To read the article online, visit http://www.4GuysFromRolla.com/webtech/080899-1.shtml

Password Protecting Your Site

By Rob Taylor


Logging On Password File Invalid File Monitoring the Visit


password.asp
<% Dim mailaddress = request.form("email") Dim userkey = request.form("pwd") Session("user")=mailaddress Session("id")=userkey set pwdObj = Server.CreateObject("Scripting.FileSystemObject") set gtFile = pwdObj.openTextFile(Server.MapPath("password.txt")) While not gtFile.AtEndOfStream if gtFile.ReadLine=Session("user") & " " & Session("id") Then gtfile.close Response.Redirect "ValidUser.asp" End If WEND Response.Redirect "invalid.asp" %>

OK, here we go. mailaddress and userkey are set to the value coming in from the forms on the enter.asp page (where you log in). Two Session variables are then set. One for the email address and the other for the user password. The passwords are stored in a text file somewhere (Be sure and hide it well).

The password file is read through line by line until the user email address and password match. Notice the gtFile.ReadLine statement has a & " " & in it. Read Line is doing just that, Reading the line. The line in the password file has the email address, one space, then the password. If you seperate your email and passwords by 5 spaces, be sure and have a string of 5 spaces between them. This is an example of the password.txt file using one space.

If the email address and password is found in the password.txt file, then the user is forwarded to the site. If they do not match, the user is bounced back to the log in screen via the invalid.asp file.

Logging On Password File Invalid File Monitoring the Visit


Article Information
Article Title: Password Protecting Your Site
Article Author: Rob Taylor
Published Date: Sunday, August 08, 1999
Article URL: http://www.4GuysFromRolla.com/webtech/080899-1.shtml


Copyright 2017 QuinStreet Inc. All Rights Reserved.
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers