||In this lab you will create several deliverables,
including a new login page and modifications to several existing pages to
handle a user identification cookie.
Explore the sample site http://www.valtara.com/csc123/shop/
to see examples. Again you will be building on and modifying your previous
labs. There will be an automatic 2.5 point deduction if any of your pages do
not use Hungarian notation or are missing TITLE or META description
- A persistent dictionary cookie containing the CustomerID (or zero) of
the logged in user. Your cookie should be named for your site and
should contain the key CUSTOMERID (You may add additional keys to the cookie if you
wish). The function below may prove
helpful in creating a persistent cookie. (Note use of expires and the
constant cCOOKIE which should be unique to your site as
follow: SITE## where ## is your site number. you may choose to
pad with zero or not as it pleases you. The constant
should be part of the include file that holds the sub and function
Const cCOOKIE = "SITE88" 'Example, replace 88 with
your class number.
Sub CookiePUT(cName, cValue)
response.cookies(cCOOKIE)(cName) = cValue
'The use of expires is what makes the cookie persistent
response.cookies(cCOOKIE).expires = Now() +
'Example Use (Write the CustomerID field to a persistent cookie):
CookiePut "CUSTOMERID", lCustomerID
- A function ValidateUser()
The function is used by almost every page to determine if the
CustomerID of the user is known. Many pages use this information to
build queries (e.g. find the current shopping cart, etc.)
The function must be passed a flag to indicate what the function
should do if CustomerID is
not found or is <= zero (0).
- FLAG = 1: the user will be redirected to the login page, if the
login is successful the original page will be recalled.
- FLAG = 0: a Zero is returned and then the page processing
continues as if nothing had happened using a CustomerID value of
When would you want to use one or the other of the flags?
- You would set FLAG=1 when you are dealing with adding or
removing items form the cart, viewing or processing orders or
- You would set FLAG=0 when you are working with customer
information (customer, login pages)
- In general use common sense, if a valid CustomerID is
required to process, you should insist on getting a valid one.
We are giving you the function ValidateUser() as
it is one of the most important functions in the Shop system
'Return CustomerID with optional redirection
dim lCustomerID 'CustomerID is a LONG (SQL Int)
'Assume not found
lCustomerID = 0
'First try the form and querystring collection
s = Trim(Request("CUSTOMERID"))
If isNumeric(s) then
lCustomerID = cLng(S)
'Then try the cookie
S = Trim(Request.Cookies(cCOOKIE)("CUSTOMERID"))
If isNumeric(s) then
lCustomerID = cLng(S)
'No matter what write the cookie
'Do we care if CustomerID is zero?
If (FLAG <> 0) and (lCustomerID = 0) Then
'We don't care or we are ok, return to the caller
ValidateUser = lCustomerID
- The function should be put into an include page.
- The function returns the CustomerID (zero if not found).
- The function should first check the Request collections
object collections for "CUSTOMERID", and
if present, returns that value.
- If the function does not find a value in the Request
collections, it should check the cookie above.
- The function should re-write the cookie to the client using CookiePut().
Consider the two possible cases:
- We have a good CustomerID (<> Zero), we
want to have that ID available to other pages who call
this function, so we want to sent it to the client.
- We have a Bad CustomerID (e.g. Zero), we want to
make sure the clients cookie contains a zero so that when
other pages call this function we know we have to take
steps (based on the value of FLAG above) to handle this
- Allow the user to "login" to our system by matching
their e-mail address (stored in the database by the customer page)
to the customer ID. If this operation is successful, the
CustomerID is written to the cookie, if not successful a zero is
written to the cookie. (See discussion above)
- The page also allows users to create new accounts by calling the
customer page and passing in a special flag (&VW=3).
- Thus new users become existing users and existing users are
admitted to our site to shop.
The user should have the option to 'Create a new
account' (your choice of phrasing) by having a
link to the customer page as follows Customer.Asp?VW=3
this causes the customer page to create a new user.
(See the notes in Lab 10)
Takes in the e-mail address and searches the CUSTOMER table for
- If email address not found:
- Overwrites the cookie 'CUSTOMERID' with a value of zero (0)
- Redirects to the same page (login.asp) with a message that
the login is incorrect.
- If email address found
- The CustomerID is written to the cookie.
- The page is redirected to the referrer.
- Customer.Asp. You should modify this page to write out the
CustomerID to the cookie using the above subroutine.
- Default.asp. Your home page should be modified to detect and
greet the user as in the example site. E.g. You should use the
ValidateUser() function to get the CustomerID (Here is an
example of a case in which it is ok, not to know who they are) if the
CustomerID is >0 then you should fetch their name from the customer
table and give them a greeting by name (personalization). If they are
not customer they should be welcomed and given a chance to become
customers by creating a new account.
- Modifications to all previously assigned page and all future pages
to use these previous deliverables. The idea is to provide a
simple framework to get and handle the problem of retrieving the
CustomerID on various pages and what to do if it is not found.
This lab is worth 15 points and due on November
22nd. When you have
completed the lab, send an email to Chris
Allen indicating you are done and providing the external URL to your
Valtara Digital Design http://www.valtara.com/csc123/
Copyright 1999, 2001, Valtara Digital Design, Blitzkrieg Software