Use ASP to encrypt your site

Use ASP to encrypt your site

Readers who are learning to build a Web site may be concerned about the security of the site; maybe you are building a non-disclosure site, only system users can access your site. If you are compiling an ASP page, you can easily achieve this through this article.

First, you need to make a login page, add a form to the HTML, and set it as a self-delivery page

〈form Name=″login″action=″default. asp″method=″post″target=″-top″〉

The action is followed by the URL on this page, so that if the user is logged in incorrectly, you will be prompted on this page without having to return to the previous page to log in. Add to the form

〈input name=″uid″size=″10″maxlength=″10″style=″height:21px; width:101px″〉

〈input name=″pwd″type=″password″size=″10″maxlength=″10″〉

After completing the HTML, add the following code to the top of the page:

〈%′send customer direct to main page if already logged in

If not IsEmpty (session (″cust-id″)) and Len (Session (″cust-id″)) 〉0 then Response.Redirect (″NAVIGATION/DASHBRD. Asp″)

Enter your real homepage URL here

End If

′set Flags

Blogin = False

Berror = False

′check Blank Entries

If IsEmpty (Request (″uid″)) or Len (Request (″uid″)) = 0 or IsEmpty (Request (″pwd″)) or Len (Request (″pwd″)) = 0 Then

′need to log in

Blogin = True

Else

′check user credentials against DB

... to verify that your database holds the user in the password table

This puts the connection database code here

The following SQL ″select * from customer where cust-id=′″& request (″uid″) &″′and′cust-pwd=′″& request (″pwd″) &″′″

in which request (″uid″) and request (″pwd″) are the text of the user name and password in the form in the HTML of this page

Gbfound = False

If not RSCUST.BOF and is rscust.eof then

Gbfound = True

End If

If Gbfound Then

′record useful Customer info in session variables

Session (″cust-id″) = Rscust.fields (″cust-id″)

This is the user name in the database

Session (″cust-pwd″) = Rscust.fields (″cust-pwd″) This entry is a user password in the database

Session (″power″) = Rscust.fields (″power″) This entry is a user right in the database [optional]

′update Last login time [optional]

′rscust.activeconnection.execute (″update customer set Cust-login =′″& now &″′where cust_id =″& session (″cust-id″) ＆ ″　″)

Response.Redirect (″NAVIGATION/DASHBRD. Asp″) Real Homepage URL

Else

′uid and password not found

Berror = True Blogin = True

End If

Rscust.close

′close recordset

Mycn-login.close

Set mycn-login=nothing

′get all policy numbers held by customer

End If

％〉

Finally, all you have to do is add the following code at the beginning of each of your pages:

〈% if IsEmpty (session (″cust-id″)) or Len (Trim (Session (″cust-id″)) = 0 Then%〉

〈script language=″javascript″runat=client〉

〈!——

Top.location.href =″. /default. Asp″

——〉

〈script〉

〈% Response.End

End If%〉

where the session (″cust-id″) is the registered user name.

Top.location.href =″. /default. Asp″ will automatically navigate to your login screen.

After this process, congratulations, your Web site has a secure login function. Even if someone knows the address of your site, you won't be able to access other pages without a legal login. And, after your web page times out, users need to log in again, so that even if the operator leaves temporarily, there is no need to worry about the malicious operation of the illegal person.