Authenticate. asp
<%
Dim URL
URL = Request. QueryString
'Get URL.
%>
<Html>
<Body>
<Form method = post action = "/validate. asp">
<Input type = hidden name = "URL" VALUE = "<% = URL %>">
'Save the URL to a hidden variable.
User name:
<Input type = text name = "txtName">
Password:
<Input type = password name = "txtPassword">
<Input type = SUBMIT>
</FORM>
</Body> Use the validate. asp file to obtain the information passed to it, read the username and password from the database, and determine whether to authorize the user.
Validate. asp
<%
Dim strUserName, strPassword
StrUserName = Request. form ("txtName ")
StrPassword = Request. form ("txtPassword ")
'Read the username and password from the form.
'Establish a database connection...
Dim strSQL
StrSQL = "select * from ValidUsers WHERE UserName = "&_
StrUserName & "AND Password = "&_
StrPassword
'For SQL query.
Dim rs
Set rs = Conn. Execute (strSQL)
If rs. EOF Then
'If recordset is not empty, the user name is valid.
Session ("bolAuthenticated") = True
'Set bolAuthenticated to True.
Response. Redirect Request. form ("URL ")
'Transmits the URL that the user has arrived.
Else
Response. Redirect "/notvalidated. asp
'Otherwise, the user is not authorized to access the service and will pass the user to an error prompt page.
End If
%>
[1]