New user..new question..basic types..

**dbs26** · Oct 17th, 2001, 02:59 PM

i am a very new user to programming..i got into this coz i want to make my own website..and i am stuck at a point..

how do i make user log in and logout using asp???

i am sure i am between a panel of experts...

any info would be appreciated

thanx
dev

**Sastraxi** · Oct 17th, 2001, 03:24 PM

Well I'm glad you'd like to learn.

First you create a <FORM> element on one of your websites:

Code:

<FORM METHOD="POST" ACTION="login.asp">
<INPUT TYPE="text" NAME="user"><BR>
<INPUT TYPE="password" NAME="pass"><BR>
<INPUT TYPE="submit">
</FORM>

Then, in your login.asp you would check it against a predefined list...

VB Code:

<%Dim User
Dim Pass
 
User = Request.Form("user")
Pass = Request.Form("pass")
 
If User = "my_name" and Pass = "my_password" Then
   Response.Redirect "thankyou.htm"
Else
   Response.Redirect "bad.htm"
End If%>

This is the worst form of password authenification. If you want it better you wont encode the data being passed, as well as decode it at the other end. ASP does not do the decoding for you-- you must do it yourself.

Another HUGE step up would be to access a database that contains a list of registered users and passwords.

**dbs26** · Oct 17th, 2001, 03:59 PM

hi

thanx a lot for your help...

i would like to go for the HUGE process option as i will have registered users accessing my website..hence i will have to make a db and simulatenously make a DSN on the server...but i dont know how to call a dsn and check the username and password and return the approprite results.....

will that not be a better process to authenticate the users..in case of only registered users accessign the web page...???

could you also pls elaborate about encoding and decoding ...and how do i do it....

thanx once again

dev

**Sastraxi** · Oct 17th, 2001, 07:02 PM

To encode it, I believe you would add this parameter to the form:

Code:

<FORM METHOD="POST" ACTION="login.asp" ENCTYPE="multipart/form-data">

I have no idea how to decode it =), as ASP won't do it for you.

To do the database, you would have this kind of code... and remember to have an ADOVBS.inc in your dir with all the correct stuff.

Code:

<!-- #INCLUDE FILE="adovbs.inc" --><%Dim User
Dim Pass
Dim CN
Dim oC
Dim oR

User = Request.Form("user")
Pass = Request.Form("pass")
Set oC = Server.CreateObject("ADODB.Connection")
Set oR = Server.CreateObject("ADODB.Recordset")

CN = "DSN=[dsn-name]"

oC.Open CN, [db_user_if_any], [db_password_if_any]
oR.Open "SELECT * FROM USERS Where Username = '" & User & "'"

If oR.EOF Then
   Response.Redirect "user_not_registered.htm"
ElseIf UCASE(oR("Password")) <> UCASE(Pass) Then
   Response.Redirect "bad_pass.htm"
Else
   Response.Redirect "thankyou.htm"
End If%>

You would have to have a table called USERS of course, with two fields, USERNAME and PASSWORD. This is only a small example. That should get you started but don't expect me to write that much code again =)

**dbs26** · Oct 17th, 2001, 10:42 PM

thanx for your help..i will figure out the rest and definitely will let post it on this forum..if i am able to elp others.

thanx

dev

Thread: New user..new question..basic types..

Thread Tools

Display

New user..new question..basic types..

authentication

login

Posting Permissions