navcan
Posts: 61
|
| Posted: 02/06/2004, 5:44 AM |
|
 Hello again,
I am using CC 2.0 (ASP with Templates and Access Database). Is it possible to have Remember Me check box next to Login ID and Password Fields on login Page. Once the user click on checkbox, the application retains login id and/or password in cookies, so frequest users don't have to type their login ID and password next time when they want to use the application.
A function similar to hotmail login page where we have two check boxes, one for "Sign me in automatically" and the other one is for "Do not remember my e-mail address for future sign-in. (Select this when using a public computer.)"
Any help would be great. Thanks. 
|
 |
 |
Nicole
Posts: 586
|
| Posted: 02/18/2004, 6:17 AM |
|
Hello,
I think you can use IP for user identification because cookies may also expire.
Store user_ip in users table with rest users information like user_id, login, etc. Then create Custom Login action for login form, obtain generated code and modify it. Retrieve user by comparing IP stored in table with IP of logging user (use Request.ServerVariables("REMOTE_ADDR") to retrieve IP)
_________________
Regards,
Nicole |
|
|
|
Stuart
|
| Posted: 02/23/2004, 3:18 PM |
|
Nicole:
IP addresses change too!
The best bet is to store that username in a cookie with a flag set to say that person has logged in successfully previously, and that they wish to log in automatically.
Do NOT save the username/password combination in a cookie. There's no need for it.
Stu
|
|
|
|
Desiree
|
| Posted: 02/27/2004, 8:01 PM |
|
How do I do the cookie combination??
|
|
|
|
Karsten
|
| Posted: 09/07/2004, 1:49 AM |
|
if you save the username and only a flag of a succesful previous login,
your site is been hacked
faster then light. anyone can write himself a cookie then username/logmein =
true
its better to store the password as a md5 hash into the cookie along with
the username for example.
there are ways to have extreme security with md5 hash (i.e add a 200 char
big prefix and hash it along with the real password)
however, i would not use just a "positive/negative" flag, its a serious
security hole
Karsten from Gemany
|
|
|
|
Abizaga
|
| Posted: 01/04/2005, 10:37 AM |
|
I need a code for a chechbox. Thats all
|
|
|
|
Rod
|
| Posted: 02/13/2005, 10:14 AM |
|
String userid = request.getParameter("userid");
String password = request.getParameter("password");
String checkbox = request.getParameter("saveUserId");
if (userid != null && password != null && userid.equals("rod") && password.equals("test")) {
Cookie c1 = new Cookie("userid", "rod");
Cookie c2 = new Cookie("password", "test");
//CHECKBOX cb = new CHECKBOX("saveUserId", "true");
c1.setMaxAge(1000);
c2.setMaxAge(1000);
response.addCookie(c1);
response.addCookie(c2);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
response.sendRedirect("Welcome");
}
else {
sendLoginForm(response, true);
}
|
|
|
|
Rod
|
| Posted: 02/13/2005, 10:16 AM |
|
Quote Rod:
String userid = request.getParameter("userid");
String password = request.getParameter("password");
String checkbox = request.getParameter("saveUserId");
if (userid != null && password != null && userid.equals("rod") && password.equals("test")) {
Cookie c1 = new Cookie("userid", "rod");
Cookie c2 = new Cookie("password", "test");
//CHECKBOX cb = new CHECKBOX("saveUserId", "true");
c1.setMaxAge(1000);
c2.setMaxAge(1000);
response.addCookie(c1);
response.addCookie(c2);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
response.sendRedirect("Welcome");
}
else {
sendLoginForm(response, true);
}
let me know if you find the code for the checkbox because I'm looking for one too ;) later
|
|
|
|
Gabriel
|
| Posted: 04/11/2005, 3:54 PM |
|
Hey how can i get the status for the checkbox object? what does it return? boolean? String? if it is.. what are the 2 posible values for the string..
Thx...
|
|
|
|
Sara
|
| Posted: 05/25/2005, 11:11 AM |
|
I need this code and i use JSP not ASP, but i don not know where should i put it, is it a java code or it is a JSP file? should i save it under webapps folder or under the classes if it's java class?
Help me please...
|
|
|
|
jyoti
|
| Posted: 07/08/2005, 12:21 AM |
|
too good...but i want to know the return type of checkbox value
Jyoti
|
|
|
|
Yashvanth
|
| Posted: 07/14/2005, 10:58 PM |
|
 Jyothi if u want to know the checkbox value is null or present u can use getparameter .... that serve ur need, otherwise come back with more inputs for this issue..Enjoy
|
|
|
|
Yashvanth
|
| Posted: 07/14/2005, 11:33 PM |
|
Sara if it is a java class file save it in classes
example say I have enjoy.class file save it in
\webapps\ROOT\WEB-INF\classes
folder by created a new folder like
New
that is u have enjoy.class inside New folder which is at classes
and at the jsp page import it like
import New.enjoy.class; or import. New.*;
|
|
|
|
divs
|
| Posted: 07/27/2005, 6:48 AM |
|
pls suggest me a code for dynamic generation of checkboxes during the retrieval of data from the database using jsps
urgent pls
|
|
|
|
Adil
|
| Posted: 08/01/2005, 4:42 AM |
|
i use this code, but is in Php...
database
CREATE TABLE users (
username varchar(30),
password varchar(32));
database.php
<?
/**
* Connect to the mysql database.
*/
$conn = mysql_connect("localhost", "your_username", "your_password") or die(mysql_error());
mysql_select_db('your_database', $conn) or die(mysql_error());
?>
register.php
<?
session_start();
include("database.php");
/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
}
/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password){
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password')";
return mysql_query($q,$conn);
}
/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
$uname = $_SESSION['reguname'];
if($_SESSION['regresult']){
?>
<h1>Registered!</h1>
<p>Thank you <b><? echo $uname; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>
<?
}
else{
?>
<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>
<?
}
unset($_SESSION['reguname']);
unset($_SESSION['registered']);
unset($_SESSION['regresult']);
}
if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>
<html>
<title>Registration Page</title>
<body>
<? displayStatus(); ?>
</body>
</html>
<?
return;
}
/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
/* Make sure all fields were entered */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Check if username is already in use */
if(usernameTaken($_POST['user'])){
$use = $_POST['user'];
die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}
/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>
<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>
<?
}
?>
login.php
<?
/**
* Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */
$q = "select password from users where username = '$username'";
$result = mysql_query($q,$conn);
if(!$result || (mysql_numrows($result) < 1)){
return 1; //Indicates username failure
}
/* Retrieve password from result, strip slashes */
$dbarray = mysql_fetch_array($result);
$dbarray['password'] = stripslashes($dbarray['password']);
$password = stripslashes($password);
/* Validate that password is correct */
if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}
/**
* checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}
/**
* Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}
else{
?>
<h1>Login</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
<?
}
}
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Checks that username is in database and password is correct */
$md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */
if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}
/* Username and password correct, register session variables */
$_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/**
* This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();
?>
Best regards Adil
|
|
|
|
Adil
|
| Posted: 08/01/2005, 4:42 AM |
|
logout.php
<?
session_start();
include("database.php");
include("login.php");
/**
* Delete cookies - the time must be in the past,
* so just negate what you added when creating the
* cookie.
*/
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
setcookie("cookname", "", time()-60*60*24*100, "/");
setcookie("cookpass", "", time()-60*60*24*100, "/");
}
?>
<html>
<title>Logging Out</title>
<body>
<?
if(!$logged_in){
echo "<h1>Error!</h1>\n";
echo "You are not currently logged in, logout failed. Back to <a href=\"main.php\">main</a>";
}
else{
/* Kill session variables */
unset($_SESSION['username']);
unset($_SESSION['password']);
$_SESSION = array(); // reset session array
session_destroy(); // destroy session.
echo "<h1>Logged Out</h1>\n";
echo "You have successfully <b>logged out</b>. Back to <a href=\"main.php\">main</a>";
}
?>
</body>
</html>
I hope you were able to learn something from this script, and if you choose to use my script on your site, I hope you enjoy it. Good luck programming!
|
|
|
|
ming
|
| Posted: 08/23/2005, 8:28 PM |
|
Does getParameter only return a string in JSP? I need make a function when I tick one checkbox, then this checkbox and the sentence(I call it a task) behind it will disappear, and you will get a new page which maintain those taskes haven't been ticked. I tried to set status for both ticked and unticked taskes in the database. e.g. statu = 1 will be ticked task, statu = 0 will be unticked. Then when I tick the checkbox, its statu will be changed, and use forward command to reload the current page. however, I don't know how to use getParameter to change the status, or should i use other command? Help me, please!!!
|
|
|
|
|
