2. i then need to do 2 things each time the visitor goes to another page (these pages are database result asp pages:
1. pass the username and password back to the database to maintain security
2. pass the schoolID value on to the underlying SQL query so that the results are filtered by that schoolID

I have created the database, the login page , confirmation page and the result pages (which have a visable schoolID field at the moment that the user can manually enter the value). All work well

What i need now is the include page (which i don't know how to write the code to)

Please help... I'd gladly pay! i need this ASAP

Anyway, it sounds like what you want to use is a Session variable in ASP. For instance, set up your login page with a form that posts the variables back to the login page where you can check them for validity. If the login checks ok in the database then set a Session variable. For instance . . .

<%
Session("MyLogin") = Request.Form("login")
%>

Now at the top of every page you want to protect put something like . . .
<%
if Session("MyLogin") = "" then Response.Redirect "loginpage.asp"
%>

Yes, you could pass the password as a session variable as well, and recheck the database but it is not really essential.

Any more questions let me know

Vince

------------------
Internet Business Solutions S.L.(Spain)

Who you like to go visit the site for your self to get a better idea of what i'm trying todo?

I'm serious when i say i will gladly pay someone who helps me finish this aspect of the site ASAP!
Robert

quote:

---

Originally posted by Vince from Spain:
Hi there,
first thing to mention is that if you need a login system then Spooky has already done a pretty powerful one that might suit you. It is at . . .
http://www.outfront.net/spooky/login.htm
. . . I'm not on comission honest. Maybe it suits your needs, maybe not.

Anyway, it sounds like what you want to use is a Session variable in ASP. For instance, set up your login page with a form that posts the variables back to the login page where you can check them for validity. If the login checks ok in the database then set a Session variable. For instance . . .

<%
Session("MyLogin") = Request.Form("login")
%>

Now at the top of every page you want to protect put something like . . .
<%
if Session("MyLogin") = "" then Response.Redirect "loginpage.asp"
%>

Yes, you could pass the password as a session variable as well, and recheck the database but it is not really essential.

Any more questions let me know

Vince

---

<%
Session("SchoolID") = schoolid
%>

Now it is available on every page to filter how you like

For instance . . .
SQL="SELECT * FROM schooldatabase WHERE schoolid='" & Session("SchoolID") & "';"

You can assign whatever you like to a session variable, but it is recommended that you keep them to a minimum as they do eat system memory.

quote:

---

I'm serious when i say i will gladly pay someone who helps me finish this aspect of the site ASAP!

---

Always happy to accept contracting work, but I think we can get you going pretty quickly with this, so we probably won't have to worry about that

All the best

Vince

------------------
Internet Business Solutions S.L.(Spain)

I'm rolling up my sleeves as we speak. Thanks again!

I'll let you know the outcome. Where do you live in Spain?

robert

Good luck !

Vince

------------------
Internet Business Solutions S.L.(Spain)

so far no errors but it is still only validating username/password not username/password/SchID.

Question: all the fields within Spooky are text and SchID is numeric. I know there needs to be some sort of declaration that SchID is an integer.

Within Spooky.mdb it can be text but within the real mdb file it has to be numeric. any thoughts?

Also, how familiar are you with Spooky Login? Are you familiar with coding from page to page?

I know and greatly appreciate how valuable one's time and knowledge is. I also greatly respect and appreciate the spirit in which you are helping me.

At some point my questions may require more time than you choose to give and my offer of paying stands whether I keep reiterating it or not. Please let me know when that happens!
Robert

PS
I love Spain. Don't get there offer enough. I'm a music mixer by trade and travel thru out Europe extensively mixing various concerts. Unfortunately, most of the time I'm in and out but sometimes, especially with Jazz Artists/Festivals, we get to smaller more remote places and I love that!
Judging by your accent you are not a native of Spain!?! ;-)

If it is a string . . .
SELECT * FROM schooldb WHERE SchID='" & Session("schoolid") & "';"

You get the idea, it is just the quotes that are different. IN Visual Basic (the normal language of ASP) variables are not strongly typed so there is no problem there.

quote:

---

Judging by your accent you are not a native of Spain!?! ;-)

---

Nope, a native of Norwich in the UK, but I have been living here for 1.5 years now, and life is very nice indeed

All the best

Vince

------------------
Internet Business Solutions S.L.(Spain)

I am having problems with my result pages and using your example of insertinting into SQL Select.

I used the Front Page result wizzard and the statment it wrote is:

fp_sQry="SELECT * FROM qryWebSerReqAll WHERE (SchID = ::SchID:: AND SRSID = 0)"

i need to substitute your statement in place of: SchID = ::SchID::

i may not be doing it correctly

but also, Front Page determines that i have modified it's script and re-writes over your example

help!!!!!

All the best

Vince

------------------
Internet Business Solutions S.L.(Spain)

you may be right but i am so fatigued and frustrated at the time spent swimming against the current that i'm unsure if i have the stamina for open water swimming.

There is alot to digest with in Spooky Login and i'm just getting a handle on that. i have most pages modified, file include works, login works all redirect works.

i'm not sure that the Session Variable (SchID) is actually working. i can't seem to even get the value to appear on a page yet let alone, pass to the SQL Select. Can't seem to get the username or password be dispalyed on a page either so i must be writing it wrong:
<%Session("SchID")%>
does not display on a page???
back to the drawing board.
thanks for all your help!
Robert

which is shorthand for

<% Response.Write Session("SchID") %>

And it should print . . .

Sounds like you are getting there Robert, tomorrow should see it done

Vince

------------------
Internet Business Solutions S.L.(Spain)

So clever me, i then decided to use the value of SchID as the value of the password to test SQL statement. Changed it in the wizard to call the session password instead of the session SchID because SchID is not being written correctly as a session variable yet.

Still not working but you are right Tomorrow may bring the fix. thanks
Robert

I think you could well have sorted my worry's with this one.

Thebridge had exactly the same problem as myself. In one of your replies, you said to create a form with a username and password, then have it post to itself. Is there a way to use the DRW to check that it exists?

If so, how do you set the session variable assuming that it exists?

Thanks

Mark.

http://www.aspfaqs.com/aspfaqs/ShowFAQ.asp?FAQID=75