Ok guys I have been working on this for hours and I still cant figure out what the problem is. So here is my setup
web.config
<appSettings>
<add key="strConn" value="Provider = Microsoft.Jet.OLEDB.4.0;Data Source=C:\Documents and Settings\Administrator\My Documents\tke\bin\Database.mdb;User ID=Admin;Password=;" />
</appSettings>
<authentication mode="Forms">
<forms name="DBLogin" loginUrl="login.aspx" />
</authentication>
Each user has a unique "Scroll #" so my access procedure looks like this. If I run this procedure within access it does return the appropiate value.
SELECT scroll_numb
FROM tbl_alumni_login
WHERE (((username)=[@UserName]) AND ((Password)=[@Password]));
and the table "tbl_alumni_login" has 3 columns 1.scroll_numb 2. username 3. password
login.aspx Database connection "Pretty much just like you have yours"
Function DBConnection(ByVal strUserName As String, ByVal strPassword As String) As Boolean
Dim MyConn As OleDbConnection = New OleDbConnection(ConfigurationSettings.AppSettings("strConn"))
Dim MyCmd As New OleDbCommand("sp_alumni_login", MyConn)
MyCmd.CommandType = CommandType.StoredProcedure
Dim objParam1, objParam2 As OleDbParameter
objParam1 = MyCmd.Parameters.Add("@UserName", OleDbType.Char)
objParam2 = MyCmd.Parameters.Add("@Password", OleDbType.Char)
objParam1.Direction = ParameterDirection.Input
objParam2.Direction = ParameterDirection.Input
objParam1.Value = txtUserName.Text
objParam2.Value = txtPassword.Text
Try
If MyConn.State = ConnectionState.Closed Then
MyConn.Open()
End If
Dim objReader As OleDbDataReader
objReader = MyCmd.ExecuteReader(CommandBehavior.CloseConnection)
While objReader.Read()
If CStr(objReader.GetValue(0)) <> "1" Then
lblMessage.Text = "Invalid Login!"
Else
objReader.Close()
Return True
End If
End While
Catch ex As Exception
lblMessage.Text = "Error Connecting to Database!"
End Try
End Function
login.aspx submit button "Same as yours as well"
If Page.IsValid Then
Dim intMaxLoginAttempts = CInt(Session("Num_of_Tries"))
If DBConnection(txtUserName.Text.Trim(), txtPassword.Text.Trim()) Then
Session("Logged_IN") = "Yes"
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, False)
Else
lblMessage.Text = "Invalid Login!"
Session("LoginCount") = CInt(Session("LoginCount")) + 1
If Session("LoginCount").Equals(intMaxLoginAttempts) Then
Response.Redirect("Denied.aspx")
End If
If CInt(Session("Num_of_Tries")) > 2 Then
Response.Redirect("Denied.aspx")
End If
End If
End If
default.aspx load event as well for all the other forms I have
Response.Cache.SetCacheability(HttpCacheability.NoCache)
If Session("Logged_IN").Equals("No") Then
Response.Redirect("login.aspx")
End If
global.asax session start "Same as yours again"
Session("Num_of_Tries") = 3
Session("LoginCount") = 0
Session("Logged_IN") = "No"
So I think my problem is within the parameter Session("Logged_IN") = "Yes" passed into global.asax. Because everytime I have the code for the default.aspx load event in there it just automatically redirects me straight back to the login page with no "Invalid input" message. However if I enter a completely wrong username and password and get redirected to denied.aspx then go back and put in the correct username and pass I get redirected to the default page, even if the logged in check is in the page load.
If I do get directed to the default page and then start navigating within my application between different pages it will kick me back out to the login page.
I dont know what I have wrong but if you all could help me out it would be greatly appreciated.
Miller
