Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 Redirect error		  New Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

GPCasali
Starting Member

Australia
8 Posts
Posted - 21 March 2013 :  00:22:53  Show Profile  Reply with Quote
Hi there.

New here, so bear with my total noobness...

Have posted on the mail sub forum for guidance on a unrelated issue, but here goes a little intro.

I have recently transferred our non-profit association's web site and connected forum to a new hosting company.

The first issue I encountered was an incorrect pointer, as the main site address was returning a 500 Error; luckily, that was overcome by including "login.asp" in the list of server acceptable starting pages.

So at least now members can access directly our log in page:





The issue is this: once they have inputted their name and password and hit the "log in" radio button, they get a 500 error:





Now, the interesting part is that, if you click the cursor on the address bar, next to ".asp" and hit enter on the keyboard, you get in! Nothing else works, not F5, nor reload or going back and trying again, only pressing "enter" on the keyboard!

The good news is that the authentication system works: I have tried using incorrect credentials and it will not allow access, unless you are indeed a registered member.

But for the love of God I cannot figure out why the initial redirect does not work.

Can anyone please lend a hand?

Keep in mind I have extremely limited knowledge and understanding of ASP code: I can see the arguments and try to follow these, but get lost with all the <> "" I encounter, so cannot really troubleshoot.

Here is the code from "xxxxx_login.asp"


<!--#INCLUDE virtual="/forum/config.asp"-->
<!--#INCLUDE virtual="/forum/inc_sha256.asp"-->

<%
fName = request.form("frmUserID")
Session.Timeout = 60
set my_Conn = Server.CreateObject("ADODB.Connection")
my_conn.mode = 3 ' adModeReadWrite
my_Conn.Open strConnString
%><!--#INCLUDE virtual="/forum/inc_func_common.asp" --><BASE TARGET="_top"><%

fPassword = ChkString(Request.Form("Password"), "SQLString")
RequestMethod = Request.ServerVariables("Request_Method")

if RequestMethod = "POST" Then
	strEncodedPassword = sha256("" & fPassword)
	select case chkUser(fName, strEncodedPassword,-1)
		case 1, 2, 3, 4
			Call MyCookies(request.form("savepassword"))
			strLoginStatus = 1
		case else
			strLoginStatus = 0
	end select

	if strLoginStatus = 1 then
		Session("AuthStatus")="XXXXX_OK"
		Session("Name")= ucase(request.form("frmUserID"))
		call LoginDatabaseEntry
		if session("id") <> "" then
			response.redirect("/online_forms/suggestion.asp?id=" & session("id"))
		else
			response.redirect("main_menu.asp")
		end if
		Response.End
	else
		'user is not authorised
		Session("AuthStatus")="Login Error"
		call LoginDatabaseEntry		
		response.redirect("login_failure.htm")
	end if
elseif Session("AuthStatus") <> "XXXXX_OK" then
	'user has not yet logged in
	
	'check for existing cookie
	
	if Request.Cookies("Snitz00User")("Name") <> "" then
		strEncodedPassword = Request.Cookies("Snitz00User")("Pword")
		select case chkUser(Request.Cookies("Snitz00User")("Name"), strEncodedPassword,-1)
		case 1, 2, 3, 4
			strLoginStatus = 1
		case else
			strLoginStatus = 0
		end select

		if strLoginStatus = 1 then
			Session("AuthStatus")="XXXXX_OK"
			Session("Name")= ucase(Request.Cookies("Snitz00User")("Name"))
			call LoginDatabaseEntry
		if session("id") <> "" then
			response.redirect("/online_forms/suggestion.asp?id=" & session("id"))
		else
			response.redirect("main_menu.asp")
		end if
			Response.End
		else
			'user is not authorised
			if Request.querystring("id") <> "" then
				session("id") = Request.querystring("id")
				response.redirect("main_menu.asp?id=" & Request.querystring("id"))
			else
				response.redirect("login.asp")
			end if
		end if
	else	
		if Request.querystring("id") <> "" then
			session("id") = Request.querystring("id")
			response.redirect("login.asp?id=" & Request.querystring("id"))
		else
			response.redirect("default.asp")
		end if
	end if
else
	'user has previously logged in	
end if



Sub LoginDatabaseEntry					
Set DNS = CreateObject("TCPIP.DNS")
on error resume next
host = DNS.GetHostByIP(Request.ServerVariables("REMOTE_ADDR"))
if host <> "" then
 useripaddress=host
else
end if

examday = day(now)
exammonth = month(now)
examyear = year(now)
examhour = Hour(now)
examminute = minute(now)
if examminute < 10 then
	examdate = examday & "/" & exammonth & "/" & examyear & " " & examhour & ":0" & examminute
else
	examdate = examday & "/" & exammonth & "/" & examyear & " " & examhour & ":" & examminute
end if

		UserUserID          = _
		  CStr (request.form("frmUserID"))
		 if UserUserID = "" then UserUserID = ucase(Request.Cookies("Snitz00User")("Name"))
		UserPage    = _
		  "XXXXX"
		UserLoginStatus    = _
		  CStr (Session("AuthStatus"))
		UserDate    = _
		  CStr (examdate)

  		if userIPAddress = "" then
  			UserIPAddress       = _
    		  	  CStr (Request.ServerVariables("REMOTE_HOST"))
  		else
  		end if

		set objbrowser = server.createobject("MSWC.BrowserType")
		UserBrowser = objbrowser.browser & objbrowser.version
		
		' Build the SQL statement that actually inserts the data
		
		Set authConn = Server.CreateObject ("ADODB.Connection")
		strConnString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=D:\xxxxxxx\xxxxxxxx\xxxxxxx\db\xxxxx.mdb;" '## MS Access 2000
		authConn.Open strConnString

  		SQLStatement = "INSERT INTO logins" _
                 & "(UserID,Page,LoginStatus,WhenAccessed," _
		 & "IPAddress,Browser) " _
		 & "SELECT '" & UserUserID & "' As UserID, '" _
         & UserPage & "' As Page, '" _
         & UserLoginStatus & "' As LoginStatus, '" _
         & UserDate & "' As WhenAccessed, '" _
         & UserIPAddress & "' As IPAddress, '" _
         & UserBrowser & "' As Browser;"

  		authConn.Execute (SQLStatement)

if UserLoginStatus = "SADS_Admin" then 
	LoginStatus = "OK"
	Call MyCookies(request.form("savepassword"))
else
	Loginstatus = UserLoginStatus
end if

Set JMail = Server.CreateObject("JMail.SMTPMail") 
JMail.Logging = true
JMail.ServerAddress = "localhost"
JMail.Sender = "committee@xxxxx.asn.au"
JMail.SenderName = "XXXXX Login"
JMail.Subject = "XXXXX Website Access: " & UserUserID & " - " & Loginstatus & " - " & host & " " & Request.ServerVariables("REMOTE_ADDR")
JMail.AddRecipient "administrator@xxxxx.asn.au"
JMail.Body = "XXXXX Website Access: " & UserUserID & " - " & Loginstatus & " - " & host & " " & Request.ServerVariables("REMOTE_ADDR") & chr(10) & chr(10)
'JMail.AppendText "OS: " & browser.getFullOS & chr(10)
'JMail.AppendText "Browser Full Name: " & browser.getFullName & chr(10)
'JMail.AppendText "Browser Version: " & browser.getVersion & chr(10)
JMail.AppendText "Browser Details: " & request.serverVariables("HTTP_USER_AGENT") & chr(10)
JMail.Priority = 3
JMail.AddHeader "Originating-IP", Request.ServerVariables("REMOTE_ADDR")
'JMail.Execute
End Sub




sub MyCookies(fSavePassWord)

Username = Request.Form("frmUserID")
Password = Request.Form("password")
Password = sha256("" & Password)

	'Response.Cookies("Snitz00User")("User").Path = "/"
	Response.Cookies("Snitz00User")("Name") = username
	Response.Cookies("Snitz00User")("Pword") = password
	if fSavePassWord = "true" then
		Response.Cookies("Snitz00User").Expires = DateAdd("yyyy", 1, Date)
	end if
	
	'Response.Cookies("Snitz00User")("User").Path = "/forum"
	Response.Cookies("Snitz00User")("Name") = username
	Response.Cookies("Snitz00User")("Pword") = password
	if fSavePassWord = "true" then
		Response.Cookies("Snitz00User").Expires = DateAdd("yyyy", 1, Date)
	end if
	

	Session(strCookieURL & "last_here_date") = ReadLastHereDate(strDBNTFUserName)	

'Response.Cookies("Snitz00User")("Name") = Username
'Response.Cookies("Snitz00User")("Pword") = Password
'Response.Cookies("Snitz00User").Expires = DateAdd("yyyy", 1, Date)

'Session("Access") = "Granted"
'Session("username") = UserName

end sub



%><head><title>XXXXX - Xxxxxxx xxxxxx xxxxxxx Association</title></head>



This is the code of the "main_menu.asp" page that fails initial redirect:


<!--#include virtual="/xxxxx_login.asp"-->
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>XXXXX - Xxxxxxx xxxxxx xxxxxxx Association</title>
<base target="contents">
</head>

<body topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" marginwidth="0" marginheight="0" bgcolor="#100F5D">

<table border="0" style="border-collapse: collapse" width="100%" id="table1" bordercolor="#FFFFFF" height="36" bgcolor="#100F5D">
	<tr>
		<td align="center" width="372" bgcolor="#100F5D">
		<p align="left">
		<img border="0" src="images/top_left.jpg" align="left"></td>
		<td align="right" bgcolor="#100F5D">
		<img border="0" src="images/top_alt.jpg" align="right"></td>
	</tr>
</table>

</body>

</html>



This may be of assistance: there appears to be no real "main_menu.asp" as such: when I open this file using Dreamweaver it does not display this name as the file in use, but shows "header.asp" as the actual file name. Then, if I click on the various frames of the page, I get different .asp file names: "content.asp" for the left hand menu, "header.asp" for the title and "news.asp" on the main central frame. This is what it looks like to help you better understand what I mean:





So maybe the redirect to this "virtual" "main_menu.asp" page does not work because of the above? Yet, it has always worked before... on the previous host server!

As you can see, I have tried to give as much info as possible, and I am at a loss. As mentioned in the mail thread I have tried contacting web developers for help, but they are all too busy for a non profit; I suspect it may take longer to spot the issue than to actually fixing it.

I leave it up to some good soul on these forums to lend a helping hand.

Any help will be well received!

Cheers
Paul

HuwR
Forum Admin

United Kingdom
20595 Posts
Posted - 21 March 2013 :  02:53:54  Show Profile  Visit HuwR's Homepage
What version of Sntz are you using?

It appears to be very heavily modified as we don't have content.asp or main_menu.asp files
MVC .net dev/test site | MVC .net running on Raspberry Pi
Go to Top of Page

GPCasali
Starting Member

Australia
8 Posts
Posted - 21 March 2013 :  03:16:53  Show Profile
Thanks for the quick reply.

It is version 3.4.03.

We inherited the web site and related forums from a colleague who had become management, hence the members asked for the site to be taken off his hands.

The idea that the code was heavily modified makes sense, as the gentlemen in question is an experienced web designer and developer, with obvious ASP skills.

It goes without saying that we would rather not have to ask him to do this for us...
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.28 seconds. Powered By: Snitz Forums 2000 Version 3.4.07