Investing Wisely in Your Web Site: msilogin.asp code



<!--#include file="globals.h" -->
<% fNoLogin = True %>
<!--#include file="login.inc" -->
<%
if Request("ID") <> "" And Request("Password") <> "" Then

UserID = Request("ID")
Password = Request("Password")

fValidUser = False
if (UserID <> "" and Password <> "") then
Set ado = Server.CreateObject("ADODB.Connection")
ado.ConnectionTimeout = 5 ' seconds to wait before timing out
on error resume next
ado.Open "InvSub", "Investor_Subscriber", ""
SQL = "Select UserID,Password,Status from tblSubscribers where UserId = " & SQLEncode(UserID)
Set rs = ado.Execute(SQL)
If Err.Number > 0 Then
Response.Write("SQL Error: " & Err.Number & "<br>")
Response.Write("Would have let user in")
Response.End
else
if Not (rs.BOF And rs.EOF) Then
rs.MoveFirst
Status = rs("Status")
if (UCase(UserID) = UCase(rs("UserID")) And Password = rs("Password")) then
fValidUser = True
end if
end if
End If
ado.Close
end if 

' Response.Write("fValidUser =" & fValidUser & "<br>")

if fValidUser Then
SaveTID UserID, Status

'save the users password if they want us to
If Request("SaveMe")="on" Then
'Save the User Name
Response.Cookies("SavedID")("ID")=UserID
Response.Cookies("SavedID")("Password")=Password
Response.Cookies("SavedID").Expires="December 31, 1999"
Response.Cookies("SavedID").Path="/"
Response.Cookies("SavedID").Secure=FALSE
else
Response.Cookies("SavedID")("ID")=""
Response.Cookies("SavedID")("Password")=""
Response.Cookies("SavedID").Expires="December 31, 1997"
Response.Cookies("SavedID").Path="/"
Response.Cookies("SavedID").Secure=FALSE
End If

Response.Redirect "logrdir.asp?Page=" & Server.URLEncode(Request("Page")) & "&Query=" & Server.URLEncode(Request("Query")) & "&UserID=" & UserID
end if
end if

'Check for cookies
If UserID="" and Password="" Then
UserID=Request.Cookies("SavedID")("ID")
Password=Request.Cookies("SavedID")("Password")
if UserID<>"" And Password<>"" then 
SavedIDCheckBox = "CHECKED"
else
SavedIDCheckBox = ""
end if
End If

If Request.Cookies("SavedID")("ID")<>"" And Request.Cookies("SavedID")("Password")<>"" then
SavedIDCheckBox = "CHECKED"
else
SavedIDCheckBox = ""
end if
%><HTML>
<TITLE>Microsoft Investor: Sign In</TITLE>
<HEAD>
<!--#include file = "../common/tocstyle.css" -->
</HEAD>
<BODY TOPMARGIN=0 LEFTMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0 BGCOLOR=WHITE TEXT=BLACK LINK=<% =LinkColor %> ALINK=<% =ALinkColor %> VLINK=<% =VLinkColor %>>
<% DoTopNavBar "", "general"%>
<TABLE WIDTH=100% BORDER=0 CELLSPACING=15 CELLPADDING=0>
<TR VALIGN=TOP>
<TD WIDTH="100%">
<FORM METHOD="POST" ACTION="login.asp" NAME="LogIn">
<CENTER>
<TABLE CELLSPACING=0 BORDER=0 WIDTH=70%>
<TR>
<TD></TD>
<TD>
<% =Heading1 %>Microsoft Investor Sign In<% =EndHeading1 %><BR>
</TD>
</TR><TR>
<TD> </TD><TD></TD>
</TR><TR>
<TD></TD><TD>
<% =Normal %><B>You've requested access to one of Investor's subscription features.</B> If you are already an Investor subscriber, please login below.<% =endNormal %></TD>
</TR><TR>
<TD> </TD><TD></TD>
</TR><TR>
<TD></TD><TD><TABLE BORDER=0><TR>
<TD ALIGN=RIGHT NOWRAP>
<TABLE WIDTH=100% BORDER=0>
<TR><TD ALIGN=RIGHT NOWRAP><% =Normal %>User Name<% =EndNormal %></TD><TD>
<INPUT TYPE=TEXT SIZE=20 MAXLENGTH=32 NAME="ID" VALUE="<%=UserID%>"><br></TR></TD>
<TR><TD ALIGN=RIGHT NOWRAP><% =Normal %>Password<% =EndNormal %></TD><TD>
<INPUT TYPE=PASSWORD SIZE=20 MAXLENGTH=32 NAME="Password" VALUE="<%=Password%>"></TR></TD>
</TABLE>
</TD>
<TD VALIGN=CENTER>
<% if fValidUser = False And Request("REQUEST_METHOD") = "POST" And Request("ID") <> "" Then %>
<% =NormalRed %>Invalid User Name or Password<% =endNormalRed %>
<% end if %>
</TD>
</TR></TABLE></TD>
</TR><TR>
<TD></TD><TD>
<INPUT TYPE=CHECKBOX NAME="SaveMe" <%=SavedIDCheckBox%>><% =Normal %>Save my password on my computer.
<A HREF="#MOREINFO">More info</A> on saving your password.<% =EndNormal %><P>
<INPUT TYPE=SUBMIT VALUE="Continue"><BR>
<INPUT TYPE=HIDDEN NAME="Query" VALUE="<% =Request("Query") %>">
<INPUT TYPE=HIDDEN NAME="Page" VALUE="<% =Request("Page") %>">
</TD>
</TR><TR><TD></TD><TD>
<BR>
<TABLE BORDER=0 WIDTH=100% CELLSPACING=0 CELLPADDING=0><TR><TD WIDTH=45% VALIGN=TOP>
<A HREF="<% =SSLAppRoot %>/secure/signup/free.asp"><% =Headingl3 %>Need a New Account?<% =EndHeading3 %><BR>
<% =Normal %>Click here</A> to sign up for an Investor subscription. The first 30 days are FREE!<% =EndNormal %>
</TD><TD WIDTH=10%></TD><TD VALIGN=TOP>
<A HREF="<% =SSLAppRoot %>/secure/members/findpass.asp"><% =HeadingL3 %>Lost Password?<% =endHeading3 %><BR>
<% =Normal %>Click here</A> to retrieve your password<% =EndNormal %><BR>
</TD></TR></TABLE>
<BR> <BR>
</TR><TR><TD></TD><TD>
<BR>
<% =smallprompt %>
<A NAME="MOREINFO">Saving your password on your computer allows Investor to recognize you and move you directly into the site without asking you to enter your password. It is important to be aware, however, that anyone with access to the computer you are using will have the ability to sign in on your account. You will be able to turn off this option any time you wish.</A>
<% =Endsmallprompt %>
</TD>
</TR>
</TABLE>
</CENTER>
</FORM>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>