"
Conn.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" &_
Server.MapPath("\forum\forum.mdb"
if request("action" = "login" then
if request("username" = "" then
strErr = strErr & "Username is a required field" & vbCrLf
end if
if request("password" = "" then
strErr = strErr & "Password is a required field" & vbCrLf
end if
if strErr = "" then
SQL = "select username, password from users where username = '" & request("username" & "'"
set RSuser = Conn.execute (SQL)
if not RSuser.BOF and not RSuser.EOF then
if RSuser("password" = request("password" then
Response.Redirect("list.asp"
else
strErr = strErr & "Invalid password" & vbCrLf
end if
else
strErr = strErr & "User not registered" & vbCrLf
end if
end if
elseif request("action" = "register" then
if request("username" = "" then
strErr = strErr & "Username is a required field" & vbCrLf
end if
if request("password" = "" then
strErr = strErr & "Password is a required field" & vbCrLf
end if
if strErr = "" then
if request("password" <> request("confirm" then
strErr = strErr & "Password must match the confirmation" & vbCrLf
else
SQL = "select username from users where username = '" & request("username" & "'"
set RSuser = Conn.execute (SQL)
if not RSuser.BOF and not RSuser.EOF then
strErr = strErr & "This username already exists" & vbCrLf
else
SQL = "insert into users (username, password, date_created, date_modified) VALUES ('" & request("username" & "', '" & request("password" & "', '" & now & "', '" & now & "')"
Conn.execute (SQL)
end if
end if
end if
else
strErr = strErr & "Unrecognised Action, please resubmit" & vbCrLf
end if
%>
<%
if strErr <> "" then
%>
<html>
<head>
<title>Error</title>
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0" width="400">
<tr>
<td><b>The following errors were detected:</b></td>
</tr>
<tr>
<td><%=strErr%></td>
</tr>
<tr>
<td>Please go <a href="login.asp">back</a> and correct them.</td>
</tr>
</table>
</body>
</html>
<%else%>
<html>
<head>
<title>Registration</title>
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0" width="400">
<tr>
<td><b>Registration completed</b></td>
</tr>
<tr>
<td>Click <a href="list.asp">here</a> to enter the forum.</td>
</tr>
</table>
</body>
</html>
<%end if%>
<%Conn.close%>
----------------------------------
Thirdly the list.asp, which is the first page in the forum listing all the posted messages.
<%@LANGUAGE = "VBSCRIPT"%>
<% session("username" = request("username"
if session("username" = "" then
response.redirect("default.asp"
end if
%>
<%
Dim Conn, ConnString
Set Conn = Server.CreateObject("ADODB.Connection"
ConnString = "DRIVER={Microsoft Access Driver (*.mdb)};" & _
"DBQ=C:\inetpub\Conn.Open(ConnString)
sql = "select id, title, date_created from messages where parent_id = 0 order by date_created"
Set RS = Conn.Execute(sql)
%>
<html>
<head>
<title>Forum</title>
<STYLE TYPE="text/css">
font { font-family:verdana }
a { color:000000 }
a:visited { color: 000000 }
.cell { font-size:14px ; color:black }
.title { font-family:arial ; font-size:16px ; line-height: 18px ; font-weight:bold; vertical-align:top }
</STYLE>
</head>
<body bgcolor="E3EEEE">
<table border=0 width="400" cellspacing="1">
<tr>
<td colspan="2" align="center"><button onclick="location.href='post.asp'">New Topic</button></td>
</tr>
<tr>
<td bgcolor="19CBC5" class="title"> <b>Topic</b></td>
<td bgcolor="19CBC5" align="center" class="title"><b>Date posted</b></td>
</tr>
<% while not RS.EOF and not RS.BOF %>
<tr>
<td bgcolor="AAE4E2" class="cell"> <a href="message.asp?id=<%=RS("id"%>"><%=RS("title"%></a></td>
<td bgcolor="AAE4E2" align="center" class="cell"><%=RS("date_created"%></td>
</tr>
<%RS.movenext
wend %>
<tr>
<td colspan="2" bgcolor="19CBC5"> </td>
</tr>
<tr>
<td colspan="2" align="center"><button onclick="location.href='post.asp'">New Topic</button></td>
</tr>
</table>
</body>
</html>
<%Conn.close%>
----------------------------
Using the code i can happily add a new user.
The problem seems to be getting to the list.asp (main forum page).
Upon successfully registering, the user is given a link to list.asp (main forum page).
Upon clicking the link, instead of going to list.asp the user is taken back to default.asp implying that the user is 'not logged in'.
This also happens if the user logs in, instead of being redirected to list.asp he is sent back to default.
Can someone please tell me what i am doing wrong, is there anything wrong with code?
I guess its something to do with the validation code in login_process.asp but i cannot decipher the problem.
This is all pretty new to me
Thanks for any help!
Adrian
Firstly i have default.asp which is the login page:-
<html>
<head>
<title>My Forum</title>
</head>
<body>
<form name="login" action="login_process.asp" method="POST">
<input type="hidden" name="action" value="login">
<table border="0" cellpadding="0" cellspacing="0" width="250">
<tr>
<td colspan="2" align="center" bgcolor="orange"><b>User Login</b></td>
</tr>
<tr>
<td><b>Username</b></td><td align="right">
<input type="text" name="username" size="20"></td>
</tr>
<tr>
<td><b>Password</b></td><td align="right">
<input type="password" name="password" size="20"></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<form name="login" action="login_process.asp" method="POST">
<input type="hidden" name="action" value="register">
<table border="0" cellpadding="0" cellspacing="0" width="250">
<tr>
<td colspan="2" align="center" bgcolor="orange"><b>No username? Register here.</b></td>
</tr>
<tr>
<td><b>Username</b></td><td align="right">
<input type="text" name="username" size="20"></td>
</tr>
<tr>
<td><b>Password</b></td><td align="right">
<input type="password" name="password" size="20"></td>
</tr>
<tr>
<td><b>Confirm</b></td><td align="right">
<input type="password" name="confirm" size="20"></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" value="Register"></td>
</tr>
</table>
</form>
</body>
</html>
---------------------------------------
Secondly the login_process.asp. Code to execute the form, registering a new user to the database or login, then taking the user to the main forum.
<%@LANGUAGE = "VBSCRIPT"%>
<%
strErr = ""
Set Conn = Server.CreateObject("ADODB.Connection"
Conn.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" &_
Server.MapPath("\forum\forum.mdb"
if request("action"
= "login" thenif request("username"
= "" thenstrErr = strErr & "Username is a required field" & vbCrLf
end if
if request("password"
= "" thenstrErr = strErr & "Password is a required field" & vbCrLf
end if
if strErr = "" then
SQL = "select username, password from users where username = '" & request("username"
& "'"set RSuser = Conn.execute (SQL)
if not RSuser.BOF and not RSuser.EOF then
if RSuser("password"
= request("password" thenResponse.Redirect("list.asp"
else
strErr = strErr & "Invalid password" & vbCrLf
end if
else
strErr = strErr & "User not registered" & vbCrLf
end if
end if
elseif request("action"
= "register" thenif request("username"
= "" thenstrErr = strErr & "Username is a required field" & vbCrLf
end if
if request("password"
= "" thenstrErr = strErr & "Password is a required field" & vbCrLf
end if
if strErr = "" then
if request("password"
<> request("confirm" thenstrErr = strErr & "Password must match the confirmation" & vbCrLf
else
SQL = "select username from users where username = '" & request("username"
& "'"set RSuser = Conn.execute (SQL)
if not RSuser.BOF and not RSuser.EOF then
strErr = strErr & "This username already exists" & vbCrLf
else
SQL = "insert into users (username, password, date_created, date_modified) VALUES ('" & request("username"
& "', '" & request("password" & "', '" & now & "', '" & now & "')"Conn.execute (SQL)
end if
end if
end if
else
strErr = strErr & "Unrecognised Action, please resubmit" & vbCrLf
end if
%>
<%
if strErr <> "" then
%>
<html>
<head>
<title>Error</title>
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0" width="400">
<tr>
<td><b>The following errors were detected:</b></td>
</tr>
<tr>
<td><%=strErr%></td>
</tr>
<tr>
<td>Please go <a href="login.asp">back</a> and correct them.</td>
</tr>
</table>
</body>
</html>
<%else%>
<html>
<head>
<title>Registration</title>
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0" width="400">
<tr>
<td><b>Registration completed</b></td>
</tr>
<tr>
<td>Click <a href="list.asp">here</a> to enter the forum.</td>
</tr>
</table>
</body>
</html>
<%end if%>
<%Conn.close%>
----------------------------------
Thirdly the list.asp, which is the first page in the forum listing all the posted messages.
<%@LANGUAGE = "VBSCRIPT"%>
<% session("username"
= request("username"if session("username"
= "" thenresponse.redirect("default.asp"
end if
%>
<%
Dim Conn, ConnString
Set Conn = Server.CreateObject("ADODB.Connection"
ConnString = "DRIVER={Microsoft Access Driver (*.mdb)};" & _
"DBQ=C:\inetpub\Conn.Open(ConnString)
sql = "select id, title, date_created from messages where parent_id = 0 order by date_created"
Set RS = Conn.Execute(sql)
%>
<html>
<head>
<title>Forum</title>
<STYLE TYPE="text/css">
font { font-family:verdana }
a { color:000000 }
a:visited { color: 000000 }
.cell { font-size:14px ; color:black }
.title { font-family:arial ; font-size:16px ; line-height: 18px ; font-weight:bold; vertical-align:top }
</STYLE>
</head>
<body bgcolor="E3EEEE">
<table border=0 width="400" cellspacing="1">
<tr>
<td colspan="2" align="center"><button onclick="location.href='post.asp'">New Topic</button></td>
</tr>
<tr>
<td bgcolor="19CBC5" class="title"> <b>Topic</b></td>
<td bgcolor="19CBC5" align="center" class="title"><b>Date posted</b></td>
</tr>
<% while not RS.EOF and not RS.BOF %>
<tr>
<td bgcolor="AAE4E2" class="cell"> <a href="message.asp?id=<%=RS("id"
%>"><%=RS("title"%></a></td><td bgcolor="AAE4E2" align="center" class="cell"><%=RS("date_created"
%></td></tr>
<%RS.movenext
wend %>
<tr>
<td colspan="2" bgcolor="19CBC5"> </td>
</tr>
<tr>
<td colspan="2" align="center"><button onclick="location.href='post.asp'">New Topic</button></td>
</tr>
</table>
</body>
</html>
<%Conn.close%>
----------------------------
Using the code i can happily add a new user.
The problem seems to be getting to the list.asp (main forum page).
Upon successfully registering, the user is given a link to list.asp (main forum page).
Upon clicking the link, instead of going to list.asp the user is taken back to default.asp implying that the user is 'not logged in'.
This also happens if the user logs in, instead of being redirected to list.asp he is sent back to default.
Can someone please tell me what i am doing wrong, is there anything wrong with code?
I guess its something to do with the validation code in login_process.asp but i cannot decipher the problem.
This is all pretty new to me
Thanks for any help!
Adrian