newbie/noob question. request querystring in a .vb

N

.nLL

Hi, im am a classic asp developer and started to learn asp.net but got stuck
with a simple problem even before i step in to further.

to learn i have started from a simple project (a login system with forms)
due to projects platform (a mobile web site) i cant use cookies (cookies
arent supported on all phones), anyway because of that i do un/pw check on
very page and i have to put

Dim MyUn As String = MyFunctions.AlphaNumOnly(Request.QueryString("un"))
Dim MyPw As String = MyFunctions.AlphaNumOnly(Request.QueryString("pw"))

to every page. In classic asp i could create an include and put smilar code
to get un/pw but in asp.net (VB) i couldnt figureout how to. I ahve got my
functions.vb where i store shared functions and variables but could put
above in to it.
could anyone point me to right direction?
thanks
 
N

.nLL

to make it clear, here is my class

--------------
Public Class MyFunctions
Public Shared Function CheckLogin(ByVal MyUnInput As String, ByVal
MyPwInput As String) As String
Dim MyResult As Integer
Dim MySql As String
MySql = "Select count(*) from users where un='" & MyUnInput & "' and
pw='" & MD5Encrypt(MyPwInput) & "'"
Dim Conn As New OleDbConnection(MyDbPath)
Dim Cmd As New OleDbCommand(MySql, Conn)
Conn.Open()
MyResult = Cmd.ExecuteScalar
Conn.Close()
Return MyResult
End Function
End Class
 
B

bruce barker

create a global.asa and add:

void Application_AuthorizeRequest(object sender, EventArgs e)
{
// call by validation code here
}


note: while shared functions are ok, shared variables (or public module
variables) are shared across all requests.

-- bruce (sqlwork.com)
 
N

.nLL

old habits die hard, isn't there any other option to do it? i dont want to
use global.asa or web.config. reason is that i want to be able to put
project in any folder on my server without having setup an appliaciton on
iis for it. that way it is portable and can be moved without any setup on
web server
 
S

s.foschi

one thing:
this is not the right way:
MySql = "Select count(*) from users where un='" & MyUnInput & "' and
pw='" & MD5Encrypt(MyPwInput) & "'"

use parameters! this way up here you will have trouble with
sqlinjection.
that way it is portable and can be moved without any setup on web server
Click to expand...

I am curious the way you are developing...
in my idea: just put global.asax and web.config in the root folder of
the website using the asp.net page, and is done, what else?
I mean web.config is required.

Simone Foschi
MCTS Sql Server 2005
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Noob question about mathematical addition vs. "string addition" in C# 1
Access QueryString value in a UserControl 3
Noob question: "Could not find a part of the path" 0
newbie question 20
Authentification from a SAM base in ASP.NET|VB 0
ASP .Net v2.0 (VB) Object Oriented Newbie 0
recover .vb source code in ASP .NET 2
Newbie question about asp.net architecture... 0

Members online

Total: 38 (members: 2, guests: 36)
Robots: 425

Forum statistics

Threads
473,769
Messages
2,569,576
Members
45,054
Latest member
LucyCarper

Latest Threads

Top