Hi,

I would like to display a message when a user fails to login to say, incorrect username or password. Its currently setup to redirect the user to the same login page on fail and even puts an error code attached to the login address.

I have also set up an absoluetely positioned div with the error message in it and the css style attached to this div is set to visibility 'hidden'

My question is where in the code and how do I tell the div css to not be hidden so that the message appears when a user fails to login?

Thanks

Lloyd

<%
// *** Validate request to log in to this site.
var MM_LoginAction = Request.ServerVariables("URL");
if (Request.QueryString != "") MM_LoginAction += "?" + Server.HTMLEncode(Request.QueryString);
var MM_valUsername = String(Request.Form("username"));
if (MM_valUsername != "undefined") {
var MM_fldUserAuthorization = "";
var MM_redirectLoginSuccess = " index-1.asp";
var MM_redirectLoginFailed = "index.asp?err=1";

var MM_loginSQL = "SELECT username, Password";
if (MM_fldUserAuthorization != "") MM_loginSQL += "," + MM_fldUserAuthorization;
MM_loginSQL += " FROM dbo.tblMember WHERE username = ? AND Password = ?";
var MM_rsUser_cmd = Server.CreateObject ("ADODB.Command");
MM_rsUser_cmd.ActiveConnection = MM_iiGymConectionString_STRING;
MM_rsUser_cmd.CommandText = MM_loginSQL;
MM_rsUser_cmd.Parameters.Append(MM_rsUser_cmd.CreateParameter("param1", 200, 1, 50, MM_valUsername)); // adVarChar
MM_rsUser_cmd.Parameters.Append(MM_rsUser_cmd.CreateParameter("param2", 200, 1, 50, Request.Form("password"))); // adVarChar
MM_rsUser_cmd.Prepared = true;
var MM_rsUser = MM_rsUser_cmd.Execute();

if (!MM_rsUser.EOF || !MM_rsUser.BOF) {
// username and password match - this is a valid user
Session("MM_Username") = MM_valUsername;
if (MM_fldUserAuthorization != "") {
Session("MM_UserAuthorization") = String(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value);
} else {
Session("MM_UserAuthorization") = "";
}
if (String(Request.QueryString("accessdenied")) != "undefined" && false) {
MM_redirectLoginSuccess = Request.QueryString("accessdenied");
}
MM_rsUser.Close();
Response.Redirect(MM_redirectLoginSuccess);
}
MM_rsUser.Close();
Response.Redirect(MM_redirectLoginFailed);
}
%>

HTML:
<div id="loginerror">Incorrect username or password</div>


Style Sheet:

#loginerror {
position:absolute;
width:220px;
height:30px;
z-index:3;
top: 135px;
font-size: 12px;
color: #FF0000;
left: 15px;
font-weight: bold;
visibility: hidden;
}

Try this on your login page. The red text is what I added.

Login Page:

<%
Dim strLoginError

If Request.QueryString("err") = 1 then
strLoginError = "visible"
Else
strLoginError = "hidden"
End If
%>
<div id="loginerror">Incorrect username or password</div>

Style Sheet:

#loginerror {
position:absolute;
width:220px;
height:30px;
z-index:3;
top: 135px;
font-size: 12px;
color: #FF0000;
left: 15px;
font-weight: bold;
visibility: <% Response.Write strLoginError %>;
}

thanks for the reply,

I inserted the first section of code directly above the div in my page, and the additional line replacing the hidden parameter in the style sheet. However when I try to run the page I get the following error:

Error Type:
Microsoft JScript compilation (0x800A03EC)
Expected ';'
/index.asp, line 195, column 4
Dim strLoginError

adding a ';' to the end of the line has no effect, I also have the same error message on the line added to the style sheet

Thanks

Lloyd

Sorry I didn't pay close enough attention to your code. You're using javascript and I gave you vbscript. I'm not very good with javascript, but I think this is the translation.

<%
var strLoginError;

if(Request.QueryString("err")==1){
strLoginError = "visible";
}
Else{
strLoginError = "hidden";
}
%>

<% Response.Write(strLoginError) %>;

I'm not sure if Request.QueryString("err") and Response.Write(strLoginError) are the correct code or not. Response.Write might need to be document.write. I'll keep looking and let you know what I find out. Let me know if you figure it out before then.

ah ok, I was wondering if that was it after to a few google searches..

I tried the javascript you gave me, this time I get the same error message but on a different line..


Error Type:
Microsoft JScript compilation (0x800A03EC)
Expected ';'
/index.asp, line 200, column 4
Else{
---^

thanks

Change the E in Else to a lower case e.

thanks this removed the error message, the actual function dosn't seem to quite work though, the div stays visible regardless of whether there is an error in the querystring or not

It might be better to take this out of the asp code and put it inbetween script tags. I'm not sure if the code in red is correct and from what I've read if you're passing more than one variable you will need more complex code. You might want to search the Javascript forum for examples about QueryStrings.


<head>
<script type='text/javascript'>
function cmdLoad(){
var strError = window.location.search
if(strError=="?err=1"){
document.getElementById("loginerror").style.display="inline";
}
}
</script>
</head>
<body onload="cmdLoad();">

Hi,

Getting a little confused...where should I place this code?

I have attached my webpage code for reference

Thanks

Before I answer that question and you change everything that we've previously tried I have a question. Is your #loginerror style in an external style sheet? If so then that might be why the earliar code we tried isn't working.

You're going to want to move this style so that it's in the page's style code.

#loginerror {
position:absolute;
width:220px;
height:30px;
z-index:3;
top: 135px;
font-size: 12px;
color: #FF0000;
left: 15px;
font-weight: bold;
visibility: <% Response.Write(strLoginError) %>;
}

You will also need to move this code to the top of the page between the HTML and Head tags like this. If the style isn't in an external stylesheet and is already internal you will still need to do this step.

<html>
<%
var strLoginError;

if(Request.QueryString("err")==1){
strLoginError = "visible";
}
else{
strLoginError = "hidden";
}
%>
<head>

If that still doesn't work let me know and we'll move on to my second option. Sorry to go backwards, but I didn't realize that your code was setup like this.

ah yes, fantastic it worked!

It was in an external style sheet but there was no reason for it to be so I moved it and put the asp code in the correct place and it worked....thats the first bit of asp javascript I've put into my page that hasn't been automatically done by dreamweaver, now to learn some more...

thanks for your time and patience, much appreciated

Lloyd

No problem and sorry for leading you all over the place. If you're just starting to learn asp you might want to learn vbscript instead of javascript. It seems to me that more people use vbscript so finding examples will be easier and I personally prefer it, but that's just what I'm familiar with. If you feel comfortable using javascript then by all means use what you know best.

thanks, not sure why I started with jscript think I just presumed it would be more popular, I will probably find vbscript easier as I used to be a vb programmer a few years ago

good luck!