Hvis du erstatter følgende filer med disse - så fungerer scriptet.
Du skal bare oploade det. God fornøjelse.
:-) k_l
UPDATE.asp
<%
dothis = request.form("dothis")
usn = request.form("usn")
set dataconn = server.createobject ("ADODB.connection")
set rs1 = server.createobject ("ADODB.recordset")
'dataconn.Open "PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE=C:\Inetpub\wwwroot\login\db2.mdb"
dataconn.Open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ="&Server.Mappath("db2.mdb")
if request.form("Submit") = "Submit" then
if dothis = "up" then
MYSQL = "SELECT * FROM members WHERE usern = '" & usn & "'"
rs1.open MYSQL, dataconn, 1, 3
rs1("level").value = "admin"
rs1.update
end if
if dothis = "down" then
MYSQL = "SELECT * FROM members WHERE usern = '" & usn & "'"
rs1.open MYSQL, dataconn, 1, 3
rs1("level").value = "user"
rs1.update
end if
if dothis = "del" then
MYSQL = "SELECT * FROM members WHERE usern = '" & usn & "'"
rs1.open MYSQL, dataconn, 1, 3
rs1.delete
end if
rs1.close
dataconn.close
response.redirect "login.asp"
end if
%>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>User update page, use this page to upgrade a user to admin level</p>
<form name="form1" method="post" action="update.asp">
<p>
<Select Name="usn">
<%
MYSQL = "SELECT * FROM members"
rs1.open MYSQL, dataconn, 1, 3
While Not rs1.EOF%>
<option value="<%= rs1("usern") %>"><%= rs1("usern") %></option>
<%
rs1.MoveNext
Wend
%>
</select>
<p>
<input type="radio" name="dothis" value="up">
Make user Admin<br>
<input type="radio" name="dothis" value="down">
Make user Normal<br>
<input type="radio" name="dothis" value="del">
Delete User Completely<br>
<input type="submit" name="Submit" value="Submit">
</form>
<%
rs1.close
dataconn.close
%>
</body>
</html>
REG.ASP
<%
if request.form("reg") = "yes" then
'get variables from form
usn = request.form("usn")
pwd = request.form("pwd")
pwd2 = request.form("pwd2")
fname = request.form("fname")
lname = request.form("lname")
email = request.form("email")
'check varables are present and correct
if usn = "" then
err = 1
errmess = "You didnt insert a username<br>"
end if
if pwd = "" then
err = 1
errmess = errmess & "You didnt insert a password<br>"
end if
if pwd2 = "" then
err = 1
errmess = errmess & "You didnt insert a password again<br>"
end if
if fname = "" then
err = 1
errmess = errmess & "You didnt insert your first name<br>"
end if
if lname = "" then
err = 1
errmess = errmess & "You didnt insert your last name<br>"
end if
if InStr(email,"@") = 0 or InStr(email,".") = 0 or email = "" then
err = 1
errmess = errmess & "You didnt enter a valid email address<br>"
end if
if pwd <> pwd2 then
err = 1
errmess = errmess & "Your passwords dont match<br>"
end if
if err = 0 then
set dataconn = server.createobject ("ADODB.connection")
set rs1 = server.createobject ("ADODB.recordset")
'dataconn.Open "PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE=C:\Inetpub\wwwroot\login\db2.mdb"
dataconn.Open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ="&Server.Mappath("db2.mdb")
MYSQL = "SELECT * FROM members WHERE usern = '" & usn & "'"
rs1.open MYSQL, dataconn, 1, 3
if not rs1.EOF or not rs1.BOF then 'username exists already
errmess = "Your choosen Username already exists"
else
rs1.AddNew
rs1.Fields("usern") = usn
rs1.Fields("passwo") = pwd
rs1.Fields("fname") = fname
rs1.Fields("lname") = lname
rs1.Fields("email") = email
rs1.Update
response.redirect "login.asp"
end if
rs1.close()
dataconn.close()
end if
end if
%>
<html>
<head>
<title>Registration Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Please fill in the form below to register
<form name="form1" method="post" action="reg.asp">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="16%" align="right">Username </td>
<td width="23%">
<input type="text" name="usn" value="<%= usn %>">
</td>
<td width="12%" align="right">Password </td>
<td width="49%">
<input type="password" name="pwd">
</td>
</tr>
<tr>
<td width="16%" align="right">Password Again </td>
<td width="23%">
<input type="password" name="pwd2">
</td>
<td width="12%" align="right"> Email </td>
<td width="49%">
<input type="text" name="email" value="<%= email %>">
</td>
</tr>
<tr>
<td width="16%" height="27" align="right">First Name </td>
<td width="23%" height="27">
<input type="text" name="fname" value="<%= fname %>">
</td>
<td width="12%" height="27" align="right">Last Name </td>
<td width="49%" height="27">
<input type="text" name="lname" value="<%= lname %>">
</td>
</tr>
<tr>
<td width="16%" height="27" align="right"> </td>
<td width="23%" height="27">
<input type="submit" name="Submit" value="Submit">
<input type="reset" name="Submit2" value="Reset">
<input type="hidden" name="reg" value="yes">
</td>
<td width="12%" height="27" align="right"> </td>
<td width="49%" height="27"> </td>
</tr>
</table>
</form>
<%= errmess %>
</body>
</html>
LOGIN.ASP
<% response.buffer = true %>
<html>
<head>
<title>Logon Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000" >
<table width="100%" border="0" cellspacing="0" cellpadding="0" height="19" align="center">
<tr>
<td height="54" align="left">
<%
' BEGIN LOGON PROCEDURE
dologin = request.form("login")
usn = request.form("username")
psw = request.form("password")
if request.cookies("logoncookie")("cookname")<>"" then
usn = request.cookies("logoncookie")("cookname")
psw = request.cookies("logoncookie")("cookpass")
dologin = "login"
end if
if request.form("logoff")="logoff" then
dologin = "no"
session("logon")="no"
session("usn") = ""
session("admin") = "no"
session("superadmin") = "no"
response.cookies("logoncookie").expires = date -1
end if
'decide whether to login or not
if dologin ="login" then
set dataconn = server.createobject ("ADODB.connection")
set rs1 = server.createobject ("ADODB.recordset")
'dataconn.Open "PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE=C:\Inetpub\wwwroot\login\db2.mdb"
dataconn.Open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ="&Server.Mappath("db2.mdb")
MYSQL = "SELECT * FROM members WHERE usern = '" & usn & "'"
rs1.open MYSQL, dataconn, 1, 3
if not rs1.EOF or not rs1.BOF then 'username checker
if psw = (rs1("passwo")) then 'check password
session("logon") = "yes"
session("usn") = usn
if rs1("level") = "admin" then session("admin") = "yes"
if rs1("level") = "superadmin" then
session("admin") = "yes"
session("superadmin") = "yes"
end if
if request.form("rem") = "yes" then 'checkbox and create cookie
response.cookies("logoncookie").Expires = date + 31
response.cookies("logoncookie")("cookname")= usn
response.cookies("logoncookie")("cookpass")= psw
end if
else
session("logon") = "no" 'incorect password error
errmess="password incorrect"
end if
else
errmess="Incorect Username" 'incorrect username error
end if
rs1.close()
dataconn.close()
end if
'show user logged in
if session("logon") = "yes" then
call logonyes
else
'show login required
call logonno
response.write errmess
end if
' END LOGIN PROCEDURE
%>
</td>
</tr>
</table>
<% function logonno() %>
<form name="form1" method="post" action="login.asp">
Username
<input type="text" name="username" size="17">
<br>
Password
<input type="password" name="password" size="17">
<br>
Remember me
<input type="checkbox" name="rem" value="yes">
<input type="submit" name="login" value="login">
</form>
<p>Please click <a href="reg.asp">here</a> to register</p>
<% end function
function logonyes()
response.write "You are logged on as " & session("usn")
if session("admin") = "yes" then response.write "<br>Admin Level Logon"
if session("superadmin") = "yes" then response.write"<br><a href='update.asp'>Update Users</a>"
%>
<form name = "form1" method="post" action="login.asp">
<input type="submit" name="logoff" value="logoff">
</form>
<% end function %>
</body>
</html>
