CoverYourASP --> utils/Login.asp" --> Source

Free membership

Join in the fun! Sign in
Member Services

Site navigation
Download the entire site!
Search my articles
Free Magazines
Browse the directory

Send me feedback
Buy my boxer shorts

Recommend this page
Printer-friendly page

Resources I recommend
Link to my site
Advertising slashed!
About your privacy
Legal stuff
Site statistics
93 active users
3079 visitors today
2289 pages today
(only part of today)
Tools I use

CoverYourASP
Copyright © 1999-2016 James Shaw.
All rights reserved.

ASP.NET Blog
RSS submissions
E-commerce

Now open source with SourceForge!

This page shows the actual source code used on this site. If this is the first CYA source code you've seen you should read this overview first.

Did you know you can download all the source code (and the database) of this site? Then get my newsletter to be emailed when I update the source code!

Please spread the word by recommending my site to your friends and colleagues!

This is JScript (server-side JavaScript), not the more common VBScript. More...

utils/Login.asp

<%
// ============================================
// NOTE: all source code downloaded from CoverYourASP was written by
// James Shaw (unless stated otherwise), and is copyright (c) 2000-2002
// by James Shaw. You can use the code for any purpose, but do not
// publish or distribute the content in any way.
//
// See http://CoverYourASP.com/Legal.asp for up-to-date details.
// ============================================

// globals
var bLoggedIn;         // leave undefined
var sMemberName = '';
var sMemberEmail = '';
var nMemberID = 0;
var nMemberLevel = 0;
var bMemberCookie = false;

// front page personalization
var bIntro = true;
var bSuggestions = true;
var bCategories = false;
var bNews = false;
var bDiary = false;
var nNew = 5;
var nPopular = 0;
var nNewSnippets = 5;
var nPopularSnippets = 10;

// level names
var sLevels = new Array (
   'Bronze',
   'Silver',
   'Gold',
   'Advertising'
   );

// ============================================
// is member logged in?
// ============================================
function IsLoggedIn ( )
{
   if ( bLoggedIn == undefined )
   {
      // am I logged in?
      if ( ! ( bLoggedIn = Session ( 'Authenticated' ) ) )
      {
         // no, so try to get data from cookie
         if ( "" != Request.Cookies ( sCookieEmail ) )
         {
            // yes I have a cookie...
            var sEmail = "" + Request.Cookies ( sCookieEmail );
            var sPassword = "" + Request.Cookies ( sCookiePassword );

            //..so act as though they have just entered it
            bLoggedIn = ValidateLogin ( sEmail, sPassword, true );
         }
      }

      if ( bLoggedIn )
      {
         // store data in global variables
         sMemberName = Session ( 'MemberName' );
         sMemberEmail = Session ( 'MemberEmail' );
         nMemberID = Session ( 'MemberID' );
         nMemberLevel = Session ( 'MemberLevel' );
         bMemberCookie = Session ( 'MemberCookie' );

         bIntro = Session ( 'MemberIntro' );
         bCategories = Session ( 'MemberCategories' );
         bDiary = Session ( 'MemberDiary' );
         bSuggestions = Session ( 'MemberSuggestions' );
         bNews = Session ( 'MemberNews' );
         nNew = Session ( 'MemberNewArticles' );
         nPopular = Session ( 'MemberPopular' );
         nNewSnippets = Session ( 'MemberNewSnippets' );
         nPopularSnippets = Session ( 'MemberPopularSnippets' );
      }
   }

   return bLoggedIn;
}

// ============================================
// show if user is logged in or not, with link to login/logout
// ============================================
function ShowLoginStatus ( sStart, sEnd )
{
   Out ( sStart );

   // hide the login and competition when used on template for 3rd party sites
   if ( bNoDynamic )
   {
      Out ( '<p>Please note: You are browsing an area of CoverYourASP whose content is being served by one of my partners.' );
      
      Out ( '<p>Your membership login is not used here, so you are NOT accruing points in the <a href="/Contest.html">CoverYourASP contest</a> while in this area of the site.' );
      
      Out ( sEnd );
      return;
   }

   // connect to database
   DBInitConnection ( );

   // get prize image name
   var sImage = '' + Application ( 'ContestImage' );

   if ( sImage == 'undefined' )
   {
      DBGetRecords ( 'SELECT TOP 1 ContestImage FROM Contest WHERE Awarded=False ORDER BY ContestID ASC' );

      if (oRecordSet.EOF)
         sImage = '';
      else
         sImage = '' + oRecordSet ( 0 );
   }

   // release database
   DBReleaseConnection ( );

   // store image name for next page
   Application.Lock ();
   Application ( 'ContestImage' ) = sImage;
   Application.Unlock ();

   if ( IsLoggedIn ( ) )
   {
      // connect to database
      DBInitConnection ( );

      if (sImage != '')
      {
         // stop the user from just refreshing their way to the maximum points!
         // I keep the last 2 pages in Session variables and don't increment if
         // either are re-visited. A long way from foolproof, but much better!
         var sThisPage = "" + Request.ServerVariables ( "SCRIPT_NAME" );

         if ( Session ( 'LastPage' ) != sThisPage &&
               Session ( 'SecondLastPage' ) != sThisPage )
         {
            Session ( 'SecondLastPage' ) = Session ( 'LastPage' );
            Session ( 'LastPage' ) = sThisPage;

            // increment member page count up to a maximum of 500 pages per contest
            // (dont store in Session variable so I can update from other scripts like StartContest.asp)
            oConnection.Execute( 'UPDATE Members SET nPoints=IIF(nPoints>=500,500,nPoints+1) WHERE MemberID=' + nMemberID );
         }

         // get current score
         DBGetRecords( 'SELECT nPoints FROM Members WHERE MemberID=' + nMemberID );

         var nMemberPoints = oRecordSet ( 0 ) - 0;

         // release database
         DBReleaseConnection ( );

         // show number of page views
         Out ( '<a href="/Contest.html">You have <font size=+1>' + nMemberPoints + '</font> chances of winning these prizes!</a>' );

         // show prize gif
         Out ( '<p><a href="ContestPrizes.asp"><img src="images/prizes/' + sImage + '.jpg" width="135" height="100" border="0" alt="Win these prizes!"></a>' );
      }

      Out ( '<p><a href="MemberLogout.asp">Sign out</a> ' + sMemberName );
   }
   else
   {
      if (sImage != '')
      {
         Out ( '<a href="/Contest.html">You are missing out on some <font size=+1>cool prizes!</font>' );
         // show prize gif
         Out ( '<p><a href="ContestPrizes.asp"><img src="images/prizes/' + sImage + '.jpg" width="135" height="100" border="0" alt="Win these prizes!"></a>' );
      }

      Out ( '<p>Join in the fun! <a href="/MemberLogin.html">Sign in</a>' );
   }

   Out ( sEnd );
}

// ============================================
// show if user can be upgraded or not
// ============================================
function ShowMemberStatus ( sStart, sEnd )
{
   Out ( sStart );

   if ( !IsLoggedIn ( ) )
   {
      Out ( '<a href="/MemberLogin.html">Get free lifetime membership, and personalize the site!</a>' );
   }
   else
   {
      switch ( nMemberLevel )
      {
      case 1:
//         Out ( '<a href="MemberUpgrade.asp">Now available:<br>exclusive tutorials for Silver members!</a>' );
         break;

      case 2:
         Out ( '' );
         break;
      }
   }

   Out ( sEnd );
}

// ============================================
// validate email/password
// ============================================
function ValidateLogin ( sEmail, sPassword, bCookieLogin )
{
   // connect to database
   DBInitConnection ( );

   // search for matching email/password
   DBGetRecords ( 'SELECT MemberID,Name,MemberLevel,bIntro,bNews,bCategories,bDiary,nNew,nPopular,bSuggestions,nNewSnippets,nPopularSnippets FROM Members WHERE Confirmed=True AND Email=\'' + DBEncode ( sEmail ) + '\' AND MemberPassword=\'' + DBEncode ( sPassword ) + '\'' );

   if ( !oRecordSet.EOF )
   {
      Session ( 'MemberEmail' ) = sEmail;
      Session ( 'MemberID' ) = oRecordSet ( 0 ) - 0;
      Session ( 'MemberName' ) = '' + oRecordSet ( 1 );
      Session ( 'MemberLevel' ) = oRecordSet ( 2 ) - 0;
      Session ( 'MemberCookie' ) = bCookieLogin;

      Session ( 'MemberIntro' ) = oRecordSet ( 3 ) - 0;
      Session ( 'MemberNews' ) = oRecordSet ( 4 ) - 0;
      Session ( 'MemberCategories' ) = oRecordSet ( 5 ) - 0;
      Session ( 'MemberDiary' ) = oRecordSet ( 6 ) - 0;
      Session ( 'MemberNewArticles' ) = oRecordSet ( 7 ) - 0;
      Session ( 'MemberPopular' ) = oRecordSet ( 8 ) - 0;
      Session ( 'MemberSuggestions' ) = oRecordSet ( 9 ) - 0;
      Session ( 'MemberNewSnippets' ) = oRecordSet ( 10 ) - 0;
      Session ( 'MemberPopularSnippets' ) = oRecordSet ( 11 ) - 0;

      Session ( 'Authenticated' ) = 1;

      // add 5 points for starting a new session
      // up to a maximum of 500 pages per contest
      oConnection.Execute( 'UPDATE Members SET nPoints=IIF(nPoints>=500,500,nPoints+5) WHERE MemberID=' + Session ( 'MemberID' ) );

      if ( bCookieLogin )
      {
         Response.Cookies ( sCookieEmail ) = sEmail;
         Response.Cookies ( sCookiePassword ) = sPassword;

         // get a date 1 year in the future
         var d = new Date;
         var m = d.getMonth() + 1;
         if (m == 2)   // if february, make it march (to stop failing on 2/29!
            m = 3;
         var sDate = d.getDate ( ) + '/' + m + '/' + (d.getFullYear ( ) + 1);

         Response.Cookies ( sCookieEmail ).Expires = sDate;
         Response.Cookies ( sCookiePassword ).Expires = sDate;
      }
      else
      {
         KillLoginCookies ( );
      }

      // release database
      DBReleaseConnection ( );

      return true;
   }

   // release database
   DBReleaseConnection ( );

   KillLoginCookies ( );

   return false;
}

// ============================================
// remove login cookies
// ============================================
function KillLoginCookies ( )
{
   Response.Cookies ( sCookieEmail ) = '';
   Response.Cookies ( sCookieEmail ).Expires = '01/01/1980';
   Response.Cookies ( sCookiePassword ) = '';
   Response.Cookies ( sCookiePassword ).Expires = '01/01/1980';
}

// ============================================
// sign out the user, remove cookie
// ============================================
function Logout ( )
{
   // clear the authenticated status
   Session ( 'Authenticated' ) = 0;

   // remove login cookies
   KillLoginCookies ( );

   // redirect to front page
   Redirect ( '/default.html' );
}

// ============================================
// make sure the user is signed in, and has sufficient access rights
// if not then redirect to passed in page
// ============================================
function NeedAccessLevel ( nLevel, sRedirect )
{
   if ( !IsLoggedIn ( ) )
      Redirect ( '/MemberLogin_access_.html' + Request.ServerVariables ( "SCRIPT_NAME" ) );

   if ( nMemberLevel < nLevel )
      Redirect ( sRedirect );
}
%>

Hopefully much of this is self-explanatory. If not, or if you see ways that I can improve the code, please drop me a line.

To see the source code for this page, click on the icon below.

Featured sponsor
My favorite resources


See my source code
wherever you see this icon...

You can also download the entire site source code for FREE!

CoverYourASP Mugs, T-shirts, caps - even Boxer shorts...
I don't make a penny from these, but they're a lot of fun! Don't you need a new mouse mat?


Qualify for Free Trade Magazines

Free subscriptions to industry leading publications for those who qualify!


New Proposal Kit Professional 5.1
Brand yourself as a top professional: create quotes and amazing proposals and get many legal documents free!

The latter saved me 3 times the purchase price on the first day I owned it!


I share my content

Supporting ASPRSS

Do you need a quick and easy way to link to my articles? All the information you need is published with ASPRSS...