Site hosted by Angelfire.com: Build your free website today!
Codefixer - ASP tutorials, resources and software
ASP.NET PRO Readers Choice Award Winner!
Home | Articles | Other Sites | ASP directory | Tutorials | Code Snippets | Codefixer Software
      
Thursday 17 June
MembersPro PayPal - ASP Membership software
 PollPro V4
 MembersPro PayPal
 MembersPro V4
 LinksPro V4

 


The best value in Windows 2003/IIS6 hosting from a Microsoft ASP.NET Hosting Advantage Partner. ASP/ASP.NET, SQL 2000, Access, FP 2002, .NET Framework 1.1, control panel.




Password Protect

Have a look at the code for 'login.asp' and then i'll talk you through it.
Points to note are that we will be using 2 subroutines, CheckLoginForm and ShowloginForm, and that once the form details are submitted they are sent to the same page to be checked and processed. You could send the form details to another page to be checked and processed but why use an extra page!

Also a hidden form value we use is very important in letting us track whether the form has been submitted.

   

<%
Response.Expires = -1000 'Make sure the browser doesnt cache this page
Response.Buffer = True 'enables our response.redirect to work

If Request.Form("valuepassed") ="true" Then
CheckLoginForm
Else
ShowLoginForm
End If

Sub CheckLoginForm
'check if the value of the text field 'username' and 'password' are correct
If Request.Form("username") = "mic" AND Request.Form("password") = "pass" Then
Session("BlnLoggedIn") = True
Response.Redirect "memberspage.asp"
Else
Response.Write("<div align='center'>You are not logged in.</div><br>")
ShowLoginForm
End If
End Sub
%>

<% Sub ShowLoginForm %>
<div align='center'>
<!-- start the html login form -->
<form name="form" action="login.asp" method="post">
User Name : <input type="text" name="username">
Password : <input type="text" name="password">
<input type="hidden" name="valuepassed" value="true">
<input type=submit value="Login">
</form>
<!-- end the html login form -->
</div>
<% End Sub %>

Now lets break down the code into a series of blocks.

<%
Response.Expires = -1000 'Make sure the browser doesnt cache this page
Response.Buffer = True 'enables our response.redirect to work

If Request.Form("valuepassed") ="true" Then ' check if the value true has been sent
CheckLoginForm ' calls the subroutine checkloginform if value of login is true
Else
ShowLoginForm ' call the subroutine showloginform if the value of login isn't true
End If
%>

This block of code at the top of login.asp page checks to see if the hidden textbox <input type="hidden" name="valuepassed" value="true"> has passed the value true.
If request.form("valuepassed")="true" then the value True has been passed and we know that the visitor has clicked and submitted the form. In this scenario the subroutine CheckLoginForm is called and its code executed.
CheckLoginForm will check to see if the username and password equal the values the visitor has entered. If they are correct then a Session variable 'BlnLoggedIn' will be set to True and the visitor will then be redirected to the 'memberspage.asp'

<%
Sub CheckLoginForm
'check if the value of the text field 'username' and 'password' are correct
If Request.Form("username") = "mic" AND Request.Form("password") = "pass" Then 
Session("BlnLoggedIn") = True
Response.Redirect "memberspage.asp"
Else
Response.Write("<div align='center'>You are not logged in.</div><br>")
ShowLoginForm 'call the subroutine showloginform and display the login form again
End If
End Sub
%>

If the visitor has not clicked the submit button then no value will be passed i.e. request.form("valuepassed") will not equal True and in that case the subroutine ShowLoginFrom will be called.

<% Sub ShowLogin %>
<div align='center'>
<!-- start the html login form -->
<form name="form" action="login.asp" method="post">
User Name : <input type="text" name="username">
<br>
Password : <input type="text" name="password">
<input type="hidden" name="valuepassed" value="true">
<input type=submit value="Login">
</form>
<!-- end the html login form -->
</div>
<% End Sub %>

The subroutine code above simply creates a form. Note that we want the action of the form to be the same page.This just means that we'll use the same page to process and check the username and password rather than sending the details to another page.

PASSWORD PROTECT OTHER PAGES

If you want to password protect any other pages then you can simply add the following code at the top of the pages. So for all the other pages if the Session variable 'BlnLoggedIn' is not equal to True then they will be redirected to the login page.

<%
If Session("BlnLoggedIn") <> True Then
Response.Redirect("login.asp")
End If
%>





Banana Hosting: Their feature-rich plan includes everything you need to either run a small personal site or an advanced e-commerce site. The Banana Plan is suitable for beginners and advanced programmers alike and they even accept PayPal as payment! Click here for their special CodeFixer offer.

About | Contact | Advertise | Feedback | HireUs | | Send to | Link

Site developed by Michael Wall.
Copyright © 2000-2004. All rights reserved.
Software Products also available on CodefixerSoftware
Would u rather use Worldpay to buy our applications?
Definitely
I'd use PayPal
Offer both

ASP.NET PRO Readers Choice Award Winner!
MaximumASP Web Hosting

Latest Links
1)Startvbdotnet.com
2)ConnectionStrings
3)Protecweb
4)CMI Host
5)CoverYourASP

43 current users