"Hannibal" <> wrote in message
news: ps.com...
> Hi All,
>
> The below code use to work on my Win2K3 IIS6. for for some unknown
> reason it`s no longer working. here the code.
>
> Session("LOGIN_USER_ID") = UserID
>
> ' Update the cookie if the login is successful
> Response.Buffer = True
> Response.Cookies(strAppRoot).Domain = strHelpdeskServer
> Response.Cookies(strAppRoot) = UserID
>
> ' If the logged in user has administrative privileges, I will
> redirect
> 'to an admin screen where the user can make administrative changes.
>
> 'see if the user logging in is the admin
> sSQLCmd2 = "SELECT USER_ID FROM USERS WHERE ADMINISTRATOR = 1 AND
> USER_ID Like '%" & UserId & "%'"
> Set rst2 = Server.CreateObject("ADODB.Recordset")
> rst2.Open sSQLCmd2, oDatabaseConn,adOpenForwardOnly, adLockReadOnly,
> adCmdText
>
> if not rst2.EOF then
> rst2.MoveFirst
> adminId = rst2("USER_ID")
> adminId = trim(adminId)
> end if
> rst2.Close
> set rst2 = Nothing
>
> if trim(UserID) = adminId then
> Session("USER_TYPE") = "Administrator"
> else 'the user is not the admin...set the user type and redirect
> Session("USER_TYPE") = "User"
> end if
> Session.Timeout=30 'set the time out for 30 minutes on the session
>
> sSQLCmd3 = "UPDATE [USERS] SET USER_LASTLOGON='" & Cstr(Now()) & "'
> WHERE USER_ID = '" & UserID & "'"
> oDatabaseConn.Execute sSQLCmd3
> Response.Redirect ("home.asp")
>
> I`m not a programmer, I only support the site. But since the original
> programmer is gone, I`m the one who has to fix this.
>
> I`m thinking that it may come from a IIS 6 security setting or Windows
> Update. My client browser work fine, I get cookie from other site.
> Also, I've added my IIS Server to the trusted Sites and added the web
> site to accept all cookie.
>
> Also, I try to set IIS 6 to run in IIS 5.0 isolation mode.
>
> I`m running out of idea. If anyone could shed some light it would be
> really appreciated
>
How do you know it's "not working"? The cookie is only a session cookie so
you won't find it in a permenant cookie store.
What has changed?
This line:-
Response.Cookies(strAppRoot).Domain = strHelpdeskServer
is designed to make the cookie valid for the one of the domains that host
belongs to. For example if the site is:-
www.mydomain.com
then the domain can be set to "mydomain.com". Assuming that the application
is in the root of the web the cookie will be sent to any host in the
mydomain.com domain.
If the value in strHelpdeskServer no longer matches this pattern (e.g, the
domain the server is i presented in no longer matches the contents of
strHelpdeskServer) then the browser will reject the cookie.
--
Anthony Jones - MVP ASP/ASP.NET
Similar Threads
