Qualcuno potrebbe correggermi questo...

[gelova]

ho trovato uno script per un forum solo che mi dà questo errore:

Microsoft VBScript runtime error '800a005e'

Invalid use of Null: 'cLng'

/for/i_utils.asp, line 83

Andando alla linea 83 trovo questo

if session("user_id") = "" then
response.redirect("login.asp?querystring=" & to_url(request.serverVariables("QUERY_STRING")) & "&ret_page=" & to_url(request.serverVariables("SCRIPT_NAME")))
elseif cLng(session("accesslevel")) < cLng(iLevel) then
response.redirect("login.asp?msg=You+do+not+have+p ermission+to+access+the+requested+page.&querystrin g=" & to_url(request.serverVariables("QUERY_STRING")) & "&ret_page=" & to_url(request.serverVariables("SCRIPT_NAME")))
else
user_id = session("user_id")
accesslevel = session("accesslevel")
end if
end function

sulla pagina login.asp abbiamo questo

<% if request("msg") <> "" then msg_list.add "requestmsg", request("msg") %>

<%

'::::::::::::::::::::::::::::::::::::::::::::::::: :::::::::::::::::::::::::::::::::::::::::
'::: generated by aspapp v1.1 --- page version - 11/30/01 1:56:46 AM
'::::::::::::::::::::::::::::::::::::::::::::::::: :::::::::::::::::::::::::::::::::::::::::

'-------------------------------- DECLARATION SECTION ----------------------------------------------

''' NOTE: global vars are declared in i_utils.asp library.
''' The i_utils.asp library also contains various subrountines for
''' formatting, user managment, general database access, error
''' handling and tree form functions.

''''''''' login
dim user_name
dim password
dim submit
dim registerlink
dim login_sql

':::::::::::::::::::::::::::::::::::: GENERAL SUBROUTINES :::::::::::::::::::::::::::::::::::::::::::::::::: :::::

sub request_login
''' request expected input parameters for this form

user_name = request("user_name")
password = request("password")
submit = request("submit")
registerlink = request("registerlink")

end sub

'::::::::::::::::::::::::::::::: REQUEST AND VALIDATION ::::::::::::::::::::::::::::::::::::::::::::

'::::::::::::::::::::::::::::::: DEFAULT FIELD VALUES ::::::::::::::::::::::::::::::::::::::::::::

sub get_defaults_login
''' set default values for this form

user_name = "guest"
password = "guest"
submit = "LOGIN"
registerlink = "click here to register"

end sub


'------------------------------- DATABASE SUBROUTINES ----------------------------------------------


'----------------------------------- MAIN -------------------------------------------------------------

''' request form keys

''' determine if search parameters are being passed
do_search = request("do_search")

'----------------------------------- ACTION CASE HANDLER --------------------------------------------
''' request action
action = lcase(request("action"))

''' action case handler
select case action


case "login"
' verify and select the user from database

''' call the do_login function in i_utils.asp
do_login


case "logout"
' remove the user from current session

session("user_id") = NULL
session("accesslevel") = NULL


'::::::::::::::::::::::::::::::::::::::::::::::::: :::::::
' custom action handler(s)
''' select 'custom actions' to specify your case statements
'::::::::::::::::::::::::::::::::::::::::::::::::: :::::::

end select

''' no action was requested, so handle the default case for each form

get_defaults_login


%>





<%

display_errs
display_msg

%>








To access forum demo:

username: guest

password: guest





To access the administration areas:

username: admin

password: admin




<TABLE style="{width:430;}">
<FORM action="login.asp" method=POST name="login">
<TR class=formtr valign=top>
<TD class=labelTD align=right>
username
</TD>
<TD class=dataTD >
<input type=text name="user_name" size= maxlength="25" value="<% =user_name%>">
</TD>
</TR>
<TR class=formtr valign=top>
<TD class=labelTD align=right>
password
</TD>
<TD class=dataTD >

<input type=password name="password" size="" maxlength="25" value="<% =password%>">

</TD>
</TR>
<TR class=formtr valign=top>
<TD class=labelTD align=right>

</TD>
<TD class=dataTD>
<input class=cmd type=submit name="submit" value="LOGIN">
</TD>
</TR>
<TR class=formtr valign=top>
<TD class=labelTD align=right>
new user?
</TD>
<TD class=dataTD >
click here to register
</TD>
</TR>
<input type=hidden name="action" value="login">
<input type=hidden name="ret_page" value="<% =request("ret_page") %>">
</FORM>
</TABLE>






<%
''' assure that any db resources are freed
on error resume next
rs.Close
set rs = NOTHING
cn.Close
set cn = NOTHING
user_cn.Close
set user_cn = NOTHING
on error goto 0
%>

Premetto che di ASP non capisco un tubo....dove sta l'errore ?

[Roby_72]

Nella pagina i_utils.asp devi postare la sub do_login.

Roby

[wallrider]

Originariamente inviato da optime
standing ovation per il titolo del thread. urge (ri)lettura attenta e consapevole del regolamento.

(controlla che le variabili di sessione abbiano valore)

[gelova]

Roby la sub do_login è questa:

sub do_login
''''''''''''''''''''''''''''''''''''''''''''''''''
' autheticates user in db and creates session
''''''''''''''''''''''''''''''''''''''''''''''''''
user_name = request("user_name")
password = request("password")

sql = "SELECT user_name, password FROM Users WHERE user_name = " & to_sql(user_name,"text") & " AND password = " & to_sql(password,"text") & ""
set rs = user_cn.Execute(sql)
if rs.EOF then
'login failed
error_list.add "login", "Login or password in incorrect."
b_error = true
else
'login and password passed
sql = "SELECT user_id, accesslevel FROM Users WHERE user_name = " & to_sql(user_name,"text") & " AND password = " & to_sql(password,"text") & ""
set rs = user_cn.Execute(sql)

if rs.EOF then
'should never happen
error_list.add "login", "User does not exist."
b_error = true
else
'login user
session("user_id") = rs(0)
session("accesslevel") = rs(1)
'where to next?
querystring = request("querystring")
ret_page = request("ret_page")
if (ret_page <> request.serverVariables("SCRIPT_NAME")) AND (ret_page <> "") then
'return to page that preceded login
response.redirect(ret_page & "?" & querystring)
else
'go home
response.redirect("default.asp")
end if
end if
end if
rs.Close

end sub

[Roby_72]

Devi scoprire cos'è questo

iLevel

perché con molta probabilità è NULL.
Se infatti il login è effettuato con successo allora

session("accesslevel") = rs(1)

dovrebbe essere un numero...

Roby

[gelova]

Secondo te dove lo posso cercare

iLevel

?

[gelova]

Roby_72 ho trovato

<TABLE class=menuTable >
<TR>
<TD class=menuTD NOWRAP>
LOGIN ›
</TD>
<TD class=menuTD NOWRAP>
FORUMS ›
</TD>
<TD class=menuTD NOWRAP>
<% if session("accesslevel") > 1 then %>USERS ›<% else %><% end if %>
</TD>
<TD class=menuTD style="{width:'75%';text-align:right;}">
<% =FormatDateTime(Now,1) %>
</TD>
</TABLE>

[gelova]

[gelova]

Dove sei Roby_72 ?

[Roby_72]

Cosa hai trovato?

Roby