password = conn.Execute(“SELECT password FROM passwords WHERE username = '”&userform&"’")
//just finidng the password in my table where the username they entered is
If EnteredPassword=password Then
//trying to validate the password matched form table with one from form
ive got my connection and everything but how do i make my sql statement a variable which i can use in my if statement what i ahve setup there doesn’t seem to work please help thaanks in advance
userform = Request.QueryString(“user”)
EnteredPassword = Request.QueryString(“password”)
String = “SELECT * FROM passwords WHERE username =’”& userform &"’"
RecordSet = conn.Execute(String)
if not(RecordSet.EOF) then
[INDENT]RecordSet.MoveFirst()[/INDENT]
[INDENT]password = RecordSet.Fields.Item(“password”)[/INDENT]
[INDENT]If EnteredPassword=password Then[/INDENT]
[INDENT]’ *** logged in[/INDENT]
[INDENT]else[/INDENT]
[INDENT]’ *** wrong password[/INDENT]
[INDENT]end if [/INDENT]
end if
let me know how it goes :thumb:
[SIZE=1]EDIT: D**N!! I got confused the code above is in ASP cause your threads title says “Need help asp”. Think you meant asap. Anyway with just a few little changes this should still work[/SIZE]
basically says, if it is TRUE (not null) then “do this” you need this becuase it stops the code from running if there is no user with that username /password combination.
now, the “’ *** logged in” part of the code is where you would put your code to happen if the user is logged in, which would most likely involve creating a user session with variables such as “username” “password” “access level”
www.w3schools.com is a good place to learn asp. i taught myself and i have coded an entire forum before
