HTMLHelp Forums > ASP redirect to main if logged in

Full Version: ASP redirect to main if logged in

HTMLHelp Forums > Programming > Server-side Scripting

aspmkt2009

Sep 22 2009, 08:40 AM

I'm having a problem with my login page not allow a logged in user to access our site. If the user hasn't been logged in that day, deletes their history or shuts down their computer they can access the site, but if I change pages and then go back and try to access the site, even with correct log in, it always redirects to the log in page. Here is the login.asp script, let me know if there are other pages that are needed. The site is already password protected, so I'm not sure how much good that will do, let me know if need that as well.

I'm fairly certain I have the coding incorrect for what I want, basically I want their log in to remain active for 1440 minutes (24hrs), at which time they need to re-login. If they are logged in, I don't want them to get the log in page I want them to automatically be redirected to the main page for the site which is main.asp.

I do not know much about ASP, html and css are my areas, this is a prebuilt code that I'm editing to work with us and I just can't seem to find the answer to this anywhere. Thanks!



<%
strUserName = Replace(Request.Form("txtUserName"), "'", "''")
Set rsCheckUser = Server.CreateObject("ADODB.Recordset")
strSQL = "SELECT password, ID, username, admin, suspend FROM tblUsers WHERE username ='" & strUserName & "'"
rsCheckUser.Open strSQL, adoCon
strActiveUser = "Select * From Active_Users Where User_ID='" & strUserName & "'"
Set rs1 = adoCon.Execute (strActiveUser)
If NOT rsCheckUser.EOF Then
If NOT rs1.EOF Then
Session("userGood") = False
Response.Redirect ("default.asp?mode=once")
ElseIf md5(Request.Form("txtUserPass")) = rsCheckUser("password") Then
If rsCheckUser("suspend") = 0 Then
Session("userGood") = True
Session("userID") = rsCheckUser("ID")
Session("userName") = rsCheckUser("username")
Session("userAdmin") = rsCheckUser("admin")
strLoginSql = "UPDATE tblusers SET last_login='" & now() & "' WHERE username ='" & strUserName & "'"
adoCon.execute (strLoginSql)
rsCheckUser.Close
Set rsCheckUser = Nothing
Set adoCon = Nothing
Response.Redirect"main.asp"
Else
rsCheckUser.Close
Set rsCheckUser = Nothing
Set adoCon = Nothing
Session("userGood") = False
Response.Redirect("default.asp?mode=suspend")
End If
End If
End If
rsCheckUser.Close
Set rsCheckUser = Nothing
Set adoCon = Nothing
Session("userGood") = False
Response.Redirect"default.asp?mode=invalid"
%>

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.