Use ASP to encrypt home page Our aim is to: * Verify that the user is authorized and set the corresponding validation status based on the result * If the user is authorized, verify that the status is 1 * If the user is not authorized, verify the status of 0 The following shows the code of the Verify.asp page, you can make some corresponding changes according to the actual situation. <% ' Create a Command object. This object serves to run our queries Set Cm = Server.CreateObject ("Adodb.command") ' Specify the system DSN path Cm.activeconnection = "Logindsn" ' Now it ' 's time for the query. We need to check the user information ' Against the table tusers Cm.commandtext= "SELECT * from Tusers WHERE" & _ "Username= '" & Request.Form ("UserName") & "and" & _ "Userpassword= '" and "Request.Form" ("UserPassword") & "'" ' Set the query type. 1 means it is a SQL statement Cm.commandtype = 1 ' Retrieve the results in a Recordset object Set Rs = Cm.execute ' We now check if the user is valid. If User is valid, the recordset must ' Haverecord. Otherwise it is empty. If user exists, we set authentication ' Status to 1 and send the user to appropriate page, say welcome.asp. ' Else send the user back to Login.asp If rs.eof Then Session ("authenticated") = 0 Response.Redirect ("Login.asp") Else Session ("authenticated") = 1 Response.Redirect ("welcome.asp") End If % > Step 6: Check the validation status This is an important part of our system. We want to check the authentication status of the user on each protected page. This is simple to do. Just check that the user's authentication status is 1, and if not 1, send the user back to the Login.asp page. The sample code is as follows <% If session ("authenticated") = 0 Then Response.Redirect ("Login.asp") End If % > You can also use a different method. Copy the above code into a file called Check.inc, and then include the following line of code in the header of the page you want to protect. If you have a lot of pages to protect, you just need to write this line of code to the head of every page you need to protect. The above 6 steps will help you create a simple user login system. But keep in mind that this system is just protecting a virtual directory, not the entire site. You need to create one for each virtual path you want to protect. |