Asp error: object is no longer valid

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • xpertbyshishir
    New Member
    • Apr 2007
    • 7

    Asp error: object is no longer valid

    i m trying to execute a simple code which uses login information ..and after validating data (ie username and password) it stores these values in session objects and redirects to a different page where it confirms the session name before continuing..pro blem is when data is validated and redirection is done to different page,it gives an error that object is no longer valid..
    some part of code...

    login.asp:::

    strSQL="SELECT * FROM tblLoginInfo WHERE username='"+str Username+"' AND password='"+str Password+ "';";
    var conn = Server.CreateOb ject("ADODB.Con nection");
    var dsnname="DSN=sh ipass";
    conn.mode=3;
    conn.Open(dsnna me);
    var rs=conn.Execute (strSQL);
    if((rs.EOF))
    {Session("usern ame") = "";
    strURL = "";
    %>
    <p>
    <font size="4" face="arial,hel vetica"><strong >
    Login Failed - Please verify username and password.
    </strong></font>
    </p>
    <p>
    <a href="login.asp ">Try Again</a>
    </p>
    <%
    }
    else
    {Session("usern ame") = rs("username") ;
    Session.Timeout =50;
    strURL = rs("destination ");
    Response.Redire ct("user.asp") ;
    }
    rs.Close();
    conn.Close();
    }

    user.asp::
    <%@ Language="javaS cript" %>
    <%
    if(Session("use rname")!="anna" )
    Response.Redire ct("httP://localhost/login.asp");
    else
    {
    %>
    <html>
    <head>
    <title>User page</title>
    </html>
  • shweta123
    Recognized Expert Contributor
    • Nov 2006
    • 692

    #2
    Hi,

    When the page is redirected to Login.asp Can you check for the State of Connection and Recordset ? May be they are no longer valid?
    Are you storing any objects in the Session apart from UserName and Password?

    Comment

    • elmemo
      New Member
      • Apr 2007
      • 30

      #3
      dude,

      in your code, watch out because if someone injects SQL code as their username your code will execute it. (imagine if someone provided a "username" of "anything'; DROP TABLE MEMBERS;" or something close to that)

      Anyways, this is happening because the server objects timed out. Before you use any session variables, you must check if the session is active. If you are doing this in ASP.NET the easiest thing to do is to create functionality that checks the session is still "alive" into one class in a file, and derive all your pages from that class. Your code would redirect to "/login.aspx" or somewhere like that in case the session is dead. If you do this, you can count on the objects being alive in the rest of the code. An excellent article about this you can find here:

      http://aspalliance.com/520

      I use that method on my pages and it works beautifully.

      Hope that helps

      Comment

      • Ali Sher
        New Member
        • Nov 2007
        • 1

        #4
        Hello

        Problem with your code is here.

        Session("userna me") = rs("username") ;

        Replace it with

        Session("userna me") = rs("username"). Value;

        The problem is that username is a Variant data type containing a reference to a Field object that rs("username") , not a string, as it appears to be. When the Recordset is closed, the Field object is no longer valid, and the variable appears empty. You can avoid the problem by qualifying the code with the Value property.

        Originally posted by xpertbyshishir
        i m trying to execute a simple code which uses login information ..and after validating data (ie username and password) it stores these values in session objects and redirects to a different page where it confirms the session name before continuing..pro blem is when data is validated and redirection is done to different page,it gives an error that object is no longer valid..
        some part of code...

        login.asp:::

        strSQL="SELECT * FROM tblLoginInfo WHERE username='"+str Username+"' AND password='"+str Password+ "';";
        var conn = Server.CreateOb ject("ADODB.Con nection");
        var dsnname="DSN=sh ipass";
        conn.mode=3;
        conn.Open(dsnna me);
        var rs=conn.Execute (strSQL);
        if((rs.EOF))
        {Session("usern ame") = "";
        strURL = "";
        %>
        <p>
        <font size="4" face="arial,hel vetica"><strong >
        Login Failed - Please verify username and password.
        </strong></font>
        </p>
        <p>
        <a href="login.asp ">Try Again</a>
        </p>
        <%
        }
        else
        {Session("usern ame") = rs("username") ;
        Session.Timeout =50;
        strURL = rs("destination ");
        Response.Redire ct("user.asp") ;
        }
        rs.Close();
        conn.Close();
        }

        user.asp::
        <%@ Language="javaS cript" %>
        <%
        if(Session("use rname")!="anna" )
        Response.Redire ct("httP://localhost/login.asp");
        else
        {
        %>
        <html>
        <head>
        <title>User page</title>
        </html>

        Comment

        Working...