I have created a website that uses cookies to check to make sure that someone is logged in on secure pages, but some people have e-mailed me saying that they cannot get in. It is because they do not have cookies enabled. A NEED TO FIND A WAY TO CHECK THE LOGIN ON SECURED PAGES WITHOUT USING COOKIES. It would be nice to also be able to know who is online and where they have been - maybe an activity log.
View RepliesDoes anyone know how to create a login system with ASP that does not use cookies? I am finding that more and more users seem to be setting their privacy settings to high, thus not accepting cookies.
What I am thinking about is to have some type of server side session that when a user logs in, I write the session ID to a database as well as the user ID so that I can keep track of the users that are loged in.
I have played with regular sessions, but if a user does not have cookies enabled, the session do not seem to maintain state and are basically useless.
My login_process.asp ...
<%
Dim L_ID, L_Pass, conn, rs
L_ID = Request.Form("member_id")
L_Pass = Request.Form("member_pass")
set conn=Server.CreateObject("ADODB.Connection")
conn.Provider="Microsoft.Jet.OLEDB.4.0"
conn.Open(Server.Mappath("Registration.mdb"))
set rs=Server.CreateObject("ADODB.Recordset")
rs.open "SELECT * from registration WHERE mem_id='"& L_ID & "' AND mem_pass='" & L_Pass & "'", conn
if rs.EOF then
Response.Cookies("LoginError")= "Wrong Member ID or Password"
Response.Redirect("Login_Fail.asp")
else
Response.Cookies("login") = Request.Form("L_ID")
Response.Redirect("Login_Success.asp")
end if
conn.Close
%>
I place this at the top of every page so that only those logged in can view the page ...
<%
if Request.Cookies("mem_id") <> "TRUE" then
Response.Redirect ("Default.asp")
end if
%>
CONCLUSION : IT'S NOT WORKING ...
Please need your help in writing the cookies code to enter the user automaticly to the comments page with out login if he entered before to the site...
these are the code i wrote but now i need the cookies code to vlaideat if the user enterd before or not (if yes, redirect him to the comments page otherwoise let him login in)
In my Session_OnStart in Global.asa, I am setting some cookies. One
of them, I set as follows:
dim UserID
UserID = Request.ServerVariables("LOGON_USER")
Response.Cookies("User")("ID") = UCASE(UserID)
When I immediately log the cookie value retrieved from
Request.Cookies("User")("ID") into the Windows Event Log, I get the
correct value. However, when I try to retrieve the cookie on the home
page of my application using the same code,
Request.Cookies("User")("ID"), it either cannot find the cookie or
cannot read the value. I am retrieving the cookie before all HTML
headers are written. It is my first statement on the page after
Option Explicit. I have even compared the session IDs. The SessionID
created in the Session_OnStart is the same value as the SessionID on
the home page.
I have read that the Session_OnStart only has access to the
Application, Session and Request objects. It does not explicitly say
that it does not have access to the Response object. Also, I was even
able to use Response.Write's in Global.asa to print out the values
although it looked like it had also stopped the session after I did
so. Cookies are definitely enabled on my machine. I have even tried
setting the session cookie's expiration to be persistent for a few
days to see if it was perhaps expiring before I was able to read it
but this did not work either.
Is there something preventing cookies to be created in Global.asa in
the Session_OnStart sub? Is the Response object not available???
Please let me know if anyone else has had this problem or solution.
Is it possible for a user to enable permanent cookies but disable session cookies.....this seems like a contradition yet this is what I appear to be
reading in online articles?
I m creating a cookies in my application and it work properly but i can't see the cookies where it will sotred i checked the cookies folder but i didn't find that I want to create a cookies file as the other web site create and store where other cookies will stored in Cookies folder or Temprory Internet files folder eg:1. arvind@google.co[1].txt this stored in cookies folder 2. arvind@msn[2].txt ....
View Replies View RelatedI am building a website to pull data from a remote https site using xmlhttp. The data from the https site is behind a login screen. I can successfully get through the login screen with:
set objXMLHTTP = Server.CreateObject("Msxml2.ServerXMLHTTP")
objXMLHTTP.Open "POST", "https://website.com/validate-login2.asp", false
objXMLHTTP.SetRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXMLHTTP.Send "Username=uname&password=pwd&company=O"
That works great - but then, when I try to go to the next page (where the data is that I want to pull) - I use the same process and I get kicked back out to the login screen? Could there be some cookies, referer, strings being passed normally that I am not including in my second request - How do i find out for sure?
I have used the software IETrace and it looks like some cookies being passed, but how do I know for sure if (and what exactly) it is using?
I want to login to a page using MSXML2.ServerXMLHTTP.4.0 or an object like this, I must send the form variables needed to login when I try to login to the page. But the problem is, that the page looks like a exe file (not a asp file or php file or what ever). The name of the page I try to login is something like "/pw?/session/login", nothing more, without extension. I have tried the code with a normal asp file with session registration and login process and it worked, but not with this file.
View Replies View RelatedI've added a cookie and I am able to read it when using the same window but
if I load up a new window and try to access it, it can't find the cookie.
Any one know why?
I am creating a user tracking app that tracks a user one of two ways...
1)First Method is cookies
2)Second Method MS SQL DB
I first check if the users browser accepts cookies if not I go to the db. If the user accepts cookies then I check for a specific crumb if it does not have the value I am looking for I kill it and rewrite it. This is working fine (im in the middle of testing it). The problem is I decieded to test the script with NN7 and not turn cookies off but block cookies from my site and all fell apart. The condition that I have set (detect if cookies are enabled) does not stop the script from trying to set a Session Variable because the browser accepts cookies and to keep a long story short it goes into an infinite loop because the script is looking for a Session value and Its not being stopped becaues the script thinks its alright to write cookies! Is there a way to detect if a user has your sites cookies blocked? This is important because Server.CreateObject("MSWC.BrowserType") will return .Cookies = True and you will not know that your script is not executing properly because a user has your sites cookies blocked but excepts them elsewhere...
After a login we have a menu from where we have access to different operations such as add ,delete,update.. but if a user enters the appropriate URL he has access to these operations with out proper authorization.how do we solve this.
should we use cookies,if so how exactly?
I've built a website which requires a user to log-in to access the site. I have already built a page that enters their details into a db (register.asp), and another page where the user enters their email address (the log-in ID) to actually log-in (login.asp).
How can I use a cookie to automatically log a user in??
More specifically, what are the commands to set a cookie (upon successful registration) and access it (upon re-logging in)?
Hey i've spent the last few hours trying to work this problem out about cookies.
When a user logs in to the site the login.asp page checks the database to see the personal page that the user re directs to e.g if bob brown logged in he would be redirected to bob.brown.asp. This is stored in a field in the database table along with the username and password.
i would like to put a cookie onto the users computer that remembers the url they were redirected to so when they press the main page button it would look for the cookie and see what url they are meant to be redirected to and take them there
My current login system is this ....
I'm trying to load up a page through my asp page and get the cookie from that page so that I can use it later on when it needs to have it to access other parts of the site.
Basically the asp page is going to act like a browser and store the cookie from the other site, then send that cookie back when the asp page goes back to the other site again.
The problem is, I can only seem to access my own cookie. I didn't run into this problem when I was doing a similar thing inside my .cs scripts that were run by the server, as I suppose they were not coming from the actual domain that my page is running on (and thus, wasn't getting everything trampled by local cookies).
Is this possible, or should I just give up on it now?
im building a site for a few doctors surgeries. the user is able to see what appointments are available and then book that date/time. i have a table (in my db) of dates/times and a checkbox to say whether the time has been booked or not (and display only times that havnt been booked). i was going to have the user add the time to a "cart" and then check the "booked" checkbox in my db when theyve paid for that appointment. but if i have lots of people looking at the site at the same time, then they may be able to see times that are just about to be booked. i think a better way is to have the date/time stuffed into a cookie which expires after 5 minutes. so when a user adds a time to their "cart", it will say something like: "this time will expire in 5 minutes until you book it or re-add it to your cart". does that make sense?
how can i do this with server-cide cookies (im using jscript)? can anyone think of a better way to do this?
trying to delete a cookie, without success it seems. The following code
to delete and check a cookie produces "yes" where I expected "no"
Anyone tell me how to delete a cookie if this code is wrong.
response.cookies("savedforum").expires = date - 1
if request.cookies("savedforum").haskeys then
response.write "yes"
else
response.write "no"
I have the code below which I know it is wrong where the cookies come in. I am trying to write the values collected from a database into cookies. However I am having difficulty trying to figure out how to write rows of cookies with different values. This may be a little difficult to explain - see the following code:
View Replies View RelatedI need to set a cookie on a user after they have logged in. I want to
use just the user's login name , since that is a unique field.
If rsPersonIDCheck.EOF Then
Session("blnValidUser") = False
Else
Session("login") = rsPersonIDCheck("login")
but:
set Cookies("User") = Session("login")
seems not to be creating the cookie
I know little abt asp.I have done aproject on asp but I don't know much on cookies.if u know then plz give me idea with some codes.
View Replies View RelatedNot strictly a full asp question but Im sure someone here will have the
answer.I've read in several web sites that you can read and write to the same
cookie with asp and javascript.Does anyone have any sample coding showing how to do this with the javascript along with the asp code or were these websites I saw it mentioned
on bogus?
In my web application i'm are able to store large data in
the browser cookie keeping in mind the limit of 300
cookies per browser, 20 keys per cookie per domain and 4KB
max size of each cookie. i'm are unable to retreive this
large amount of data immediately after storing through
document.cookie in IE browser (The same works fine in
Netscape).
Is there any limit on the size of the data that can be
retreived using document.cookie? Could you please suggest
a solution to this problem i'm are facing.
If I Request.Cookies("cookiename") and the cookie doesnt exist could I use
If Request.Cookies("cookiename") = "" Then
Display Error Message
End If
or would i use
If Request.Cookies("cookiename") = Nothing Then
Display Error Message
End If
I found that a number of my sites that send email using CDO failed withing the past 30 days. Consider the following. I know its not the best coding practice to open and close the connection so many times but Im curious why this would all of a sudden become an issue.
1. Have a few large sites essentially all variables such as SMTP server are set using cookies so I can deploy multiple sites quickly.
2. Within the site email appears to work correctly across all pages with 1 exception.
3. The exception is below, Im wondering if it has to do with cookies having to be retrieved multiple times from the client machine
--Call db run search loop data build array
--Based on data in array call another search alter and finalize array
--Do while <= uBound(myArray)
--Call Email sub (from,to,sub,body) ' Sub contains a request cookies for SMTP server.
--Loop
Doesnt matter if its 2 or 50 emails always fails when using request.cookies to set the SMTP in the sub. Works fine if I hard code the IP. This same sub is used multiple times throughout the website and works fine with cookies.
Just curious why it needs might need to be hard coded in the loop. Has been running for about 6 months fine and have recently started noticing failures.
All the cookies that i have don't show any bad cookies as i call them but only show the cookies that they want on the users computer but for some reason i am getting lots of bad cookies from my website at http://tmd-1.com/ and i don't know how to stop the bad cookies from downloading to the computer the cookies i am having trouble with will be in a red box in the image below.....
View Replies View RelatedI started using the following code, although, I have a feeling it is not working. Also, do I have to place the same code on all accessed pages? Code:
<%
Response.Cookies("ExpCookie") = "Expiration"
Response.Cookies("ExpCookie").Expires = DateAdd("d", 1, Now())
Response.Cookies("ExpCookie").Secure = True
Response.Cookies("LastVisit") = Date & " " & Time
%>
I am new at all of this, I can understand that this cookie will expire an hour after being access on a given day (is that right?), and it will create the cookie with the printed date and time of access. how can I make sure cookie expire on time.
I need to build my own simple cart that writes to cookies only. I can write
and read cookies, but don't have a clue as to how I can add multiple
products, change quantites, etc. All I need is a cart that stores
information in cookies and the user prints their order. That's it. Where can
I find such information?
I am not able to set cookies with the domain name on a
Windows 2000 server with IIS 5.0. If I use the IP address
it works. I have another machine running IIS and I
configured them together.
I have two folders under root(wwwroot) Fol1 and Fol2.
Our customers logs on index.asp under Fol1 but when he/she wants to check
their order status it will take them to Fol2/account.asp where it checks for
userid cookie which was set in Fol1 index.asp when they log in. But seems
like I am not able to obtain the value in Fol2/account.asp. User Id cookie
is empty. I have set an expiration date for cookie as date + 1
I got stuck with some cookies expiry date. I wanted my cookies to expired every 4 hours. I'm writing with ASP. Currently I'm using the below code:
Response.Cookies("announcement").Expires = date + 1
for the expiry of everyday. How can I write if I want the cookies to expire every 4 hours?
Is it possible to use cookies between different domains?
For my site I use 2 domains;
the first for my global site with ASP en HTML, the second is for my forum located on "hyperboards" a free forum domain. On de second domain i don't have any control and i can't put any new webpages on that site.
But I want to use the cookie of my forum on my global site.
Can cookies or session can be set to expired after the page closed, or page being refresh, or new uRL are enter to it?
View Replies View RelatedI can write out cookies using response.cookies and read cooies with
request.cookies
If I enable a firewall like zonealarm then the cookies wiill write out but
the asp page will not read the cookies. This is if block third part
cookies is enabled. If I allow third party cookies the it will work.
If I display the cookie collection it will show a count of zero. I can
edit the cookie on the disk and see the data.
other web sites write and read info to my computer with cookies and zone
alarm is set to block them. why does request.cookies fail to get the
information back.