ASP Login

[Total: 0    Average: 0/5]

Protecting Your Pages

When I started with Active Server Pages, one of the first things I wanted to do was learn how to password protect certain pages. In this tutorial, I’ll show you how I did it. We need to create 3 pages here. The first page will be a login page. The second page will verify that the user exists in our database. The final page will be the loginsuccess page. So let’s get to it.

First we just create a normal form, but because we want to report errors to the person if something went wrong, we’ll also include some basic ASP in the page. Save this page as login.asp.

Now we create our verify.asp page which will take the data passed from the form and compare it to the database to verify whether or not the person should be allowed in.

Before we go to our next page, I want to point out something you may not have seen yet. We used the built in VBScript function called StrComp. It takes the form of StrComp(string1, string2, compare constant). The compare contstant could be vbTextCompare, vbBinaryCompare, or vbDatabaseCompare. We use it to compare the recordset field called username to the string in our variable called username and we use the vbTextCompare method.

Now we go on to our last page. Save this page as welcome.asp.

To check to make sure that someone has logged in successfully, we will have to check their session variable called Valid that we set up in our 2nd asp page. The code is shown below.

The above code will check to make sure the person logged in successfully, and then insert their username into the welcome portion of the body. For any page that you want to password protect, make sure that you put the above code in the top of the page that you want to protect. You will need the code starting from If Session to End If all enclosed in . You could always include one more error code in your login page to say If request(“error”)=”4″ then response.write “You must log in first to access these pages.” End If. Then in your session check in each page, change your response.redirect (“login.asp”) to response.redirect (“login.asp?error=4”). See ya next time!

~Geoff Swartz

Times Viewed: 14

Leave a Reply

Your email address will not be published. Required fields are marked *