<%@ Language = VBScript %> <% Option Explicit %> <% 'James Barton 'logon.asp 'customer logon %> <% 'If customer is already logged on go to landing page if Session("logon_correct") = True then Response.Redirect "../asp/stedss_landing.asp" End if %> Logon Page
" method="post" name="logon_form" id="logon_form">

Subscription Area
Please Logon

Not registered yet? Click here

User ID:    
Password:  (Passwords are case sensitive)

Forgot your password? Click here

<% 'open database connection %> <% 'declare variables Dim custQry, custUpdate, custRS Dim failed, updateCmd, uid, upw failed = 0 'make sure form has been submitted before running code if Request.Form("logon") = "Logon" then uid = Request.Form("userid") upw = Request.Form("password") if uid = "customer" and upw ="maintenance" then 'Set special variable and redirect to maintenance logon Session("special_logon") = True Response.Redirect "maint_logon.asp" end if 'query to access data custQry = "Select * from Customers Where fldUserID = '" & uid & "'" 'Update sql statement custUpdate = "Update Customers Set fldLogonCount=fldLogonCount+1, fldLastLogon=now() Where fldUserID = '" & uid & "' and fldPassword = '" & upw & "'" 'create recordset object set custRS = Server.CreateObject("ADODB.Recordset") custRS.Open custQry, conn 'if not at database EOF if not custRS.EOF then 'loop through database records While Not custRS.EOF if Strcomp(uid,custRS.fields.item("fldUserID"),1)=0 and upw = custRS.fields.item("fldPassword") and custRS.fields.item("fldSubActive") = "active" then 'set session variables to pass user information 'to landing page Session("user_id") = uid Session("last_logon") = custRS.fields.item("fldLastLogon") 'update logon count and time conn.Execute custUpdate 'Set session variable Session("logon_correct") = True 'Set session timeout Session.Timeout = 45 'close connections after successful login and update custRS.Close set custRS = nothing conn.Close set conn = nothing 'Check where the users are coming from within the application. if (Request.QueryString("from")<>"") then 'redirect to landing page Response.Redirect "../asp/stedss_landing.asp" Else 'redirect to landing page (for now) Response.Redirect "../asp/stedss_landing.asp" End if Else 'Only present the failure message if the user typed in something. 'failed variable is so message only displays once during loop If Request.Form("userid") <> "" AND failed <> 1 then Response.Write "
Authorization Failed." & "
" & "Please try again.
" failed = 1 End if End if 'check next record custRS.movenext() Wend 'reset failed flag failed = 0 Else 'Only present the failure message if the user typed in something. If Request.Form("userid") <> "" then Response.Write "

Authorization Failed.

Please try again.

" End if End if 'close connections custRS.Close set custRS = nothing 'conn.Close 'set conn = nothing End if 'close connections 'custRS.Close 'set custRS = nothing conn.Close set conn = nothing %>