|
Message Removed
-- modified 25-Apr-24 12:42pm.
|
|
|
|
|
Message Removed
modified 25-Apr-24 12:42pm.
|
|
|
|
|
I create a simple website with ASP.NET.
In web.config,i define "forms" auth and user first login will direct to login.aspx,but once they login success,then the next time,they access to the website,they need not to have user/pass checked because of (I think) cookies.
So how can I check user/pass each time users browse my web?
And another question,if the user idles for some time say 30 minutes,how can I automatically log him out for security.
Thanks.
this is my signature for forums quoted from shog*9:
I can't help but feel, somewhere deep within that withered, bitter, scheming person, there is a small child, frightened, looking a way out.
|
|
|
|
|
zhoujun wrote:
In web.config,i define "forms" auth and user first login will direct to login.aspx,but once they login success,then the next time,they access to the website,they need not to have user/pass checked because of (I think) cookies.
So how can I check user/pass each time users browse my web?
If you create a permant cookie by calling
RedirectFromLoginPage("",true)
then this cookie will stay on the machine until you call SignOut() but if you specify false as the second parameter you application will only create a session cookie which should produce the behaviour you want.
zhoujun wrote:
And another question,if the user idles for some time say 30 minutes,how can I automatically log him out for security.
This again can't be done for permanent cookies. But session cookies can be timed out. The default value is 30 minutes of inactivity but you can specify otherwise in your web.config file:
< authentication mode="Forms">
<forms timeout="yourTimeInMinutes" />
< /authentication>
Cheers
HTH
Martin
"Situation normal - all fu***d up"
Illuminatus!
|
|
|
|
|
Thanks,Martin.
It works.
this is my signature for forums quoted from shog*9:
I can't help but feel, somewhere deep within that withered, bitter, scheming person, there is a small child, frightened, looking a way out.
|
|
|
|
|
I have done simple forms authentication and have put the username and password in the Web.config file. I tried to type in the path to Web.config in my browser to see if I could download it, I could not!
But when I read ASP.NET Step by Step they say it IS possible to download that file...
So... is the passwords safe in the Web.config file?
I will move over to a database soon as I learn how to add/remove/update a database, store the pass/usr names in Web.config file is not good anyway...!
Rickard Andersson@Suza Computing
C# and C++ programmer from SWEDEN!
UIN: 50302279
E-Mail: nikado@pc.nu
Speciality: I love C#, ASP.NET and C++!
|
|
|
|
|
It should be safe, since .CONFIG files are associated in IIS with "aspnet_isapi.dll" which does not allow donwloading them.
--
See me: www.magerquark.de
|
|
|
|
|
i want to pass some data to a textbox which is in a java class..can u tell me how to get the handle for the textbox...can u reply a bit faster...
|
|
|
|
|
Usually data is passed in the <PARAM ...> tags along with the <APPLET or <OBJECT tag.
MS quote (http://www.microsoft.com/ddk) : As of September 30, 2002, the Microsoft® Windows® 2000 DDK, the Microsoft Windows 98 DDK, and the Microsoft Windows NT® 4.0 DDK will no longer be available for purchase or download on this site.
|
|
|
|
|
Hello all, this is my login script but Im having trouble sending it to the "action="checklogin.aspx" page. I used to use ASP 3.0 and I think the concept of this may have changed and I'm overlooking something very simple Can anyone help the 2 pages are below:
login.aspx....
--------------------------------------------------
<script language="c#" runat="server">
void Page_Load()
{
welcomeNote.Text = "<center><b>Please enter your Username and Password to login to the GDCLTD Admin System:</b></center>";
}
</script>
<html>
<head>
<title>GDCLTD ASP.NET BETA</title>
</head>
<body>
<asp:label id="welcomeNote" runat="server" />
<br / >
<center><br /><br /><a href="index.asp"><img src="images/earthlogo.jpeg" height="230" width="194" alt="Global Development Consultancy Limited logo"border="0"></a></center>
<br /><br /><p><center><a href="http://www.gdcltd.net">http://www.gdcltd.net</a></center></p>
<br />
<center>
<form action="checklogin.asp" method="post" id="frmLogin" runat="server">
<asp:Table id="loginTable" border="1" width="25%" runat="server">
<asp:TableRow>
<asp:TableCell>
<center>
<br />
<br />
Username: <asp:textbox id="username" runat="server" size="18" runat="server"/>
<br />
Password: <asp:textbox id="password" runat="server" size="18" runat="server" />
</center>
<br />
<br />
<center>
<input type="Submit" Value="Login">
<input type="RESET">
</center>
<br />
<br />
</asp:TableCell>
</asp:TableRow>
</asp:Table>
</form>
</center>
</body>
</html>
------------------------------------------------
checklogin.aspx
------------------------------------------------
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.OleDb" %>
<script language="c#" runat="server">
void Page_Load()
{
string strConnection = "Provider=Microsoft.Jet.OleDb.4.0;";
strConnection += @"Data Source=C:\gdcltdDotNet\gdcltd.mdb";
string strUsername = Request.Form["username"]; //get username from login.aspx
string strPassword = Request.Form["password"]; //get password from login.aspx
string strSQL = "SELECT * FROM tbl_users WHERE username = '" + strUsername + "';";
//try and make connection
try
{
OleDbConnection objConn = new OleDbConnection(strConnection);
OleDbCommand objCommand = new OleDbCommand(strSQL, objConn);
OleDbDataReader objReader = null;
objConn.Open(); //open connection to database
objReader = objCommand.ExecuteReader();
while (objReader.Read() == true)
{
if(objReader["username"].ToString() == strUsername)
{
if(objReader["password"].ToString() == strPassword) // username and password match
{
Response.Write("Details correct");
}
}
}
objReader.Close();
objConn.Close();
}
catch(Exception e)
{
Response.Write(e.Message); //write error message
}
}
</script>
<html>
<body>
</body>
</html>
-------------------------------------------------
If anyone knows how this could be done better or used in one page or something, can you let me know as I'm just starting out in asp.net
-- modified 19-Aug-21 21:01pm.
|
|
|
|
|
If anyone knows how this could be done better or used in one page or something, can you let me know as I'm just starting out in asp.net
Hi,
You could just have one page to serve the purpose. This 'postback' feature, is actually the beauty of ASP.NET (in my opinion)
Here is a sample code in VB.NET. Sorry I'm not familiar with C#, but you could adapt the code easily.
<script runat="server">
Sub Page_Load(obj as Object, e as EventArgs)
'Put any code to execute here during page load
End Sub
Sub btnLogin_Click(obj as Object, e as EventArgs)
'Retrieve username and password using these codes
Dim strUserName as String
Dim strPassword as String
strUserName = txtUserName.Text
strPassword = txtPassword.Text
'Put your authentication code here, eg. access database
End Sub
</script>
<html>
<head>
<title>Login Page</title>
</head>
<body>
<form runat="server">
<p>User name: <asp:TextBox id="txtUserName" runat="server" />
<p>Password: <asp:TextBox id="txtPassword" textmode="password" runat="server" />
<p><asp:Button id="btnLogin" text="Login" onClick="btnLogin_Click"
runat="server" />
</form>
</body>
</html>
Enrico
|
|
|
|
|
I can't find IsPostBack in your code?
Rickard Andersson@Suza Computing
C# and C++ programmer from SWEDEN!
UIN: 50302279
E-Mail: nikado@pc.nu
Speciality: I love C#, ASP.NET and C++!
|
|
|
|
|
I have I did that got it working thanks though I agree it is a good feature
-- modified 19-Aug-21 21:01pm.
|
|
|
|
|
Hello all, this is my login script but Im having trouble sending it to the "action="checklogin.aspx" page. I used to use ASP 3.0 and I think the concept of this may have changed and I'm overlooking something very simple Can anyone help the 2 pages are below:
login.aspx....
--------------------------------------------------
void Page_Load()
{
welcomeNote.Text = "<center><b>Please enter your Username and Password to login to the GDCLTD Admin System:</b></center>";
}
<title>GDCLTD ASP.NET BETA
<asp:label id="welcomeNote" runat="server">
http://www.gdcltd.net
<asp:table id="loginTable" border="1" width="25%" runat="server">
<asp:tablerow>
<asp:tablecell>
Username: <asp:textbox id="username" runat="server" size="18">
Password: <asp:textbox id="password" runat="server" size="18">
-------------------------------------------------------------------
checklogin.aspx
--------------------------------------------------------------------
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.OleDb" %>
void Page_Load()
{
string strConnection = "Provider=Microsoft.Jet.OleDb.4.0;";
strConnection += @"Data Source=C:\gdcltdDotNet\gdcltd.mdb";
string strUsername = Request.Form["username"]; //get username from login.aspx
string strPassword = Request.Form["password"]; //get password from login.aspx
string strSQL = "SELECT * FROM tbl_users WHERE username = '" + strUsername + "';";
//try and make connection
try
{
OleDbConnection objConn = new OleDbConnection(strConnection);
OleDbCommand objCommand = new OleDbCommand(strSQL, objConn);
OleDbDataReader objReader = null;
objConn.Open(); //open connection to database
objReader = objCommand.ExecuteReader();
while (objReader.Read() == true)
{
if(objReader["username"].ToString() == strUsername)
{
if(objReader["password"].ToString() == strPassword) // username and password match
{
Response.Write("Details correct");
}
}
}
objReader.Close();
objConn.Close();
}
catch(Exception e)
{
Response.Write(e.Message); //write error message
}
}
--------------------------------------------------------------------------------------
If anyone knows how this could be done better or used in one page or something, can you let me know as I'm just starting out in asp.net
modified 19-Aug-21 21:01pm.
|
|
|
|
|
Hi,
I discovered a wierd asp.net problem yesterday, for some reason I can only view my asp.net pages on msnexplorer. This means that I can't debug or test my pages in IE6, the controls all come up but the code won't work. I tried reinstalling the framework but for some reason this won't work. Any help would be vastly apperciated.
Thanks
|
|
|
|
|
akula wrote:
the controls all come up but the code won't work
How does the code not work? Is it a client side browser error or an error on the server side?
Some more detaild would help us to help you
BTW I use IE6 and all my ASP.NET stuff works fine.
|
|
|
|
|
Sorry about that,
For example I just put a text box and a button on a form and write some code that makes the text box display hello. I complied that and attemped to debug it and start it without debuging, the IE window comes up and the textbox and button are there, but when I click the button it fails to change the text boxes text. I then tried to go to that directory by typing in localhost/webapplication1/webform1.aspx, this produced the same effect in IE. However, If I attempt to do that in MSNExplorer, the code works perfectly, and the text box contents change. On my old computer IE6 worked perfectly as well.
|
|
|
|
|
IE6 won't run the test samples either, it will only show the controls, but MSNExplore will run the samples, I really need it to get fixed so I can debug the app in the IDE.
Thanks,
John
|
|
|
|
|
Hi, everyone!
Please look at the following codes,
--------
--------
I want to guide user to view a new page (b.html) when
clicking button "B1". But the above codes do not work.
How to resolve the trouble?
Cheers,
George
|
|
|
|
|
George Ma wrote:
<input type="button" value="button" name="B1" onclick="b.html">
should be:
<input type="button" value="button" name="B1" onclick="javascript: window.location = 'b.html'">
Remember the onclick event just fires off the code assigned to it. It does not know how to actually handle things like b.html.
|
|
|
|
|
Thanks, Paul!
I have worked it out under your suggestions.
Cheers,
George
|
|
|
|
|
'replace' is a method of location, which takes the URL you want to load as a parameter. There is loads of this stuff in the Netscape online files (developer.netscape.com)
On a possibly interesting note, it can also be put into a javascript function - ie. Your button calls a validation function, which determines which fields have been populated. According to this information you choose to send the user to different URLs (location.replace) instead of either failing the form or submitting it.
HTH
The following statement about your geekness is true. The previous statement about your geekness is false.
GCS/IT/P d- s: a- C++++$ UL+>++++ P+ L++$ E- W+++$ N !o K+ w++$ O---- M--
PS- PE Y+ PGP--- t !5 X- tv b+++ DI++ D+ G++ e++ h--- r+++
|
|
|
|
|
Thanks, Megan!
Your codes works fine!
Cheers,
George
|
|
|
|
|
hi...
i am having a class which contains 2 listbox and one textbox..i want to send data to this textbox from another appln..so can u tell how to get the handle for the textbox alone..i don't have nuch knowldege in java...i am working in VC++
|
|
|
|
|
Hi, everyone!
How to use JSP or Javascript to get resolution rate
(for example, 800*600, 1024*768, ... )?
Cheers,
George
|
|
|
|