Two basic methods of implementing Web page password verification by ASP

"Summary" When the surfer wants to browse the Web page of the directory, the browser displays the "Please enter user name and password" window, requiring the user to enter a username and password, because the method of IIS authentication is combined with NT Server, as long as the user of NT Server, is the user of IIS, Therefore, the username and password entered here are the user and the corresponding password already established in the NT Server. In this way we can easily implement the password verification of sample directory pages.

When we visit some websites, often encounter the need to enter a "username and password" of the Web page, user name and password verification to the safety of the site to bring security, general Web page security settings to the directory as a unit, by setting the attributes of the directory can guarantee the safety of the site, such a Web page is how to produce it.

The following author will introduce the two methods of password verification in web design, hoping to help web designers.

One, using the tools provided by IIS
If the designer is an administrator-level user, we can implement the password verification in a simple way. If you are installing a Web server that is IIS, we can use the Internet service administrator provided by IIS for directory security settings. Let's say we set/sample as a security directory, start Internet Security Service administrator first, open "default site", and we Choose "Home" directory. Then select Edit Properties, in the sample Properties window that appears, select the Directory Security Settings option, and then press the Edit button in anonymous access and authentication control to cancel the Allow anonymous button and select Basic. Next, when the surfer wants to browse the webpage of this directory, the browser will display the "Please enter user name and password" window, ask the user to enter the username and password, because IIS authentication method is with NT Server, as long as the user of NT Server, is the user of IIS, Therefore, the username and password entered here are the user and the corresponding password already established in the NT Server. In this way we can easily implement the password verification of sample directory pages.

Second, the use of ASP procedures
The use of procedures for password verification, this method is more general, it has no specific requirements for Web servers, it is the use of database and ASP program design, to achieve a common Web page encryption.

First, we use Microsoft Access to create a "user name and password" datasheet, assuming that the table is named user, the database name is Usercheck.mdb, and the data table is structured as follows:

Field Description field name data type data length
User name ID Text 15
Password PWD Text 15

The source code for the validator pass.asp is as follows:
<%
Function Check (ID, PWD)
Dim Conn, par, RS
Set conn = Server.CreateObject ("ADODB. Connection ")
par = "Driver={microsoft Access driver (*.mdb)}"
Conn. Open par && ";d bq=" && server.mappath ("Usercheck.mdb")
sql = "SELECT * from users Where id= && ids && and Pwd = && Pwd &&"
Set RS = conn. Execute (SQL)
If Rs. EOF Then
check= False
Else
check= True
End If
End Function
%>
<%
If IsEmpty ("passed") Then session ("passed") = False
Head = "Please enter user name and password"
id = Request ("id")
PWD = Request ("PWD")
If ID = "" Or Pwd = "" Then
Head = "Please enter user name and password"
Else If not Check (ID, PWD) Then
Head = "Wrong user name or password"
Else
Session ("passed") = True
End If
If not session ("passed") Then
%>
<body bgcolor= "#FFFFFF" >
&LT;H2 align= "CENTER" ><%=Head%><form action= "<%=request.servervariables (" Path_info ")%>" method= "POST >
<table border= "1" cellspacing= "0" >
<tr>
&LT;TD align= "Right" > User name:</td>
<td><input type= "Text" name= "ID" size= "value=" <%=ID%> "></td>
</tr>
<tr> <td align= "right" > Password: </td>
<td><input type= "Password" name= "Pwd" size= "" value= "<%=Pwd%>" ></td> </tr>
</table>
<p><input type= "Submit" value= "OK" > </p> </form>
</body> <%response.end
End If%>

This validation-proof page is versatile, as long as you add the following program to the front of the page where you need to encrypt it:
<! --#i nclude file= "pass.asp"-->
You can implement the function of encrypting any Web page.