Dreamweaver need to create a session variable or Cookie or something Help

Report · Oct 19, 2010

I have been working for weeks I am very close but can't get over one last hurdle. I am trying to call a session variable much like dreamweaver calls mm_username. It is in the same user table as username - password - access level - Customer_id. I need to pull the session variable or cookie or however I can do it to access the customer id number so I can have customer specific information and pricing. There will be mulitple users for each customer so I need another variable besides mm_username. Help I use dreamweaver cs4 aspvbscript and sqlserver ...help

Report · Oct 19, 2010

Do you have a specific question? Exactly what part is not working for you? If you examine the code that DW creates to retrieve the username and store in a session variable, you'll see how to do it for any column you retrieve.

Report · Oct 19, 2010

i have everything working except being able to pull this session variable to use it as a parameter to help sort customer specific information by there customer id which would be the session variable I am trying to pull from the login table i have built

Report · Oct 19, 2010

Right. You say it's not working. What's happening? Are you getting an error?

What do you mean by 'pull the session variable'. Have you created the variable? Are you just not able to retrieve it? Or pass it to the query? Please provide more info. Realize that we do not know your skill level and what you have already tried. It's really hard to guess.

Report · Oct 20, 2010

I have been building html pages for a while and have full understanding on that. Databases and Asp I am just getting into as our company has just began to utilitze them so I am a begginer at this. The books I have show how to make a session variable in php using dreamweaver but I cant find out how to do it in asp. This might not even be the best way to do it ...not sure. I just need to pull the customer id from the login table to help pull certain information from the database. This variable would be pulled on login and I would like to use it much like dreamweaver uses mm_username. Thanks for hanging with me and I hope you can help me out.

Report · Oct 20, 2010

in the login script that dreamweaver creates, look for the sql query. it usually only selects the username (sometimes the access type depending on how you set up the page protection). you need to add the user id column so that it becomes part of the result set. a few lines below that you will see that dreamweaver creates a session called MM_Username. you can create a session the same way it does username but this time use a different session name and use the user id column. the code should look like...

Session("MM_Username") = rsLogin.something.value("username") ' dreamweaver code
Session("MM_UserID") = rsLogin.something.value("user_id") ' user_id is the column name from the database

sorry i'm doing this off the top of my head. i haven't coded in asp in a long time. the rsLogin is the recordset that dreamweaver creates it might be different in your script. i tried to get as close as to what it could be. but that's how you create a session in asp

Report · Oct 20, 2010

>sorry i'm doing this off the top of my head.

Looks correct to me.

Report · Oct 20, 2010

w1n78 gave you the correct code for storing the results of a query in a session variable.

>This might not even be the best way to do it ...not sure

You don't absolutely need to store the customer id value in a session variable, as you can always obtain it by running a query using the username to retrieve it. But it probably makes sense as it avoids having to requery the database.

Report · Oct 20, 2010

bregent wrote:
you can always obtain it by running a query using the username to retrieve it.

OP wrote:

There will be mulitple users for each customer so I need another variable besides mm_username.

Report · Oct 20, 2010

>OP wrote:

>There will be mulitple users for each customer so I need another variable besides mm_username.

Right. One customer for many username's. So if you have the username, you can always get the customer. You can do it when they login and store in a session, or retrieve it from the DB as needed.

Report · Oct 20, 2010

oh ok well that makes sense then.

Report · Oct 21, 2010

FIrst off thanks for hanging with me guys being this has been a thorn in my side for two weeks. Here is the code I am not seeing the code that is listed above...where they create the mm_username

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%
' *** Logout the current user.
MM_Logout = CStr(Request.ServerVariables("URL")) & "?MM_Logoutnow=1"
If (CStr(Request("MM_Logoutnow")) = "1") Then
Session.Contents.Remove("MM_Username")
Session.Contents.Remove("MM_UserAuthorization")
MM_logoutRedirectPage = "/signout.asp"
' redirect with URL parameters (remove the "MM_Logoutnow" query param).
if (MM_logoutRedirectPage = "") Then MM_logoutRedirectPage = CStr(Request.ServerVariables("URL"))
If (InStr(1, UC_redirectPage, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then
    MM_newQS = "?"
    For Each Item In Request.QueryString
      If (Item <> "MM_Logoutnow") Then
        If (Len(MM_newQS) > 1) Then MM_newQS = MM_newQS & "&"
        MM_newQS = MM_newQS & Item & "=" & Server.URLencode(Request.QueryString(Item))
      End If
    Next
    if (Len(MM_newQS) > 1) Then MM_logoutRedirectPage = MM_logoutRedirectPage & MM_newQS
End If
Response.Redirect(MM_logoutRedirectPage)
End If
%>

<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="1,2"
MM_authFailedURL="/accessdenied.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (false Or CStr(Session("MM_UserAuthorization"))="") Or _
         (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
    MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)
End If
%>
<%
Dim Recordset1__MMColParam
Recordset1__MMColParam = "zzzzz"
If (Request.Form("item_id") <> "") Then
Recordset1__MMColParam = Request.Form("item_id")
End If
%>
<%
Dim Recordset1
Dim Recordset1_cmd
Dim Recordset1_numRows

Set Recordset1_cmd = Server.CreateObject ("ADODB.Command")
Recordset1_cmd.ActiveConnection = MM_p21_STRING
Recordset1_cmd.CommandText = "SELECT * FROM dbo.btb_get_customer_item_view WHERE item_id LIKE ?"
Recordset1_cmd.Prepared = true
Recordset1_cmd.Parameters.Append Recordset1_cmd.CreateParameter("param1", 200, 1, 40, Recordset1__MMColParam + "%") ' adVarChar

Set Recordset1 = Recordset1_cmd.Execute
Recordset1_numRows = 0
%>
<%
Dim Repeat1__numRows
Dim Repeat1__index

Repeat1__numRows = 10
Repeat1__index = 0
Recordset1_numRows = Recordset1_numRows + Repeat1__numRows
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Contract Part Number</title>
</head>

<table border="1">
<tr>
    <td>item_id</td>
    <td>customer_part_no</td>
    <td>item_desc</td>
    <td>Qty_Available</td>
    <td>contract_no</td>
    <td>customer_id</td>
</tr>
<% While ((Repeat1__numRows <> 0) AND (NOT Recordset1.EOF)) %>
    <tr>
      <td><%=(Recordset1.Fields.Item("item_id").Value)%></td>
      <td><%=(Recordset1.Fields.Item("customer_part_no").Value)%></td>
      <td><%=(Recordset1.Fields.Item("item_desc").Value)%></td>
      <td><%=(Recordset1.Fields.Item("Qty_Available").Value)%></td>
      <td><%=(Recordset1.Fields.Item("contract_no").Value)%></td>
      <td><%=(Recordset1.Fields.Item("customer_id").Value)%></td>
    </tr>
    <%
Repeat1__index=Repeat1__index+1
Repeat1__numRows=Repeat1__numRows-1
Recordset1.MoveNext()
Wend
%>
</table>
<p><a href="<%= MM_Logout %>">Log out</a></p>
</body>
</html>
<%
Recordset1.Close()
Set Recordset1 = Nothing
%>

Report · Oct 21, 2010

you need to do it on the login page you made. that's where DW creates the MM_Username session - if you want to do it during the login process. but if you want to do it like bregent suggested you can query it on this page using the Session("MM_Username") as part of your WHERE clause in SQL. not sure which way you want to do it

Report · Oct 21, 2010

Here is my login page code

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>

<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername = CStr(Request.Form("username"))
If MM_valUsername <> "" Then
Dim MM_fldUserAuthorization
Dim MM_redirectLoginSuccess
Dim MM_redirectLoginFailed
Dim MM_loginSQL
Dim MM_rsUser
Dim MM_rsUser_cmd

MM_fldUserAuthorization = "Access_Level"
MM_redirectLoginSuccess = "/mainmenu.asp"
MM_redirectLoginFailed = "/loginfailed.asp"

MM_loginSQL = "SELECT Login_Name, password"
If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
MM_loginSQL = MM_loginSQL & " FROM dbo.btb_web_login WHERE Login_Name = ? AND password = ?"
Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
MM_rsUser_cmd.ActiveConnection = MM_p21_STRING
MM_rsUser_cmd.CommandText = MM_loginSQL
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 20, MM_valUsername) ' adVarChar
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 10, Request.Form("password")) ' adVarChar
MM_rsUser_cmd.Prepared = true
Set MM_rsUser = MM_rsUser_cmd.Execute

If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
    Else
      Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
      MM_redirectLoginSuccess = Request.QueryString("accessdenied")
    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Brown Live Online Login</title>
<style type="text/css">

</style></head>

<body>
<p class="style5"><img src="/images/BTBlogosmall.jpg" width="322" height="53" /></p>
<p class="style5">Brown Live Online 2.0 </p>
<form ACTION="<%=MM_LoginAction%>" id="form1" name="form1" method="POST">
<p>
    <label><span class="style3">    User Name</span>
    <input name="username" type="text" id="username" size="20" />
    </label>
</p>
<p>
    <label><span class="style1"><span class="style6">Password</span></span>
    <input name="password" type="password" id="password" size="20" />
    </label>
</p>
<p>
    <label>
    <input type="submit" name="button" id="button" value="Login" />
    </label>
</p>
</form>
<p><a href="/index.html"><img src="/images/brown2.0.jpg" width="100" height="100" /></a> Click Image to return to <a href="http://www.browntransmission.com">www.browntransmission.com</a></p>
</body>
</html>

Report · Oct 21, 2010

change the following

original:

MM_loginSQL = "SELECT Login_Name, password"

new (i'm guessing user_id is the column name?):

MM_loginSQL = "SELECT user_id, Login_Name, password"

look for:

' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername

add below it:

Session("MM_UserID") = MM_rsUser.Fields.Item("user_id").value

this should create Session("MM_UserID") with the value of the user_id column in the database as long as the login is successful. if user_id is not the right column name just change it to match your column name. the session name can be whatever you want.

Report · Oct 21, 2010

When I add

Session("MM_UserID") = MM_rsUser.Fields.Item("user_id").value

Below this 
 If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then 
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername

It totally gets rid of the server behavior login user for some reason

Report · Oct 21, 2010

I soon as I put the red line of code in it is custoemr _id instead of user id in my table. Dreamweaver removes the user id function. is it in the wrong place ...what am i doning wrong ....it is fine with the first part you did but the second part it doesnt like in red.

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>

<%

' *** Validate request to log in to this site.

MM_LoginAction = Request.ServerVariables("URL")

If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)

MM_valUsername = CStr(Request.Form("username"))

If MM_valUsername <> "" Then

Dim MM_fldUserAuthorization

Dim MM_redirectLoginSuccess

Dim MM_redirectLoginFailed

Dim MM_loginSQL

Dim MM_rsUser

Dim MM_rsUser_cmd

MM_fldUserAuthorization = "Access_Level"

MM_redirectLoginSuccess = "/mainmenu.asp"

MM_redirectLoginFailed = "/loginfailed.asp"

MM_loginSQL = "SELECT customer_id, Login_Name, password"

If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
MM_loginSQL = MM_loginSQL & " FROM dbo.btb_web_login WHERE Login_Name = ? AND password = ?"
Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
MM_rsUser_cmd.ActiveConnection = MM_p21_STRING
MM_rsUser_cmd.CommandText = MM_loginSQL
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 20, MM_valUsername) ' adVarChar
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 10, Request.Form("password")) ' adVarChar
MM_rsUser_cmd.Prepared = true
Set MM_rsUser = MM_rsUser_cmd.Execute

If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    Session ("MM_USERID") = MM_rsUser.Fields.Item("customer_id").value
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
    Else
      Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
      MM_redirectLoginSuccess = Request.QueryString("accessdenied")
    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Brown Live Online Login</title>
<style type="text/css">

</style></head>

<body>
<p class="style5"><img src="/images/BTBlogosmall.jpg" width="322" height="53" /></p>
<p class="style5">Brown Live Online 2.0 </p>
<form ACTION="<%=MM_LoginAction%>" id="form1" name="form1" method="POST">
<p>
    <label><span class="style3">    User Name</span>
    <input name="username" type="text" id="username" size="20" />
    </label>
</p>
<p>
    <label><span class="style1"><span class="style6">Password</span></span>
    <input name="password" type="password" id="password" size="20" />
    </label>
</p>
<p>
    <label>
    <input type="submit" name="button" id="button" value="Login" />
    </label>
</p>
</form>
<p><a href="/index.html"><img src="/images/brown2.0.jpg" width="100" height="100" /></a> Click Image to return to <a href="http://www.browntransmission.com">www.browntransmission.com</a></p>
</body>
</html>

Report · Oct 21, 2010

>I soon as I put the red line of code in it is custoemr _id

>instead of user id in my table. Dreamweaver removes the

>user id function.

Correct. As soon as you modify the code generated from a server behavior, DW can no longer maintain it. At that point, you must maintain all of the code manually.

Report · Oct 21, 2010

Ok got it ...but when I enter that line of code it gives me a server error now and when i take it out of the login page it is fine not sure what i am doing wrong

Session("MM_USERID") = MM_rsUser.Fields.Item("customer_id").value

Report · Oct 21, 2010

what does the error say? and did you add customer_id to the SELECT query statement?

Report · Oct 22, 2010

Here is the parts I added that you told me ...Not sure if I messed something up or not.

MM_loginSQL = "SELECT customer_id, Login_Name, password"
If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
MM_loginSQL = MM_loginSQL & " FROM dbo.btb_web_login WHERE Login_Name = ? AND password = ?"
Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
MM_rsUser_cmd.ActiveConnection = MM_p21_STRING
MM_rsUser_cmd.CommandText = MM_loginSQL
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 20, MM_valUsername) ' adVarChar
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 10, Request.Form("password")) ' adVarChar
MM_rsUser_cmd.Prepared = true
Set MM_rsUser = MM_rsUser_cmd.Execute

If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then

' username and password match - this is a valid user

Session("MM_Username") = MM_valUsername

Session ("MM_USERID") = MM_rsUser.Fields.Item("customer_id").value

If (MM_fldUserAuthorization <> "") Then

Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)

Else

Session("MM_UserAuthorization") = ""

End If

if CStr(Request.QueryString("accessdenied")) <> "" And false Then

MM_redirectLoginSuccess = Request.QueryString("accessdenied")

End If

MM_rsUser.Close

Response.Redirect(MM_redirectLoginSuccess)

End If

MM_rsUser.Close

Response.Redirect(MM_redirectLoginFailed)

End If

Report · Oct 22, 2010

it looks fine, but what error are you getting? what isn't working?

Report · Oct 22, 2010

500 - Internal server error.

There is a problem with the resource you are looking for, and it cannot be displayed.

Report · Oct 22, 2010

as soon as i take those two lines of code out it works agian...not sure what is wrong. Need some help here and I never figured out the other way. Sorry probaly my fault for being a novice

Report · Oct 22, 2010

if you remove just MM_loginSQL = "SELECT customer_id, Login_Name, password" and put it back the way it was originally and leave the Session ("MM_USERID") = MM_rsUser.Fields.Item("customer_id").value do you get an error? if you do, is customer_id a valid column name for the table?

if you don't get an error, then the problem could be related to Session ("MM_USERID") = MM_rsUser.Fields.Item("customer_id").value

Dreamweaver need to create a session variable or Cookie or something Help

Server Error

500 - Internal server error.

There is a problem with the resource you are looking for, and it cannot be displayed.