Login System

It works in Chrome, Opera, Firefox 3 but not IE

Page 1 of 1

3 Replies - 2341 Views - Last Post: 01 May 2009 - 02:19 AM Rate Topic: -----

#1 danny_kay1710   User is offline

  • D.I.C Regular
  • member icon

Reputation: 29
  • View blog
  • Posts: 359
  • Joined: 27-April 08

Login System

Posted 16 April 2009 - 02:47 AM

OK,

I have a login system coded for my ASP.NET web application and I can successfully log into it using Google Chrome, Opera and Firefox 3 without any issues at all.

However when I attempt to log in using IE8 it just refreshes the page, and doesn't log me in.

I am using sessions to achieve to do the login system, any ideas what I might be doing wrong.

On the page load event I check to see if the user is logged in.
	Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
		boolLoggedIn = IsLoggedIn(Session.Contents("UserName"), Session.Contents("SessionGUID"))
		boolIsAdmin = main.IsAdmin(Session.Contents("UserName"))
	End Sub



The IsLoggedIn Function looks like
	Public Function IsLoggedIn(ByVal sessionLoginName As String, ByVal sessionGUID As String) As Boolean
		Dim sessionTimeout As Integer = ReturnSetting("SessionTimeout")

		If sessionLoginName <> "" And sessionGUID <> "" Then
			Dim conn As New SqlConnection(My.Settings.connString)
			Dim cmd As SqlCommand = New SqlCommand("SELECT * FROM tblUsers WHERE [email protected]", conn)
			Dim dt As New DataTable
			Dim da As SqlDataAdapter = New SqlDataAdapter(cmd)

			cmd.Parameters.Add(New SqlParameter("@userName", sessionLoginName))

			conn.Open()
			da.Fill(dt)
			conn.Close()

			If dt.Rows.Count = 1 Then
				If dt.Rows(0).Item("userSessionGUID") = sessionGUID Then
					If sessionTimeout = 0 Then
						Return True
					Else
						Dim timeoutLength = (Now() - Convert.ToDateTime(dt.Rows(0).Item("userSessionstart"))).Minutes
						If timeoutLength < sessionTimeout Then
							If timeoutLength <> 0 Then
								cmd = New SqlCommand("UPDATE tblUsers SET userSessio[email protected]onstart WHERE [email protected]", conn)

								cmd.Parameters.Add(New SqlParameter("@userName", sessionLoginName))
								cmd.Parameters.Add(New SqlParameter("@userSessionstart", Now()))

								conn.Open()
								cmd.ExecuteNonQuery()
								conn.Close()
							End If
							Return True
						Else
							Return False
						End If
					End If
				Else
					Return False
				End If
				Return dt.Rows(0).Item("settingValue").ToString
			Else
				Return False
			End If
		Else
			Return False
		End If
	End Function



NOTE: Return setting retrieves a particular setting from the database and is also a custom function.

My Login code is
	Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As EventArgs) Handles btnLogin.Click
		If txtUsername.Text.Trim <> "" And txtPassword.Text.Trim <> "" Then

			Dim conn As New SqlConnection(My.Settings.connString)
			Dim cmd As SqlCommand = New SqlCommand("SELECT * FROM tblUsers WHERE [email protected] AND [email protected] AND userBanned<>'True' AND userActive='True'", conn)
			Dim dt As New DataTable
			Dim da As SqlDataAdapter = New SqlDataAdapter(cmd)

			cmd.Parameters.Add(New SqlParameter("@userName", Me.txtUsername.Text))
			cmd.Parameters.Add(New SqlParameter("@userPass", GenerateHash(Me.txtPassword.Text)))

			conn.Open()
			da.Fill(dt)
			conn.Close()

			If dt.Rows.Count = 1 Then
				Dim sessionGUID As String = GenerateSessionID()
				Session.Add("UserName", Me.txtUsername.Text)
				Session.Add("SessionGUID", sessionGUID)

				cmd = New SqlCommand("UPDATE tblUsers SET [email protected], userSessio[email protected]onstart WHERE [email protected]", conn)

				cmd.Parameters.Add(New SqlParameter("@userName", Me.txtUsername.Text))
				cmd.Parameters.Add(New SqlParameter("@sessionGUID", sessionGUID))
				cmd.Parameters.Add(New SqlParameter("@userSessionstart", Now()))

				conn.Open()
				cmd.ExecuteNonQuery()
				conn.Close()

				Response.Redirect("/default.aspx")

			Else
				strLoginErrors = "Username or password is not valid. Please check that you are typing in the correct case and try again."
			End If

		Else
			strLoginErrors = "The username or password cannot be blank"
		End If
	End Sub




OK so I know this code works for three of the four browsers I tested it on, why is Internet Explorer 8 being so different?

If you need any other bits of code let me know.

[EDIT]: I just had a random thought that might have something to do with it... in PHP you need to use session_start(); and put it at the top of the file... is there an equivalent in ASP.NET ... I am completely new to ASP or ASP.NET programming this is my first project in it but since I know both c# and VB.NET it isn't too big of a learning curve for most of it.

This post has been edited by danny_kay1710: 16 April 2009 - 02:50 AM


Is This A Good Question/Topic? 0
  • +

Replies To: Login System

#2 unholyfire   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 29
  • Joined: 10-April 07

Re: Login System

Posted 17 April 2009 - 09:44 AM

I'm still learning as well so this might be wrong, but try this...
In your "Page Load",
merge your contents values into one call

Current:
boolLoggedIn = IsLoggedIn(Session.Contents("UserName"), Session.Contents("SessionGUID"))

Try:
boolLoggedIn = IsLoggedIn(Session.Contents("UserName" + "SessionGUID"))

Your trying to place 2 values with 2 calls within one instance, instead place 2 values with 1 call within that instance.

It might even be:
boolLoggedIn = IsLoggedIn(Session.Contents("UserName", "SessionGUID"))
Was This Post Helpful? 0
  • +
  • -

#3 danny_kay1710   User is offline

  • D.I.C Regular
  • member icon

Reputation: 29
  • View blog
  • Posts: 359
  • Joined: 27-April 08

Re: Login System

Posted 20 April 2009 - 02:54 AM

IsLoggedIn is a function which I have wrote, which needs the two arguments of username and sessionGUID.

SessionGUID being a previously specified random string of 50 character stored in the database to verify that it is a valid login session.

By doing your changes, I would only be passing one argument to the function making it fail.

Plus it works in everything except internet explorer I don't get what could be causing this.

Is there anything that causes IE to randomly drop sessions or does it handle them differently? Also IE6 won't let me log in when using it, so I am assuming it is an IE issue completely and not just with IE8.
Was This Post Helpful? 0
  • +
  • -

#4 danny_kay1710   User is offline

  • D.I.C Regular
  • member icon

Reputation: 29
  • View blog
  • Posts: 359
  • Joined: 27-April 08

Re: Login System

Posted 01 May 2009 - 02:19 AM

Sorry for the bump, but this is really troubling me and I still can't figure it out.

Code is identical works in Firefox 3, Chrome, Opera and Safari, yet whenever I try to login in Internet explorer it just refreshes and doesn't log me in.

Anyone got any idea's at all?

[UPDATE:]

When I use debugging on the ASP.NET development server however everything works fine in all browsers. I don't get what could be wrong :angry:

This post has been edited by danny_kay1710: 01 May 2009 - 02:24 AM

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1