Webmaster Forum / ASP / General ASP Topics / July 2008

Hi Guys,

I'm using dreamweavers login behaviour to log people in, I've managed to
manipulate it a little as I have many sites using the same database, but I'd
like to manipulate it a little more, the behaviour so far is -

<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" +
Server.HTMLEncode(Request.QueryString)
MM_valUsername = CStr(Request.Form("username"))
If MM_valUsername <> "" Then
 Dim MM_fldUserAuthorization
 Dim MM_redirectLoginSuccess
 Dim MM_redirectLoginFailed
 Dim MM_loginSQL
 Dim MM_rsUser
 Dim MM_rsUser_cmd
 
 MM_fldUserAuthorization = "JBACASiteID"
 MM_redirectLoginSuccess = "jobseeker/afterlogin.asp"
 MM_redirectLoginFailed = "jobseeker/PasswordRequest.asp"

 MM_loginSQL = "SELECT JBACAUsername, JBACAPassword, JBACASiteID"
 If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," &
MM_fldUserAuthorization
 MM_loginSQL = MM_loginSQL & " FROM dbo.JBACandidate WHERE JBACAUsername =
? AND JBACAPassword = ? AND JBACASiteID = '31'"
 Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
 MM_rsUser_cmd.ActiveConnection = MM_recruta2_STRING
 MM_rsUser_cmd.CommandText = MM_loginSQL
 MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1",
200, 1, 50, MM_valUsername) ' adVarChar
 MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2",
200, 1, 50, Request.Form("password")) ' adVarChar
 MM_rsUser_cmd.Prepared = true
 Set MM_rsUser = MM_rsUser_cmd.Execute

 If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
   ' username and password match - this is a valid user
   Session("JOBSEEKERID") = MM_valUsername
   If (MM_fldUserAuthorization <> "") Then
     Session("SITEID") =
CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
   Else
     Session("SITEID") = ""
   End If
   if CStr(Request.QueryString("accessdenied")) <> "" And false Then
     MM_redirectLoginSuccess = Request.QueryString("accessdenied")
   End If
   MM_rsUser.Close
   Response.Redirect(MM_redirectLoginSuccess)
 End If
 MM_rsUser.Close
 Response.Redirect(MM_redirectLoginFailed)
End If
%>

You will see that at the moment I am selecting the following from the
database, JBACAUsername, JBACAPassword, JBACASiteID and producing the
following Sessions - Session("JOBSEEKERID") Session("SITEID") I'm then
sending the browser to an afterlogin page, where I produce a recordset based
on the two sessions -

<%
Dim Recordset1__MMColParam
Recordset1__MMColParam = "0"
If (Session("JOBSEEKERID") <> "") Then
 Recordset1__MMColParam = Session("JOBSEEKERID")
End If
%>
<%
Dim Recordset1__MMColParam2
Recordset1__MMColParam2 = "0"
If (Session("SITEID") <> "") Then
 Recordset1__MMColParam2 = Session("SITEID")
End If
%>
<%
Dim Recordset1
Dim Recordset1_cmd
Dim Recordset1_numRows

Set Recordset1_cmd = Server.CreateObject ("ADODB.Command")
Recordset1_cmd.ActiveConnection = MM_recruta2_STRING
Recordset1_cmd.CommandText = "SELECT JBACASiteID, JBACAUsername, JBACAName,
JBACAID FROM dbo.JBACandidate WHERE JBACAUsername = ? AND JBACASiteID = ?"
Recordset1_cmd.Prepared = true
Recordset1_cmd.Parameters.Append Recordset1_cmd.CreateParameter("param1",
200, 1, 255, Recordset1__MMColParam) ' adVarChar
Recordset1_cmd.Parameters.Append Recordset1_cmd.CreateParameter("param2", 5,
1, -1, Recordset1__MMColParam2) ' adDouble

Set Recordset1 = Recordset1_cmd.Execute
Recordset1_numRows = 0
%>

This recordset is querying the same table that was queried for the login.
Following this i create the following sessions -

<%Session("JOBSEEKERNAME") = Recordset1.Fields.Item("JBACAName").Value%>
<%Session("CANDID") = Recordset1.Fields.Item("JBACAID").Value%>

What I would like to do, is get all of this information in one go, rather
than having to use an afterlogin page,.. is this possible?

Many thanks