Several methods of page access restriction in ASP

 
 
 

When designing a webpage, you may need to restrict access to some pages. For example, some products of a company can only be viewed by one or more suppliers or customers. So how can we implement this function? In this article, I will introduce several methods to restrict the access permissions of customers.

Generally, we are faced with three situations in the design process: a page allows only one user to browse, a page allows only some users to browse, and some pages only allow some users to browse. The first case is very simple. I will not describe it any more. The following describes the design methods for the last two cases.

1. A page allows only some users to browse
Save the customer information in the database. If you can retrieve the name and password entered by the customer in the database, you can access this page.
Protect. asp file 'page for access with limited Permissions

<Html>

'Enter other content on the page.

<Form action = "Protect. asp" method = "post"> "〉

Enter the name:

<Input type = "text" name = "text"> "〉

Enter the password: <input type = "password" size = "20" name = "password"> "〉

<Input type = "submit" name = "B1" value = "query"> </p> </form> 〉

<% Set conn = server. createobject ("adodb. connection ")

Conn. open "asptest"

'Asptest is the name of the database where the form permission storing customer information is located.

Sql1 = "select from permission where xm = '" & request. form ("text") & "'and mima ='" & request. form ("password ")&&"'"

Set rs1_conn.exe cute (sql1) %> 〉

'If the name and password entered by the customer exist in the database, the product. asp hyperlink is displayed.

<% If not rs. eof then %> <a href = "product. asp"> products of the company </a> 〉

<% End if %> </body>

2. Some pages only allow some users to browse
We can design the register. asp logon page. if the customer does not log on, force the customer to access the register. asp logon page first when entering each page requiring limited access. After successful logon, the system automatically returns to the page you just accessed. We can use cookies and sessions.

1. Implement with cookies

If the customer has logged on, the login information is recorded in the cookies of the client. Then, the customer can directly browse other restricted access pages.

Register. asp

<% If request. form ("b1") = "Submit" then

Set conn = server. createobject ("adodb. connection ")

Conn. open "asptest"

Sql1 = "select * from permi