Background Management login-asp design and Database _asp Foundation

Realize the function is not difficult, want to perfect, even perfect, that is called difficult.
Therefore, the younger brother will realize the function to come out, and you discuss the discussion with beginners. As for perfection, it's up to you to see what you think.

I. Establishment of a database

In the beginning, I built a database called Windsn.mdb, containing 4 sheets
Admin table (for administrator information): ID, name (username), pwd (password), ...
Concent table (for storing document data): con_id, title, author, part, con, time, num
CON_ID Automatic Numbering
Title article titles
Author author or source
Part article classification
Con article content
Time published (with =now () as initial value)
Num Read times
Part table (for storing document classification data): ID, part (category), num
Reply Table (for document reviews): con_id, rep_id, Rep_name, Rep_con, Rep_time
con_id the field corresponding to the con_id field in table concent, numeric type
REP_ID Automatic Numbering
Rep_name the name of the user participating in the review
Content of Rep_con comments
Rep_time Comment Time

Connecting to database Files conn.asp

The following is a code fragment: <% Set conn = Server.CreateObject ("ADODB. Connection ") Conn. Open "Driver={microsoft Access DRIVER (*.mdb)}; Dbq= "& Server.MapPath (" Db\windsn.mdb ") %>

Then, before each page to connect to the database, add a line of code:<!--#include file= "... /conn.asp "-->

Second, set session

In order to prevent illegal login, we have to establish a session.asp.

The following is a code fragment: <% If session ("name") = "" Then ' If user name does not exist, restrict login. (You can also set a field to increase security) ' If the administrator is only you, then the above can be changed to if session ("name") <> "Yourname" ' then so that security will be higher, no need to be afraid of loopholes, but not flexible. Response.Write "<script>alert (' Sorry, you haven't logged in yet!") '); location= ' http://www.windsn.com/admin.asp ' </script> ' Response.End End If %>

Then add a line of code to each page:<!--#include file= "session.asp"-->

Third, the administrator login

1, Login interface

Login interface admin.asp file, I set here to check.asp verify

The following is a code fragment: <table width= "755" border= "0" align= "center" cellspacing= "1" style= "font-size:13px"; "> <form name= "Form1" method= "POST" action= "check.asp" > &LT;TR align= "center" bgcolor= "#eeeeee" > &LT;TD height= "colspan=" 2 "style=" FONT-SIZE:15PX; "><b> admin entrance </b></td> </tr> <tr bgcolor= "#eeeeee" > &LT;TD width= "308" align= "right" ><b> username:</b></td> &LT;TD width= "440" ><input name= "name" type= "text" class= "table" id= "name" size= "></td>" </tr> <tr bgcolor= "#eeeeee" > &LT;TD align= "right" ><b> password:</b></td> <td><input name= "pwd" type= "password" class= "table" id= "pwd" size= "></td>" </tr> <tr bgcolor= "#eeeeee" > &LT;TD colspan= "2" > </td> </tr> &LT;TR align= "center" bgcolor= "#eeeeee" > &LT;TD colspan= "2" ><input name= "Submit" type= "Submit" class= "table" value= "Login" > <input name= "Submit2" type= "button" class= "table" value= "Cancel" onclick= "javascript:window.location.href= ' http://www.windsn.com/'" ></td> </tr> </form> </table>

Verify login page check.asp<% @LANGUAGE = "VBSCRIPT" codepage= "936"%>

The following is a code fragment: <!--#include file= ". /conn.asp "--> <! DOCTYPE HTML PUBLIC "-//w3c//dtd HTML 4.01 transitional//en" "HTTP://WWW.W3.ORG/TR/HTML4/LOOSE.DTD" > <meta http-equiv= "Content-type" content= "text/html; charset=gb2312 "> <title> User Validation </title> <% Name = Request.Form ("name") ' Get user name ' name = replace (name, "'", "") PWD = Request.Form ("pwd") ' Get password Set Rs=server. CreateObject ("Adodb.recordset") Sqlstr= "SELECT * from admin where name= '" "& Name &" ' "&" and Pwd= ' "& pwd &" " Rs.Open sqlstr,conn,1,1 If Rs.eof Then Response.Redirect "error.asp" Login failed to enter error.asp page Else Session ("name") =request.form ("name") ' Set the session value to restrict login to the page. With this line of code, the above mentioned <!--#include file= "session.asp"--> code into the page that needs to be restricted to login, the page must be logged in successfully to access Response.Redirect " Admins.asp "' Login successful after entering Admins.asp's admin page, ' Add <!--#include file= ' session.asp '--> code on this page End If %> <body> </body>