hello!
lads and lass's that use the log in features in dw ultradev and mx, this
may come in useful.
i've been looking for a way i can log a user into a site and then find
out all there info based on they user id. the problem with the login
server behavior in ultra dev and mx is you loose all the info from the
form etc cos the form submits to itself. also the sql is set up to
select only the 'username', 'password' and 'level' columns (if your
defining an access level that is).
so a bit of mucking around and i think i got a way round. look at your
log in page and find the line:
MM_rsUser.Source = "SELECT USERNAME, PASSWORD"�
and change it so the sql grabs the id column too:
MM_rsUser.Source = "SELECT USERID, USERNAME, PASSWORD"�
then look for the line:
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
and add the line:
Session("userid") = MM_rsUser.Fields.Item("USERID").Value
which should start a session called 'userid' based on the column
'USERID' based on the username and password.
then you can request it on your next pages as:
<%= Session("userid") %>
this can be used for a record set or what ever.
this is working for my site at the moment (which is cool!) but if anyone
can see any serious security flaws etc in it, it would be great if they
could let me know.
hope this helps out there,
have kool weekends,
jake
---
You are currently subscribed to activeserverpages as: [email protected]
To unsubscribe send a blank email to [EMAIL PROTECTED]
