When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
ASPFAQs.com
Message Board
Related Web Technologies
User Tips!
Coding Tips

Sections:
Sample Chapters
Commonly Asked Message Board Questions
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Security
Stump the SQL Guru!
XML Info
Information:
Feedback
Author an Article
ASP ASP.NET ASP FAQs Message Board Feedback
Print this page.
Published: Sunday, August 08, 1999

Password Protecting Your Site

By Rob Taylor


Logging On Password File Invalid File Monitoring the Visit

- continued -

Monitoring the Visit

<%
    If Session("id") = "" Then
       Response.Redirect "enter.asp"
   Else
   End if
%>

<!DOCTYPE HTML PUBLIC"-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
    <HEAD>
       <TITLE>Welcome</TITLE>
.
.
.

When the user has successfully entered the correct email address and password, he is directed to the desired page. This script must go at the top of every page that you want to protect. The code checks the session to see if the user has logged in. If he has not, he is sent back to the log in screen. This stops a user from bookmarking the URL and bypassing the password system on his next visit.

***The pages must be in the same directory or a directory under the password system directory.***

Sessions by default last 20 minutes. This system uses the default. You can change the default for the session by setting session.timeout at the top of the password.asp file. For example, if you want the session to last 2 minutes:

session.timeout = 2

Again, when you create the password file, make sure you put it someplace other than the directory you are in. Best bet is to put it on another drive or back a few directories.

OK, so you should have:

  • An entry page for the user to login
  • A password page that checks the users identity and starts the session.
  • An invalid page that redirects the user back to the login screen if his credentials are incorrect
  • A password file with the email address' and passwords
  • code in every page you want to protect that checks the session.

    Once you have this, you are ready to try the system out! If you have problems with this code, please contact me at taylo@bannerclass.com.
    Please visit my web site at www.cartographytoday.com

    Logging On Password File Invalid File Monitoring the Visit


  • ASP.NET [1.x] [2.0] | ASPMessageboard.com | ASPFAQs.com | Advertise | Feedback | Author an Article