Ho creato una pagina per effettuare il login riservato all'amministratore ma non funziona, potete aiutarmi grazie:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername = CStr(Request.Form("username"))
If MM_valUsername <> "" Then
Dim MM_fldUserAuthorization
Dim MM_redirectLoginSuccess
Dim MM_redirectLoginFailed
Dim MM_loginSQL
Dim MM_rsUser
Dim MM_rsUser_cmd
MM_fldUserAuthorization = ""
MM_redirectLoginSuccess = "accesso.asp"
MM_redirectLoginFailed = "nonaccesso.asp"
MM_loginSQL = "SELECT username, password"
If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
MM_loginSQL = MM_loginSQL & " FROM [admin] WHERE username = ? AND password = ?"
Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
MM_rsUser_cmd.ActiveConnection = MM_CON_descabe_sito_STRING
MM_rsUser_cmd.CommandText = MM_loginSQL
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 255, MM_valUsername) ' adVarChar
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", -1, 1, -1, Request.Form("password")) ' N/A
MM_rsUser_cmd.Prepared = true
Set MM_rsUser = MM_rsUser_cmd.Execute
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Documento senza titolo</title>
<link href="css/admindescabe.css" rel="stylesheet" type="text/css" />
</head>
<body>
<table width="500" align="center">
<tr>
<td><form id="loginadmin" name="loginadmin" method="POST" action="<%=MM_LoginAction%>">
<table width="500">
<tr>
<td>USERNAME</td>
<td><label>
<input type="text" name="username" id="username" />
</label></td>
</tr>
<tr>
<td>PASSWORD</td>
<td><label>
<input type="password" name="password" id="password" />
</label></td>
</tr>
<tr>
<td></td>
<td><label>
<input type="submit" name="pulsante" id="pulsante" value="Invia" />
</label></td>
</tr>
<tr>
<td></td>
<td></td>
</tr>
</table>
</form></td>
</tr>
</table>
</body>
</html>
<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername = CStr(Request.Form("username"))
If MM_valUsername <> "" Then
Dim MM_fldUserAuthorization
Dim MM_redirectLoginSuccess
Dim MM_redirectLoginFailed
Dim MM_loginSQL
Dim MM_rsUser
Dim MM_rsUser_cmd
MM_fldUserAuthorization = ""
MM_redirectLoginSuccess = "accesso.asp"
MM_redirectLoginFailed = "nonaccesso.asp"
MM_loginSQL = "SELECT username, password"
If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
MM_loginSQL = MM_loginSQL & " FROM [admin] WHERE username = ? AND password = ?"
Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
MM_rsUser_cmd.ActiveConnection = MM_CON_descabe_sito_STRING
MM_rsUser_cmd.CommandText = MM_loginSQL
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 255, MM_valUsername) ' adVarChar
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", -1, 1, -1, Request.Form("password")) ' N/A
MM_rsUser_cmd.Prepared = true
Set MM_rsUser = MM_rsUser_cmd.Execute
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Documento senza titolo</title>
<link href="css/admindescabe.css" rel="stylesheet" type="text/css" />
</head>
<body>
<table width="500" align="center">
<tr>
<td><form id="loginadmin" name="loginadmin" method="POST" action="<%=MM_LoginAction%>">
<table width="500">
<tr>
<td>USERNAME</td>
<td><label>
<input type="text" name="username" id="username" />
</label></td>
</tr>
<tr>
<td>PASSWORD</td>
<td><label>
<input type="password" name="password" id="password" />
</label></td>
</tr>
<tr>
<td></td>
<td><label>
<input type="submit" name="pulsante" id="pulsante" value="Invia" />
</label></td>
</tr>
<tr>
<td></td>
<td></td>
</tr>
</table>
</form></td>
</tr>
</table>
</body>
</html>
Rispondi quotando