Easily implement page limit access in ASP

Visit | page when you design a Web page, you often encounter certain pages with restricted access. For example, some products of a company are only allowed to be browsed by one or some suppliers or customers. So how do we achieve this? In this paper, the author will introduce several methods to restrict the client's access rights.

In general, we face three situations in the design process: a page that only allows a user to browse, a page that only allows some users to browse and some pages only to allow certain users to browse. The first situation is very simple, the author no longer described, the following will be a detailed description of the latter two types of design methods.

One, one page allows only some users to browse

The customer's information is saved in the database and is allowed to be accessed by retrieving the name and password entered by the customer in the database.

protect.asp file The page 〈html〉〈head〉〈title〉 Sadie homepage 〈/title〉〈/head〉〈body bgcolor= "#00FFFF" 〉′ where you can enter additional content for this page 〈form "Protect.asp" method= "POST" Please enter your name: 〈input type= "text" name= "text" Enter password: 〈input type= "password" size = "Name=" "Password" 〉〈input type= "Submit" Name= "B1" value= "Query" 〉〈/p〉〈/form〉〈%set conn=server.createobject ( "Adodb.connection") Conn.Open "Asptest" ′asptest is the name of the database where the form permission the customer information is stored sql1= "Selectfrom per Mission where xm= ' "&&request.form (" text ") &&" ' and Mima= ' "&&request.form (" password ") & & "'" Set Rs=conn.execute (SQL1)%〉′ displays a hyperlink to the page product.asp if the name and password are entered in the database 〈% if not rs.eof 〉〈a href= "Product.asp" the company's products 〈/a〉〈%end if%〉〈/body〉〈/html〉

　　 second, some of the pages to allow only some users to browse

We can design a login page register.asp, if the customer is not logged in, in the access to each of the restrictions on the page to force customers to first access the page register.asp implementation login. Automatically return to the page you just visited after successfully logging in. We can use cookies and session two ways to achieve.

1. Use cookies to achieve

If the customer has already logged in, the login information is recorded in the client's cookies, and the client can then browse directly to other restricted access pages.

register.asp〈% if Request.Form ("B1") = "Submit" Then Set Conn=server.createobject ("Adodb.connection") con N.open "Asptest" sql1= "SELECT * from permission where xm= '" &&request.form ("name") && "' and Mima= '" "& Amp;&request.form ("password") && "'" Set Rs=conn.execute (SQL1) if not rs.eof then respons E.cookies ("register") = "true" rs.close Conn.close end if′ If the user's information is present in the database, record the token that the user successfully logged on to the cookie s Middle End if%〉〈html〉〈head〉〈/head〉〈body bgcolor= "#c0c0c0" 〉〈p align= "center" 〉〈big〉〈big〉〈big〉 Dear Customer, please login! 〈/big〉〈/big〉〈/big〉〈/p〉〈hr〉〈form action= "Register.asp" method= "Post" Name= "Form1" 〉〈div align= "center" 〉〈p〉 Name 　　: 〈input name= "name" size= "13" 〉〈/p〉〈p〉 Password: 〈input name= "password" size= "" type= "password" 〉〈/p〉〈/div〉 〈div align= "right" 〉〈input type= "Submit" Name= "B1" value= "submitted" 〉〈/div〉〈/form〉〈/body〉〈/html〉protect.asp document Right access to the page 〈%If Request.Cookies ("register") 〈〉 "true" then Response.Redirect "register.asp" End if%〉′ If the customer is not logged in, force the customer Login 〈html〉〈head〉〈/head〉〈body bgcolor= "#00FFFF" 〉′ This is the page content you want to protect 〈/body〉〈/html〉

2. Implement with session

Session is a user-level global variable, we will log the customer successfully logged into the session, users can directly browse other restricted access to the page.

Global.asp〈script Language=vbscript runat=server〉sub Session_OnStart session ("register") = "false" 　　The information session ("Lognumber") that records the customer's successful logon =0′ records the number of times the customer attempted to log on, allowing up to three sessions ("prescript") = "" 　　The page is recorded by the customer to be accessed so that it can return to the page end sub〈/script〉register.asp〈% if Request.Form ("B1") = "Submit" Then Set Conn=server.createobject ("Adodb.connection") Conn.Open "asptest" sql1= "SELECT * FROM permission where xm= ' "&&request.form (" name ") &&" ' and Mima= ' "&&request.form (" password ") &&" ' "s ET Rs=conn.execute (SQL1) if not rs.eof then session ("register") = "true" if the user's information is present in the database, the user is logged successfully 　　 Mark to register variable rs.close conn.close response.redirect session ("Prescript") automatically returns to the page you just visited after successful login 　　　　 End If If sessions ("Lognumber") 〈3 then session ("Lognumber") = Session ("Lognumber") +1 Response.Redirect "RegiSter.asp "Else Response.Redirect" sorry.asp "End if′ allows you to attempt to log on three times, and if none succeeds, disable access and display the page at the same time sorry.asp End If%〉〈html〉〈head〉〈/head〉〈body bgcolor= "#c0c0c0" 〉〈p align= "center" 〉〈big〉〈big〉〈marqu EE align= "Middle" behavior= "alternate" welcome you to visit, please log in first! 〈/marquee〉〈br〉〈%if session ("Lognumber") 〉0 then%〉 input Error! 　　Please re-enter your name and password! 〈% End If%〉〈/big〉〈/big〉〈/p〉〈hr〉〈form action= "Register.asp" method= "Post" Name= "Form1" 〉〈div align= " Center "〉〈p〉 Name: 〈input name=" name "size=" 13 "〉〈/p〉〈p〉 Password: 〈input name=" password "size=" type= "password 　　"〉〈/p〉〈/div〉〈div align=" right "〉〈input type=" Submit "Name=" B1 "value=" submitted "〉〈/div〉〈/form〉〈/body〉〈/html〉 Protect.asp the page 〈% if session ("register") 〈〉 "true" then the session ("prescript") = request.se Rvervariables ("Script_name") Response.Redirect "Register.asp" End if%〉′ records the path of the page to the Prescript variable and forces the guestUser login 〈html〉〈head〉〈meta http-equiv= "Content-type" content= "text/html; charset=gb_2312-80 "〉〈/head〉〈body bgcolor=" #00FFFF 〉′ Here you can enter scripts for other content on this page 〈/body〉〈/html〉

These methods can be used flexibly by the designers according to the needs of the system.