I need to protect a homepage and would like to do that with ASP without any databaseconnection. There should be two formfields to enter usernamne and password. There will be only one user. How do i write this in ASP?This is the best ASP authentication tutorial that I know of:
<!-- m --><a class="postlink" href="http://htmlgoodies.earthweb.com/beyond/asp2.htmlTry">http://htmlgoodies.earthweb.com/beyond/asp2.htmlTry</a><!-- m --> this:
<!-- w --><a class="postlink" href="http://www.101tutorials.com/scripts/asp/password/index.aspHere's">www.101tutorials.com/scripts/asp/passwo ... .aspHere's</a><!-- w --> what the home page should read like:
<html>
<head>
<title>Login</title>
</head>
<body>
<p align="center"><b>Login</b></p>
<form method="post" action="validate.asp">
<table width="50%" border="0" cellspacing="0" cellpadding="6" align="center">
<tr>
<td width="47%">
<div align="right">User
Name</div>
</td>
<td width="53%">
<input type="text" name="user">
</td>
</tr>
<tr>
<td width="47%">
<div align="right">Password</div>
</td>
<td width="53%">
<input type="password" name="pass">
</td>
</tr>
<tr>
<td colspan="2">
<div align="center"> <br>
<input type="submit" name="Submit" value="Login">
</div>
</td>
</tr>
</table>
</form>
<p> </p>
</body>
</html>
and validate.asp which this page calls looks like:
<%
user = request("user")
pass = request("pass")
ok = 0
if len(user) < 4 then response.redirect("main.asp")
if len(pass) < 4 then response.redirect("main.asp")
if user = "login name here" and pass = "password here" then
ok=1
response.redirect("yourpage.asp")
else
response.redirect("main.asp")
end if
%>
Now a good idea is to set a session variable such as session("loginname") = user and ensure that session("loginname") <> "" on all your pages so that people cannot view pages you don't want to them see unless they have logged in.
Hope this has given you a rough idea.
<!-- m --><a class="postlink" href="http://htmlgoodies.earthweb.com/beyond/asp2.htmlTry">http://htmlgoodies.earthweb.com/beyond/asp2.htmlTry</a><!-- m --> this:
<!-- w --><a class="postlink" href="http://www.101tutorials.com/scripts/asp/password/index.aspHere's">www.101tutorials.com/scripts/asp/passwo ... .aspHere's</a><!-- w --> what the home page should read like:
<html>
<head>
<title>Login</title>
</head>
<body>
<p align="center"><b>Login</b></p>
<form method="post" action="validate.asp">
<table width="50%" border="0" cellspacing="0" cellpadding="6" align="center">
<tr>
<td width="47%">
<div align="right">User
Name</div>
</td>
<td width="53%">
<input type="text" name="user">
</td>
</tr>
<tr>
<td width="47%">
<div align="right">Password</div>
</td>
<td width="53%">
<input type="password" name="pass">
</td>
</tr>
<tr>
<td colspan="2">
<div align="center"> <br>
<input type="submit" name="Submit" value="Login">
</div>
</td>
</tr>
</table>
</form>
<p> </p>
</body>
</html>
and validate.asp which this page calls looks like:
<%
user = request("user")
pass = request("pass")
ok = 0
if len(user) < 4 then response.redirect("main.asp")
if len(pass) < 4 then response.redirect("main.asp")
if user = "login name here" and pass = "password here" then
ok=1
response.redirect("yourpage.asp")
else
response.redirect("main.asp")
end if
%>
Now a good idea is to set a session variable such as session("loginname") = user and ensure that session("loginname") <> "" on all your pages so that people cannot view pages you don't want to them see unless they have logged in.
Hope this has given you a rough idea.