| Author |
Topic |
|
Pumpkins_Man
Starting Member
20 Posts |
 Posted - 2002-04-08 : 21:08:29
|
| i'm currently working on creating an intranet with a sql server backend and an asp frontend. each user with have to login first thing in the morning to access the intranet. i would like to create a staff tracking feature where users can set their status e.g. lunch, meeting, sick etc.if a user where to have a browser open for a lengthy time period and they went to change their status i believe that an asp page would time them out which would mean that they would have to log back in again to change their status. i would very much like to avoid them doing that.i was wondering if you guys could suggest a way around that. i was thinking that a cookie might be the way to go but i'm not really sure cause i haven't used cookies before. any suggestions woul dbe greatly appreciated. thanks heaps.http://www.users.bigpond.com/thefullmontybronty |
|
|
Merkin
Funky Drop Bear Fearing SQL Dude!
4970 Posts |
Posted - 2002-04-08 : 22:39:46
|
| HiThe way I did our intranet here was use NT Authentication. I still have a table with all the users details, but I store their NT username. Then when they hit a page outside of a session I can just look up their NT login in the database and log them in with that.Hope that helpsDamian |
 |
|
|
Pumpkins_Man
Starting Member
20 Posts |
Posted - 2002-04-08 : 23:06:31
|
| thanks for you suggestion Damian. i was actually going to look into doing that for stage 2 of the intranet as phase one is just a concept phase and i have to pitch stage one to management tomorrow afternoon at 4pm.just for a temporary solution do you think using a cookie would be ok?http://www.users.bigpond.com/thefullmontybronty |
|
|
|
Merkin
Funky Drop Bear Fearing SQL Dude!
4970 Posts |
Posted - 2002-04-08 : 23:27:46
|
| Yeah sure a cookie is fine. If it is only a proof of concept then anything will do, but if you were to put a userid in the cookie, someone could change their cookie value to someone elses ID. You might want to set up a field in your users table with a GUID (uniqueidentifier, default it to NewID() ) and use that in the cookie.Damian |
|
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2002-04-08 : 23:28:34
|
| I think a cookie is a great idea, because you can set them to expire at a particular date and time, or after a certain duration, or not at all. From ASP code, you can create/write a cookie like this:<% response.cookies("logincookie")="myUserName"response.cookies("logincookie").expires=Now()+TimeValue("00:30:00") %>That will create a cookie called "logincookie" that contains the value "myUserName", and will set it to expire 30 minutes later. Cookies are case-sensitive (I learned that the hard way!) so you should be very diligent in your naming conventions. You can read a cookie like this:<% loginname=request.cookies("logincookie") %>Notice that you use the response object to write a cookie, and the request object to read it. If you use NT authentication, as Merkin suggested, you can get the NT login using the request.servervariables("AUTH_NAME") server variable; otherwise you will have to write a login page that accepts the login and password and stores them in a cookie. This is a good idea if you want to store non-NT logins and passwords for your SQL Server.OZ SNIPERS ON THE LOOSE! RUN!Edited by - robvolk on 04/08/2002 23:29:13 |
|
|
|
Merkin
Funky Drop Bear Fearing SQL Dude!
4970 Posts |
Posted - 2002-04-08 : 23:30:09
|
hei guy, don't play on my forum! Damian |
|
|
|
Pumpkins_Man
Starting Member
20 Posts |
Posted - 2002-04-09 : 00:10:21
|
| excellent. thankyou both for your input. thanks especially robvolk for the time you put in telling me about how to write and read cookies as well as the NT login. thanks a bunch, you've both been a great help.now...to meet the deadline aaaaarrrrggghhhh hehe!http://www.users.bigpond.com/thefullmontybronty |
|
|
|
nr
SQLTeam MVY
12543 Posts |
Posted - 2002-04-09 : 00:54:13
|
| I wouldn't hold the login details in the cookie but the session details.On the server you have a session table which holdsguid, user_id, logintime, lastusethe guid is held in the cookie.When they login you verify the username/password and create an entry in this table and write the entry to the cookie (and delete any old entries for the user).You need to set the cookie to never expire.It's up to you what you do if the user logs in again. Easiest is to just overwrite the old entry so the old guid is no longer valid - if it's another m/c it means the old session is logged off.Also all database requests send the guid and it is checked for a valid session. In this way you can easily expire a session after a idle timeout and also check the user for various permissions in the future.==========================================Cursors are useful if you don't know sql.Beer is not cold and it isn't fizzy. |
|
|
|
jackstow
Posting Yak Master
160 Posts |
Posted - 2002-04-09 : 04:28:08
|
| It might be worth giving .NET a try as well. The built in functions for maintaining session state in SQL Server and handling password protected sites with Forms Authentication make this kind of thing a breeze...http://www.dotnetjunkies.com/tutorials.aspx?tutorialid=251 |
|
|
|
AjarnMark
SQL Slashing Gunting Master
3246 Posts |
Posted - 2002-04-09 : 18:34:56
|
quote:
It might be worth giving .NET a try as well. The built in functions for maintaining session state in SQL Server and handling password protected sites with Forms Authentication make this kind of thing a breeze...http://www.dotnetjunkies.com/tutorials.aspx?tutorialid=251
Yeah, it's nice that they're building this in now. I talked with a tech presenter from MS on this and he confirmed that they basically have just incorporated the ideas discussed above with a GUID or other unique ID that they pass (in cookie-less mode) as a special part of the URL. Everything is still access via the Session object even though the actual info may be stored in SQL Server instead of memory.And to think I was just about to write this myself... OK, 1 point for MS today.------------------------GENERAL-ly speaking... |
|
|
|
Pumpkins_Man
Starting Member
20 Posts |
Posted - 2002-04-09 : 18:48:46
|
| the .NET idea looks interesting for phase 2 or three of the project. how many of you guys are using .NET at the moment? do you like it or dislike it? how hard is it to learn?http://www.users.bigpond.com/thefullmontybronty |
|
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2002-04-09 : 18:56:45
|
| I know that graz is loving C#, won't even consider going back to regular VB/ASP. I'm not using .Net yet, but I'm gonna stick with C# when I start; I have too much connection with regular Visual Basic that VB.Net will send me up to a rooftop with a rifle (that's just my opinion, every example I've seen of VB.Net makes me cry, you may be stronger than me) And I know JavaScript pretty well, so C# shouldn't be too hard for me to grasp. |
|
|
|
Pumpkins_Man
Starting Member
20 Posts |
Posted - 2002-04-09 : 19:13:36
|
| well i know vb back to front and the other IT guy who works here knows a little bit of vb so i was thinking that i'd be goign with vb.net for his sake. i know c and c++, how different is c#? i know javascript fairly well if that is going to help me.http://www.users.bigpond.com/thefullmontybronty |
|
|
|
Nazim
A custom title
1408 Posts |
Posted - 2002-04-10 : 00:46:36
|
| I use C# . it will be very easy for you to pick up C# coz its a combination of C and C++ with conceptual ideas of Java.C# is fun to learn and use.-------------------------------------------------------------- |
|
|
|
AjarnMark
SQL Slashing Gunting Master
3246 Posts |
Posted - 2002-04-10 : 01:45:41
|
| I'm not using .Net yet, but we are looking at it. We also are reviewing J2EE. I have the impression that things that were simple in standard ASP are pretty simple in ASP.Net, but things that are more complex will take quite a learning curve to learn how to do them properly or "best practices" in .Net, if you don't already have a foundation in Java. But that's just my impression from a distance. .Net has a lot of Java-like characteristics, regardless of your chosen language.------------------------GENERAL-ly speaking... |
|
|
|
jackstow
Posting Yak Master
160 Posts |
Posted - 2002-04-10 : 05:26:37
|
| If you're used to C or VB then moving over to .NET is not gonna be that hard I would think. However if you're moving from VBScript/ASP to VB.NET/ASP.NET it's quite a mountain to climb - well worth it in the end though. The choice of C# or VB.NET is a personal one I guess, both give you a proper, powerful object orientated language. Some things are so easy to do in .NET (the built in calendar control for example) and some can make you pull your hair out (i.e. getting a datagrid to do just what you want it to do ..). I've been getting into it this year and it's a great technology I think. There's loads of help out there as well. www.dotnetjunkies.com and www.gotdotnet.com are well worth a visit. |
|
|
|
Arnold Fribble
Yak-finder General
1961 Posts |
Posted - 2002-04-10 : 06:37:58
|
quote:
I use C# . it will be very easy for you to pick up C# coz its a combination of C and C++ with conceptual ideas of Java.
Also, Anders Hejlsberg's previous efforts on Borland Delphi and J++ have clearly influenced the use of method pointers, delegation and events. Those certainly aren't Java concepts: in fact, that's one of the things Sun (and James Gosling in particular) complained bitterly about in J++.Edited by - Arnold Fribble on 04/10/2002 06:38:48 |
|
|
|
Onamuji
Aged Yak Warrior
504 Posts |
Posted - 2002-04-10 : 12:52:50
|
| WOOO .NET WOOO! I hate the fact that I still have to work with VB6 ... I love VB.NET compared to VB6 ... however my roots lay in C++/Java and C# is a dream. J# looks interesting as well... can't wait to be able to write stored procedures in .NET (that's what I think will make it all worth while) ... :-) |
|
|
|
leeholden
Starting Member
34 Posts |
Posted - 2002-04-10 : 13:10:17
|
| woo, new technology... I wish I could get my hands on some of that. Maybe in about 10 years time... We've just started implementing a PL1 solution!!!Just out of interest, has anyone ever heard of PICK? |
|
|
|
AjarnMark
SQL Slashing Gunting Master
3246 Posts |
Posted - 2002-04-10 : 14:52:44
|
quote:
Just out of interest, has anyone ever heard of PICK?
Yes. Many, many moons ago...------------------------GENERAL-ly speaking... |
|
|
|
Nazim
A custom title
1408 Posts |
Posted - 2002-04-11 : 01:10:21
|
PL1  quote:
woo, new technology... I wish I could get my hands on some of that. Maybe in about 10 years time... We've just started implementing a PL1 solution!!!
-------------------------------------------------------------- |
|
|
|
Next Page
|
could i get some suggestions please