Databases and Cookies - How It Works – Resetting a Cookie
(Page 12 of 13 )
The home page in its original form could not handle visitors without a cookie. The following code would put a blank into varPeopleID. That causes a logical failure, but not an ASP error since VBScript accepts putting "nothing" into a variable.
<TITLE>2726-11-TI-O3 Reset Cookie Home Page No Check</TITLE>
…
varID=Request.Cookies("PeopleID")
However, the following code would fail because SQL will not accept a null value for the expression of the WHERE clause.
sqltxt = "SELECT PeopleNameLast, PeopleNameFirst, "
sqltxt = sqltxt & "PeopleProfessionalClass FROM People "
sqltxt = sqltxt & " WHERE PeopleID =" & varID & ";"
set oRS = Server.CreateObject("ADODB.Recordset")
oRS.open sqltxt, "DSN=Sailors"
So we use the code of the improved page, which has an If to determine if the cookie is empty:
<TITLE>2726-11-TI-O3 Reset Cookie Home Page With Check</TITLE>
…
Dim varPeopleID, oRS
varPeopleID=Request.Cookies("PeopleID")
If varPeopleID = "" Then
In the following code we determine if the cookie is empty, and if so give the "Sorry but … " message with a
hyperlink to a form to reset the cookie (2726–11–TI–O3-ResetCookieForm.asp). After getting this to
work, you may consider changing the code to automatically redirect the user using Response.Buffer=true and Response.Redirect. However, I find that students understand the concepts better on their first try by clicking through the pages.
Response.Write "<H1>This is the Sailor's Home Page, but...</H1>"
Response.Write "<P>(failed cookie check)</P>"
Response.Write "Sorry, we can not find your cookie<BR>"
Response.Write "<A HREF='2726-11-TI-O3-ResetCookieForm.asp'>"
Response.Write "Please click here </A>to reset your cookie"
If the cookie exists we perform the following code to get the name and professional class of the visitor from the database. Note that we use the cookie as the expression of the WHERE clause in the SQL
statement. Since the PersonID is a number, we do not concatenate quotes around the variable in the last line below:
Else
Response.Write "<H1>Welcome to the Sailor's Home Page</H1>"
Response.Write "<P>(passed cookie check)</P>"
Set oRS = Server.CreateObject("ADODB.Recordset")
sqltxt = "SELECT PeopleNameLast, PeopleNameFirst, "
sqltxt = sqltxt & "PeopleProfessionalClass "
sqltxt = sqltxt & " FROM People WHERE PeopleID=" & varPeopleID & ";"
Then we can write the text of the home page using data from the recordset:
oRS.open sqltxt, "DSN=Sailors"
Response.Write "<P>We have you, " & oRS("PeopleNameFirst") & " "
Response.Write oRS("PeopleNameLast") & ", "
Response.Write "registered in Professional Class "
Response.Write oRS("PeopleProfessionalClass") & "</P>"
End If
%>
But let us get back to the path of visitors without a cookie. They got the "Sorry but…" message on the home page and click to come to 2726–11–TI–O3-ResetCookieForm.asp. Our objective is to set up a
list of the available names from which to choose. The first part of that code, below, creates a form and a list box using the <SELECT> tag.
<TITLE>2726-11-TI-O3 Reset Cookie Form</TITLE>
<FORM ACTION="2726-11-TI-O3-ResetCookieResponse.asp" METHOD=get>
<SELECT NAME="PeopleName">
Then we create a recordset of the members so we can put them into a list box:
<%
Dim oRSPeople
Set oRSPeople=Server.CreateObject("ADODB.Recordset")
sqltxt = "Select PeopleNameLast, PeopleNameFirst from People"
sqltxt = sqltxt & " ORDER BY PeopleNameLast;"
oRSPeople.Open sqltxt, "DSN=Sailors"
Then we actually populate the list box by looping through that recordset creating an <OPTION> tag for each member. As always, be sure to include the RS.MoveNext in the loop.
Do while not oRSPeople.EOF
Response.Write "<OPTION NAME= >"
Response.Write orsPeople("PeopleNameLast") & ", "
Response.Write orsPeople("PeopleNameFirst") & "</OPTION>"
oRSPeople.MoveNext
Loop
%>
</SELECT>
After the user has made a selection, the Action of the FORM tag rolls us to 2726–11–TI–O3-ResetCookieResponse.asp. Since we will be setting a cookie we must start by turning on the response
buffer:
<%@ Language=VBScript%>
<%Response.Buffer = true%>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
<TITLE>2726-11-TI-O3 Reset Cookie Response</TITLE>
Our incoming data is the name of the member selected from the list box, in the form of last name, and comma, and the first name. We need to not only harvest that data from the querystring, but also parse apart the first and last names so we can compare the names with the database and extract the person ID.
Our clue to separating the names is the comma. The third line below puts into the last name variable all of the text to the left of the comma:
<%
varPeopleNameTotal = Request.Querystring("PeopleName")
varPeopleNameLast = left(varPeopleNameTotal,instr(varPeopleNameTotal, ",")-1)
The line below puts the first name into a variable:
varPeopleNameFirst = right(varPeopleNameTotal,len(varPeopleNameTotal)-instr(varPeopleNameTotal, ",")-1)
Now we can create a recordset that selects out the one record matching the first and last names. Note that we are applying two tests in the WHERE clause; one for the last name and one for the first name.
Dim oRSPeopleIDLookUp
Set oRSPeopleIDLookUp=Server.CreateObject("ADODB.Recordset")
sqltxt = "Select PeopleID from People"
sqltxt = sqltxt & " WHERE PeopleNameLast = '" & varpeoplenamelast & "'"
sqltxt = sqltxt & " AND PeopleNameFirst = '" & varpeoplenamefirst & "';"
oRSPeopleIDLookUp.Open sqltxt, "DSN=Sailors"
We can now use the PeopleID data, from the one correct record sitting in the recordset, to write a cookie.
Response.Cookies("PeopleID") = oRSPeopleIDLookUp("PeopleID")
Response.Cookies("PeopleID").Expires = date + 365
%>
Lastly, we wrap up with some notices to the user about what we have done:
We have reset your cookie, the identification is now for:<BR><BR>
<%=varPeopleNameFirst%> <%=varPeopleNameLast%>
with the ID number <%=oRSPeopleIDLookUp("PeopleID")%>
<BR><BR>Click here to re-try
<A HREF="2726-11-TI-O3-ResetCookieHomePageWithCheck.asp">
homepage</A>
with your new cookie
</BODY></HTML>
 This is from Beginning ASP Databases by Kauffman, Spencer, and Willis (Apress, ISBN 1590592492). Check it out at your favorite bookstore today.
Buy this book now. |
Next: Summary >>
More ASP.NET Articles
More By Apress Publishing
