Forums
This topic is locked
Password Validation
Posted 22 May 2006 21:51:30
1
has voted
22 May 2006 21:51:30 Gareth Tannatt Nash posted:
Hi Guys,I'm building an ASP JS page (Password Change) where i need a user to enter their new password into two fields before it posts the data to the server. I've attached the code below -
It's clearly not Working !!! Any ideas please?
<%@LANGUAGE="JAVASCRIPT" CODEPAGE="1252"%>
<!--#include file="Connections/recruta.asp" -->
<%
// *** Edit Operations: declare variables
// set the form action variable
var MM_editAction = Request.ServerVariables("SCRIPT_NAME"
;if (Request.QueryString) {
MM_editAction += "?" + Server.HTMLEncode(Request.QueryString);
}
// boolean to abort record edit
var MM_abortEdit = false;
// query string to execute
var MM_editQuery = "";
%>
<%
// *** Update Record: set variables
if (String(Request("MM_update"
) == "test" &&String(Request("MM_recordId"
) != "undefined" {var MM_editConnection = MM_recruta_STRING;
var MM_editTable = "dbo.Employee";
var MM_editColumn = "EmplyeeID";
var MM_recordId = "" + Request.Form("MM_recordId"
+ "";var MM_editRedirectUrl = "passwordchanged.asp";
var MM_fieldsStr = "Password1|value";
var MM_columnsStr = "EmployeePassword|',none,''";
// create the MM_fields and MM_columns arrays
var MM_fields = MM_fieldsStr.split("|"
;var MM_columns = MM_columnsStr.split("|"
;// set the form values
for (var i=0; i+1 < MM_fields.length; i+=2) {
MM_fields[i+1] = String(Request.Form(MM_fields[i]));
}
// append the query string to the redirect URL
if (MM_editRedirectUrl && Request.QueryString && Request.QueryString.Count > 0) {
MM_editRedirectUrl += ((MM_editRedirectUrl.indexOf('?') == -1)?"?":"&"
+ Request.QueryString;}
}
%>
<%
// *** Update Record: construct a sql update statement and execute it
if (String(Request("MM_update"
) != "undefined" &&String(Request("MM_recordId"
) != "undefined" {// create the sql update statement
MM_editQuery = "update " + MM_editTable + " set ";
for (var i=0; i+1 < MM_fields.length; i+=2) {
var formVal = MM_fields[i+1];
var MM_typesArray = MM_columns[i+1].split(","
;var delim = (MM_typesArray[0] != "none"
? MM_typesArray[0] : "";var altVal = (MM_typesArray[1] != "none"
? MM_typesArray[1] : "";var emptyVal = (MM_typesArray[2] != "none"
? MM_typesArray[2] : "";if (formVal == "" || formVal == "undefined"
{formVal = emptyVal;
} else {
if (altVal != ""
{formVal = altVal;
} else if (delim == "'"
{ // escape quotesformVal = "'" + formVal.replace(/'/g,"''"
+ "'";} else {
formVal = delim + formVal + delim;
}
}
MM_editQuery += ((i != 0) ? "," : ""
+ MM_columns[i] + " = " + formVal;}
MM_editQuery += " where " + MM_editColumn + " = " + MM_recordId;
if (!MM_abortEdit) {
// execute the update
var MM_editCmd = Server.CreateObject('ADODB.Command');
MM_editCmd.ActiveConnection = MM_editConnection;
MM_editCmd.CommandText = MM_editQuery;
MM_editCmd.Execute();
MM_editCmd.ActiveConnection.Close();
if (MM_editRedirectUrl) {
Response.Redirect(MM_editRedirectUrl);
}
}
}
%>
<%
var accessright__MMColParam = "0";
if (String(Session("EMPLOYEEID"
) != "undefined" && String(Session("EMPLOYEEID"
) != "" { accessright__MMColParam = String(Session("EMPLOYEEID"
);}
%>
<%
var accessright__MMColParam1 = "0";
if (String(Session("EMPLOYERID"
) != "undefined" && String(Session("EMPLOYERID"
) != "" { accessright__MMColParam1 = String(Session("EMPLOYERID"
);}
%>
<%
var accessright = Server.CreateObject("ADODB.Recordset"
;accessright.ActiveConnection = MM_recruta_STRING;
accessright.Source = "SELECT EmplyeeID, EmployerID FROM dbo.Employee WHERE EmplyeeID = '"+ accessright__MMColParam.replace(/'/g, "''"
+ "' AND EmployerID = '"+ accessright__MMColParam1.replace(/'/g, "''" + "'";accessright.CursorType = 0;
accessright.CursorLocation = 2;
accessright.LockType = 1;
accessright.Open();
var accessright_numRows = 0;
%>
<%
var ADMINACCESS__MMColParam = "0";
if (String(Session("EMPLOYEEID"
) != "undefined" && String(Session("EMPLOYEEID"
) != "" { ADMINACCESS__MMColParam = String(Session("EMPLOYEEID"
);}
%>
<%
var ADMINACCESS = Server.CreateObject("ADODB.Recordset"
;ADMINACCESS.ActiveConnection = MM_recruta_STRING;
ADMINACCESS.Source = "SELECT EmplyeeID, EmployeeLevel FROM dbo.Employee WHERE EmplyeeID = '"+ ADMINACCESS__MMColParam.replace(/'/g, "''"
+ "' AND EmployeeLevel = 'admin'";ADMINACCESS.CursorType = 0;
ADMINACCESS.CursorLocation = 2;
ADMINACCESS.LockType = 1;
ADMINACCESS.Open();
var ADMINACCESS_numRows = 0;
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>New Password</title>
<style type="text/css">
<!--
@import url("textstylesheet.css"
;.style7 {font-size: 10px; font-weight: bold; }
.style2 {font-size: 10px;
font-style: italic;
color: #666666;
}
.style8 { font-size: 10px;
color: #333333;
}
.style9 {
font-size: 16px;
font-weight: bold;
}
-->
</style>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_swapImgRestore() { //v3.0
var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
if (a[i].indexOf("#"
!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}}
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"
)>0&&parent.frames.length) {d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
//-->
</script>
<meta http-equiv="refresh" content="630;URL=relogin.asp">
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_reloadPage(init) { //reloads the window if Nav4 resized
if (init==true) with (navigator) {if ((appName=="Netscape"
&&(parseInt(appVersion)==4)) {document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
}
MM_reloadPage(true);
//-->
</script>
</head>
<body onLoad="MM_preloadImages('Images/useradmin2.jpg','Images/postajob2.jpg','Images/logout2.jpg')">
<script>
//Double-enter form element script- by Jon Caws
//Visit JavaScript Kit (www.javascriptkit.com) for script
//Credit must stay intact for use
var fieldalias="Email address field"
function verify(element1, element2){
var passed=false
if (element1.value==''){
alert("Please fill out the "+Password1+"!"
element1.focus()
}
else if (element2.value==''){
alert("Please verify the "+Password2+"!"
element2.focus()
}
else if (element1.value!=element2.value){
alert("The two "+Password Fields+"s do not match"
element1.select()
}
else
passed=true
return passed
}
</script>
<!--Replace "emailone" and "emailtwo" with name of the two associated fields-->
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" class="textstyle">
<% if (!accessright.EOF || !accessright.BOF) { %>
<tr>
<td height="68" bgcolor="#CCCCCC"><div align="center">
<table width="600" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="204"><a href="clientindex.asp"><img src="Images/logo.jpg" alt="" name="Logo" width="204" height="68" border="0"></a></td>
<td width="15"><img src="Images/greyspacer2.jpg" width="15" height="15"></td>
<td width="381"><table width="381" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td><table width="365" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="Images/greyspacer.jpg" width="8" height="8"></td>
</tr>
<tr>
<td><table width="365" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="267"><div align="right" class="style7"><%= Session("EMPLOYEENAME"
%></div></td><td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="90"><span class="style7">you are logged in </span></td>
</tr>
</table></td>
</tr>
<tr>
<td><img src="Images/greyspacer.jpg" width="8" height="8"></td>
</tr>
<tr>
<td><table width="365" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="85"><div align="right">
<% if (!ADMINACCESS.EOF || !ADMINACCESS.BOF) { %>
<table width="85" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><a href="administration.asp" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('administration','','Images/useradmin2.jpg',1)"><img src="Images/useradmin.jpg" alt="User Administration" name="administration" width="85" height="18" border="0"></a></td>
</tr>
</table>
<% } // end !ADMINACCESS.EOF || !ADMINACCESS.BOF %>
</div></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="85"><div align="right">
<table width="85" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><a href="newvacancy.asp" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('postajob','','Images/postajob2.jpg',1)"><img src="Images/postajob.jpg" alt="Post a Vacancy" name="postajob" width="85" height="18" border="0"></a></td>
</tr>
</table>
</div></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="85"><div align="right">
</div></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="85"><div align="right">
<table width="85" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><a href="logout.asp" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('logout','','Images/logout2.jpg',1)"><img src="Images/logout.jpg" alt="log out" name="logout" width="85" height="18" border="0"></a></td>
</tr>
</table>
</div></td>
</tr>
</table></td>
</tr>
</table></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
</tr>
<tr>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
</tr>
</table></td>
</tr>
</table>
</div></td>
</tr>
<tr>
<td height="8"><div align="center"><img src="Images/spacer1.jpg" width="8" height="8"></div></td>
</tr>
<tr>
<td valign="top"><div align="center">
<table width="610" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="5"><img src="Images/spacer1.jpg" width="5" height="450"></td>
<td width="600" align="center" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td> </td>
</tr>
<tr>
<td><div align="left"><span class="style9">Change Password </span></div></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td bgcolor="#000066"><img src="Images/tinyspacer.jpg" width="2" height="2"></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><form ACTION="<%=MM_editAction%>" METHOD="POST" name=test onSubmit="return verify(this.Password1, this.Password2)">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="75" align="left" class="textstyle"><div align="left">New Password </div></td>
<td width="8"><img src="Images/spacer1.jpg" width="8" height="8"></td>
<td align="left" valign="middle"><div align="left">
<input type="text" name="Password1">
</div></td>
</tr>
<tr>
<td width="75" align="left" class="textstyle"><div align="left"><img src="Images/spacer1.jpg" width="8" height="8"></div></td>
<td width="8"><img src="Images/spacer1.jpg" width="8" height="8"></td>
<td align="left" valign="middle"><div align="left"><img src="Images/spacer1.jpg" width="8" height="8"></div></td>
</tr>
<tr>
<td width="75" align="left" class="textstyle"><div align="left">Confirm New Password </div></td>
<td width="8"><img src="Images/spacer1.jpg" width="8" height="8"></td>
<td align="left" valign="middle"><div align="left">
<input type="text" name="Password2">
</div></td>
</tr>
<tr>
<td width="75" align="left" class="textstyle"><div align="left"><img src="Images/spacer1.jpg" width="8" height="8"></div></td>
<td width="8"><img src="Images/spacer1.jpg" width="8" height="8"></td>
<td><img src="Images/spacer1.jpg" width="8" height="8"></td>
</tr>
<tr>
<td width="75" align="left" class="textstyle"><div align="left"></div></td>
<td width="8"><img src="Images/spacer1.jpg" width="8" height="8"></td>
<td> </td>
</tr>
<tr>
<td width="75" align="left" class="textstyle"><div align="left"></div></td>
<td width="8"><img src="Images/spacer1.jpg" width="8" height="8"></td>
<td><div align="left">
<table width="150" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><div align="right">
<input type="submit" value="submit">
</div></td>
</tr>
</table>
</div></td>
</tr>
</table>
<input type="hidden" name="MM_update" value="test">
<input type="hidden" name="MM_recordId" value="<%= accessright.Fields.Item("EmplyeeID"
.Value %>"></form></td>
</tr>
<tr>
<td><br></td>
</tr>
</table></td>
<td width="5"><img src="Images/spacer1.jpg" width="5" height="300"></td>
</tr>
</table>
</div></td>
</tr>
<tr>
<td height="8"><div align="center"><img src="Images/spacer1.jpg" width="8" height="8"></div></td>
</tr>
<tr>
<td height="50" bgcolor="#CCCCCC"><div align="center">
<table width="600" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
</tr>
<tr>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="387"><div align="center">
<table width="387" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><div align="center"><strong><font color="#333399" size="1" face="Arial, Helvetica, sans-serif">bbbb | bbbbb | bbbbb | bbbb | <a href="UserManual.pdf" target="_blank">User Manual </a></font></strong></div></td>
</tr>
<tr>
<td><div align="center"><img src="Images/greyspacer.jpg" width="8" height="8"></div></td>
</tr>
<tr>
<td><div align="center" class="style8">Copyright 2006 Recruta Ltd </div></td>
</tr>
</table>
<strong><font color="#333399" size="1" face="Arial, Helvetica, sans-serif"> </font></strong></div></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="90" valign="bottom"><div align="right"><span class="style2">Powered By -</span></div></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="91"><a href="www.recruta.co.uk/" target="_blank"><img src="Images/Copyright.jpg" width="91" height="47" border="0"></a></td>
</tr>
</table></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
</tr>
<tr>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td><img src="Images/greyspacer.jpg" width="8" height="8"></td>
<td width="8"><img src="Images/greyspacer.jpg" width="8" height="8"></td>
</tr>
</table></td>
</tr>
</table>
</div></td>
</tr>
<% } // end !accessright.EOF || !accessright.BOF %>
<% if (accessright.EOF && accessright.BOF) { %>
<tr>
<td><div align="center">
<table width="600" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><div align="center"><strong>Access Denied </strong></div></td>
</tr>
</table>
</div></td>
</tr>
<% } // end accessright.EOF && accessright.BOF %>
</table>
</body>
</html>
<%
accessright.Close();
%>
<%
ADMINACCESS.Close();
%>
Replies
Replied 23 May 2006 06:57:12
23 May 2006 06:57:12 micah santos replied:
why not validate those two fields in ASP? then, if both doesn't match, insert a message in a session variable and pass it on the password change form.