<% '********** BEGIN ASP ********** Option Explicit On Error Resume Next Response.Buffer = true If Session.Contents("gintsesUserID") = 1 Then Call AlreadyLoggedIn() Else If Request.ServerVariables("Request_Method") = "POST" Then Call ProcessLogIn() End If End If '********** END ASP ********** %> Employee Sign In
User ID:
Password:

<% '********** BEGIN ASP ********** Private Sub ProcessLogIn() '*********************** '** procedure to verify UserId '** and Password and begin the '** user's session if verified '*********************** Dim objConn '** the connection object Dim objRecset '** the recordset object Dim strSQL '** the SQL string Dim strDataSource '** the DSN name Set objConn = Server.CreateObject ("ADODB.Connection") '** instantiate the connection obj Set objRecset = Server.CreateObject ("ADODB.Recordset") '** instantiate the recordset obj strDataSource = "Bookstore" '** DSN name for Bookstore DB Call OpenConnection(objConn, strDataSource) Call CheckForSQLErrors(objConn) strSQL = BuildSQLSelect() Call OpenRecordset(objRecset, strSQL, objConn) Call CheckForSQLErrors(objConn) Call VerifyLogin(objRecset) Call CheckForSQLErrors(objConn) Call CloseRecordset(objRecset) Call CheckForSQLErrors(objConn) Call CloseConnection(objConn) Call CheckForSQLErrors(objConn) Set objRecset = Nothing Set objConn = Nothing End Sub Private Sub AlreadyLoggedIn() '************************* '** procedure to display to '** the user that he/she was '** previously logged in '************************* Response.Clear '** Clears the buffer on any previous HTML Response.Write "You are already logged in,

" & vbCRLf Response.Write "Please select add, update or delete

" & vbCRLf Response.Write "from the menu at left" & vbCRLf Response.End '** Send the buffer and terminate the script processing End Sub Private Function BuildDataSource() '************************ '** function to return the DSN name '** of the bookstore DB '************************ BuildDataSource = "Bookstore" '** Bookstore DB DSN name End Function Private Function BuildSQLSelect() '************************ '** function to build the '** SQL select statement '************************ BuildSQLSelect = "Select CustID, Password " & _ "From tblCustomers " & _ "Where CustID= " & Request.Form("txtUserID") & _ "And Password= '" & Request.Form("txtPassword") & "';" End Function Private Sub VerifyLogin(ByRef objRecset) '*************************** '** Procedure to call the necessary '** sub procedures to check the '** Boostore DB and match the CustID '** and password and send an '** appropriate response page. '*************************** If objRecset.EOF then '** Check for a record in the recordset Call LoginFail() Else Call LoginSuccess() End If End Sub Private Sub LoginFail() '*************************** '** Function to display the '** login failure page to the '** user. '*************************** Response.Clear '** Clears the buffer on any previous HTML Response.Write "Login Registration Information:

" & vbCRLf Response.Write "The login failed
" & vbCRLf Response.Write "Please use the back button or click the sign in button and try again

" & vbCRLf Response.End '** Send the buffer and terminate the script processing End Sub Private Sub LoginSuccess() '*************************** '** Function to display the '** login success page to the '** user. '*************************** Session.Contents("gintsesUserID") = 1 '** the logged in session flag = "TRUE" Response.Clear '** Clears the buffer on any previous HTML Response.Write "Login Confirmation:

" & vbCRLf Response.Write "Welcome! You may now perform book maintenence" Response.End '** Send the buffer and terminate the script processing End Sub '********** END ASP ********** %>

2000
Stephen Frentzen
MJ Coe