Windows Vista 
Access 2007
I'm newbie...
A .mdb is online on a web site
There is web asp page connecting to database
When i use some user and password (correcting inserted in mdb) i'm not able to access to restricted area. This happens only with some records of db
I've tried lot of user and passwords but i'm not able to understand the reason why...
I attach code used to access to db
I hope you are able to give me an hand..
<code>
<%
'Dimension variables
Dim adoCon 'Database Connection Variable
Dim strCon 'Holds the Database driver and the path and name of the database
Dim rsCheckUser 'Database Recordset Variable
Dim strAccessDB 'Holds the Access Database Name
Dim strSQL 'Database query sring
Dim strUserName 'Holds the user name
Dim url 'Holds the url
Response.Buffer=True
'Initalise the strUserName variable
strUserName = Request.Form("txtUserName")
'Check the database to see if user exsits and read in there password
'Initialise the strAccessDB variable with the name of the Access Database
strAccessDB = "users"
'Create a connection odject
Set adoCon = Server.CreateObject("ADODB.Connection")
'Database connection info and driver
strCon = "DRIVER={Microsoft Access Driver (*.mdb)};uid=;pwd=letmein; DBQ=" & Server.MapPath(strAccessDB)
'Set an active connection to the Connection object
adoCon.Open strCon
'Create a recordset object
Set rsCheckUser = Server.CreateObject("ADODB.Recordset")
'Initalise the strSQL variable with an SQL statement to query the database
'strSQL = "SELECT tblUsers.Password, tblUsers.Link FROM tblUsers WHERE tblUsers.UserID ='" & strUserName & "'"
strSQL = "SELECT * FROM tblUsers WHERE tblUsers.UserID ='" & strUserName & "'"
'Query the database
rsCheckUser.Open strSQL, strCon
'If the recordset finds a record for the username entered then read in the password for the user
If NOT rsCheckUser.EOF Then
'Read in the password for the user from the database
If (Request.Form("txtUserPass")) = rsCheckUser("Password") Then
'If the password is correct then set the session variable to True
Session("blnIsUserGood") = True
'Close Objects before redirecting
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing
'Redirect to the authorised user page and send the users name
Response.Redirect"link_esami.asp?name=" & strUserName
End If
End If
'Close Objects
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing
'If the script is still running then the user must not be authorised
Session("blnIsUserGood") = False
'Redirect to the unautorised user page
Response.Redirect"unauthorised_user_page.htm"
%>
</code>
Reply With Quote
