When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
Related Web Technologies
User Tips!
Coding Tips

Sample Chapters
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Stump the SQL Guru!
XML Info
Author an Article
Print this page.
Published: Sunday, August 08, 1999

Password Protecting Your Site

By Rob Taylor

Logging On Password File Invalid File Monitoring the Visit

<% Dim mailaddress = request.form("email") Dim userkey = request.form("pwd") Session("user")=mailaddress Session("id")=userkey set pwdObj = Server.CreateObject("Scripting.FileSystemObject") set gtFile = pwdObj.openTextFile(Server.MapPath("password.txt")) While not gtFile.AtEndOfStream if gtFile.ReadLine=Session("user") & " " & Session("id") Then gtfile.close Response.Redirect "ValidUser.asp" End If WEND Response.Redirect "invalid.asp" %>

- continued -

OK, here we go. mailaddress and userkey are set to the value coming in from the forms on the enter.asp page (where you log in). Two Session variables are then set. One for the email address and the other for the user password. The passwords are stored in a text file somewhere (Be sure and hide it well).

The password file is read through line by line until the user email address and password match. Notice the gtFile.ReadLine statement has a & " " & in it. Read Line is doing just that, Reading the line. The line in the password file has the email address, one space, then the password. If you seperate your email and passwords by 5 spaces, be sure and have a string of 5 spaces between them. This is an example of the password.txt file using one space.

If the email address and password is found in the password.txt file, then the user is forwarded to the site. If they do not match, the user is bounced back to the log in screen via the invalid.asp file.

Logging On Password File Invalid File Monitoring the Visit

ASP.NET [1.x] [2.0] | ASPFAQs.com | Advertise | Feedback | Author an Article