ASP login page problem

Hey guys i have a huge problem with my asp login page.
Everything works fine if i enter correct login details, but eventually if i leave it empty or enter random(not correct) details i receive an error page

Here is the screenshot of the error page:
http://www.picsaway.com/view/er-c64cad64bf.jpg

And the login page code here:
[code]<%@ Language=VBScript %>
<%
Option Explicit
Response.Expires = 0

if(Session.Contents("zalogowany")<>false) then
if(Session.Contents("zalogowany")="student") then
Response.Redirect("panel_student.asp")
elseif(Session.Contents("zalogowany")="prowadzacy") then
Response.Redirect("panel_prowadzacy.asp")
end if
end if

Dim objConn, objRS, strQuery
Dim strConnection
Set objConn=Server.CreateObject("ADODB.Connection")
strConnection = "DSN=dziennik;Database=bdziennik;UID=dba;PWD=sql;"
objConn.Open strConnection

Dim login, haslo, kto, zalogowany
kto=Request.Form("kto")
login=CStr(Request.Form("login")) 'dla method="get" login=Request.QueryString("login")
haslo=CStr(Request.Form("haslo")) 'dla method="get" haslo=Request.QueryString("haslo")

if kto="student" then
strQuery = "select * from STUDENCI where Id_student=" & login & " and Haslo='" & haslo & "'"
Set objRS = objConn.Execute(strQuery)
if Not objRS.EOF then
Session.Contents("zalogowany")="student"
Session.Contents("kto")=login
Session.Contents("semestr")=objRS("semestr")
Response.Redirect("panel_student.asp")
else
Session.Contents("zalogowany")=false
Response.Redirect("../default.asp?co=logowanie")
end if
elseif kto="prowadzacy" then
strQuery = "select * from PROWADZACY where Id_prowadzacy=" & login & " and Haslo='" & haslo & "'"
Set objRS = objConn.Execute(strQuery)
if Not objRS.EOF then
Session.Contents("zalogowany")="prowadzacy"
Session.Contents("kto")=login
Response.Redirect("panel_prowadzacy.asp")
else
Session.Contents("zalogowany")=false
Response.Redirect("../default.asp?co=logowanie")
end if
end if

objRS.Close
objConn.Close
Set objRS = Nothing
Set objConn = Nothing
%>[/code]

Any tips how to fix that ??
Huge thanks in advance.

TREVOR

Comments

  • Hello,

    Your error image cannot be shown here. And I suggest you to post your question in the ASP specific board here:
    http://www.programmersheaven.com/mb/aspfaq/Board.aspx?S=B20000

    Thanks!

    : Hey guys i have a huge problem with my asp login page.
    : Everything works fine if i enter correct login details, but
    : eventually if i leave it empty or enter random(not correct) details
    : i receive an error page
    :
    : Here is the screenshot of the error page:
    : http://www.picsaway.com/view/er-c64cad64bf.jpg
    :
    : And the login page code here:
    : [code]: <%@ Language=VBScript %>
    : <%
    : Option Explicit
    : Response.Expires = 0
    :
    : if(Session.Contents("zalogowany")<>false) then
    : if(Session.Contents("zalogowany")="student") then
    : Response.Redirect("panel_student.asp")
    : elseif(Session.Contents("zalogowany")="prowadzacy") then
    : Response.Redirect("panel_prowadzacy.asp")
    : end if
    : end if
    :
    : Dim objConn, objRS, strQuery
    : Dim strConnection
    : Set objConn=Server.CreateObject("ADODB.Connection")
    : strConnection = "DSN=dziennik;Database=bdziennik;UID=dba;PWD=sql;"
    : objConn.Open strConnection
    :
    : Dim login, haslo, kto, zalogowany
    : kto=Request.Form("kto")
    : login=CStr(Request.Form("login")) 'dla method="get" login=Request.QueryString("login")
    : haslo=CStr(Request.Form("haslo")) 'dla method="get" haslo=Request.QueryString("haslo")
    :
    : if kto="student" then
    : strQuery = "select * from STUDENCI where Id_student=" & login & " and Haslo='" & haslo & "'"
    : Set objRS = objConn.Execute(strQuery)
    : if Not objRS.EOF then
    : Session.Contents("zalogowany")="student"
    : Session.Contents("kto")=login
    : Session.Contents("semestr")=objRS("semestr")
    : Response.Redirect("panel_student.asp")
    : else
    : Session.Contents("zalogowany")=false
    : Response.Redirect("../default.asp?co=logowanie")
    : end if
    : elseif kto="prowadzacy" then
    : strQuery = "select * from PROWADZACY where Id_prowadzacy=" & login & " and Haslo='" & haslo & "'"
    : Set objRS = objConn.Execute(strQuery)
    : if Not objRS.EOF then
    : Session.Contents("zalogowany")="prowadzacy"
    : Session.Contents("kto")=login
    : Response.Redirect("panel_prowadzacy.asp")
    : else
    : Session.Contents("zalogowany")=false
    : Response.Redirect("../default.asp?co=logowanie")
    : end if
    : end if
    :
    : objRS.Close
    : objConn.Close
    : Set objRS = Nothing
    : Set objConn = Nothing
    : %>[/code]:
    :
    : Any tips how to fix that ??
    : Huge thanks in advance.
    :
    : TREVOR
    :



    Brad Wang
    .NET Freelancer from China
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

In this Discussion