How to encrypt a home page using ASP

Source: Internet
Author: User
Tags mdb database

Next, I will introduce how to use ASP to create a simple but effective logon solution to ensure the security of web applications. As long as you follow the steps below, you will have a secure User Logon system.

Step 1: create a user table

First, we need to create a table that records the information of authorized users. In this example, I used Access97 to create a userinfo. mdb database, which contains information of authorized users. Users have two fields: User Name and user password. The user name is the primary keyword. (Access is used because it is widely known, easy to use, and applicable to most small and medium solutions .)

Step 2: Set the default verification status

Complete these settings in the global. Asa file to set a dialog variable for the default "not authenticated" status. After this is done, users can access protected pages only after checking their ID card. The default status ensures that everyone is authenticated before entering the webpage.

In the global. Asa file, enter the following code in the session_onstart event:

In the global. Asa file, enter the following code in the session_onstart event:

<Script language = VBScript runat = Server>

Sub session_onstart

......

......

'This is the default authentication status

Session ("authenticated") = 0

End sub

</SCRIPT>

Do not forget to set the authentication status. Our purpose is:

* Verify that the user is authorized and set the corresponding verification status based on the result.

* If the user is authorized, the verification status is set to 1.

* If the user is not authorized, the verification status is set to 0.

The Code on the verify. ASP page is displayed below. You can modify the code according to the actual situation.

<%

'Create a command object. This object serves to run our queries

Set CM = server. Createobject ("ADODB. Command ")

'Specify the system DSN path

Cm. activeconnection = "logindsn"

'Now it's time for the query. We need to check the user information

'Against the table tusers

Cm. commandtext = "select * From tusers where "&_

"Username = '" & request. form ("username") & "and "&_

"Userpassword = '" & request. form ("userpassword") & "'"

'Set the query type. 1 means it is a SQL statement

Cm. commandtype = 1

'Retrieve the results in A recordset object

Set rs = cm. Execute

'We now check if the user is valid. If user is valid, the recordset must

'Haverecord. Otherwise it is empty. If user exists, we set Authentication

'Status to 1 and send the user to appropriate page, say welcome. asp.

'Else send the user back to login. asp

If Rs. EOF then

Session ("authenticated") = 0

Response. Redirect ("login. asp ")

Else

Session ("authenticated") = 1

Response. Redirect ("Welcome. asp ")

End if

%>

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.