vzdog
asked on
ASP and MS Access Database Password Protection multiple pages Database-Connected Auto-Navigation
Good Day. i believe there is an easy fix for this but I am missing it.
My entire password protection is based on code found at:
http://www.asp101.com/samples/login.asp
I am using the Database-Connected Auto-Navigation Version
I have a internal website (IIS) that has a login. I have the user's built in to an MS Acces table.
From the site main page they enter the User ID and Password are redirected to the sub-page specifically for them (There are 6 different "sub-pages"). Here is the catch. On each "sub-page" there are 2 additional links (specific to only that "sub-page") that I want to protect as well. Meaning they can not follow these links unless they logged in to begin with.
I know there should be an include file on the Subpage and on the 2 additional link pages. I am just not sure how or what to use as script for that. Below is the script for the initial login and it works fine.
My entire password protection is based on code found at:
http://www.asp101.com/samples/login.asp
I am using the Database-Connected Auto-Navigation Version
I have a internal website (IIS) that has a login. I have the user's built in to an MS Acces table.
From the site main page they enter the User ID and Password are redirected to the sub-page specifically for them (There are 6 different "sub-pages"). Here is the catch. On each "sub-page" there are 2 additional links (specific to only that "sub-page") that I want to protect as well. Meaning they can not follow these links unless they logged in to begin with.
I know there should be an include file on the Subpage and on the 2 additional link pages. I am just not sure how or what to use as script for that. Below is the script for the initial login and it works fine.
<%
If Request.Form("action") <> "validate_login" Then
%>
<form method="post">
<input type="hidden" name="action" value="validate_login" />
<table border="5">
<tr>
<td align="right">Login:</td>
<td><input type="text" name="login" /></td>
</tr>
<tr>
<td align="right">Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td align="right"></TD>
<td><input type="submit" VALUE="Login" /></td>
</tr>
</table>
</form>
<%
Else
Dim cnnLogin
Dim rstLogin
Dim strSQL
Dim strUsername, strPassword, strURL
strUsername = Request.Form("login")
strPassword = Request.Form("password")
If Len(strUsername) > 25 Or Len(strPassword) > 25 Then
strUsername = ""
strPassword = ""
Else
strUsername = Replace(strUsername, "'", "''")
strPassword = Replace(strPassword, "'", "''")
End If
strSQL = "SELECT * FROM tblLoginInfo " _
& "WHERE username='" & strUsername & "' " _
& "AND password='" & strPassword & "';"
Set cnnLogin = Server.CreateObject("ADODB.Connection")
cnnLogin.Open("DRIVER={Microsoft Access Driver (*.mdb)};" _
& "DBQ=" & Server.MapPath("Proactive.mdb"))
Set rstLogin = cnnLogin.Execute(strSQL)
If rstLogin.EOF Then
Session("username") = ""
strURL = ""
%>
<p>
<font size="4" face="arial,helvetica"><strong>
Login Failed - Please verify username and password.
</strong></font>
</p>
<p>
<a href="login_db_nav.asp">Try Again</a>
</p>
<%
'Response.End
Else
Session("username") = rstLogin.Fields("username").Value
strURL = rstLogin.Fields("destination").Value
Response.Redirect("" & strURL)
End If
' Clean Up
rstLogin.Close
Set rstLogin = Nothing
cnnLogin.Close
Set cnnLogin = Nothing
End If
%>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
worked like a charm! Thanks ! BD..
ASKER
But it doesnt not work correctly. see below.
Open in new window