newbie/noob question. request querystring in a .vb

Discussion in 'ASP .Net' started by .nLL, Oct 5, 2008.

  1. .nLL

    .nLL Guest

    Hi, im am a classic asp developer and started to learn asp.net but got stuck
    with a simple problem even before i step in to further.

    to learn i have started from a simple project (a login system with forms)
    due to projects platform (a mobile web site) i cant use cookies (cookies
    arent supported on all phones), anyway because of that i do un/pw check on
    very page and i have to put

    Dim MyUn As String = MyFunctions.AlphaNumOnly(Request.QueryString("un"))
    Dim MyPw As String = MyFunctions.AlphaNumOnly(Request.QueryString("pw"))

    to every page. In classic asp i could create an include and put smilar code
    to get un/pw but in asp.net (VB) i couldnt figureout how to. I ahve got my
    functions.vb where i store shared functions and variables but could put
    above in to it.
    could anyone point me to right direction?
    thanks
     
    .nLL, Oct 5, 2008
    #1
    1. Advertisements

  2. .nLL

    .nLL Guest

    to make it clear, here is my class

    --------------
    Public Class MyFunctions
    Public Shared Function CheckLogin(ByVal MyUnInput As String, ByVal
    MyPwInput As String) As String
    Dim MyResult As Integer
    Dim MySql As String
    MySql = "Select count(*) from users where un='" & MyUnInput & "' and
    pw='" & MD5Encrypt(MyPwInput) & "'"
    Dim Conn As New OleDbConnection(MyDbPath)
    Dim Cmd As New OleDbCommand(MySql, Conn)
    Conn.Open()
    MyResult = Cmd.ExecuteScalar
    Conn.Close()
    Return MyResult
    End Function
    End Class
     
    .nLL, Oct 5, 2008
    #2
    1. Advertisements

  3. .nLL

    bruce barker Guest

    create a global.asa and add:

    void Application_AuthorizeRequest(object sender, EventArgs e)
    {
    // call by validation code here
    }


    note: while shared functions are ok, shared variables (or public module
    variables) are shared across all requests.

    -- bruce (sqlwork.com)
     
    bruce barker, Oct 5, 2008
    #3
  4. .nLL

    .nLL Guest

    old habits die hard, isn't there any other option to do it? i dont want to
    use global.asa or web.config. reason is that i want to be able to put
    project in any folder on my server without having setup an appliaciton on
    iis for it. that way it is portable and can be moved without any setup on
    web server
     
    .nLL, Oct 5, 2008
    #4
  5. .nLL

    s.foschi Guest

    one thing:
    this is not the right way:
    MySql = "Select count(*) from users where un='" & MyUnInput & "' and
    pw='" & MD5Encrypt(MyPwInput) & "'"

    use parameters! this way up here you will have trouble with
    sqlinjection.
    I am curious the way you are developing...
    in my idea: just put global.asax and web.config in the root folder of
    the website using the asp.net page, and is done, what else?
    I mean web.config is required.

    Simone Foschi
    MCTS Sql Server 2005
     
    s.foschi, Oct 8, 2008
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.