How to Create a Login & Response Page
Creating a secure login to your Web site will secure and protect it from unauthorized access. It also allows you to customize your Web site for users depending on their login information. The first thing you'll need to do is create a database that stores login information for the user name and password.
Other People Are Reading
Instructions
-
-
1
Add the following code to your home page to provide your site with a login page or to create a link to send your users from your home page to a login page. The first line checks to see if a session has been established for ("User"). If no session is established then line 2 of the code redirects the user to the login.asp page; if already logged in the page will display for the user.
<%
If Session("User") = 0 Then
Response.Redirect "/login.asp?RefURL=/default.asp"
End If
%> -
2
Create a form to collect the user's name and password. Line 1 in the code will send the form information to a processing page. Lines 2, 3 and 4 gather the information that is to be sent to the processing page. Line 2 is hidden and is not visible to the user and captures the URL of the current page. Line 3 captures the user's name and line 4 captures the user's password. Name and save this page as "login.asp".
<form action="login_proc.asp" name="frmLogin" method="POST">
<input type="hidden" name="RefURL" value="<%=Request.Querystring("RefURL")%>">
<input type="text" name="UserName" size="19" a title="Enter User Name." tabindex="1">
<input type="password" name="Password" size="19" a title="Enter Password." tabindex="2"></form>
-
-
3
Send the form information to the processing page to verify that information submitted matches information stored in the database. Lines 1-5 request the RefURL from the main page or your Web site to send the user to if the correct login is provided. Lines 5-10 open a connection to the database and recordset then checks to see if the data you entered matches a line in the database. Lines 11-17 see if what you entered is correct and either sends you back to login.asp if "False" (wrong login information) or if "True" establishes a session for the user. Lines 18-19 close the connection to the database and recordset. Line 12 creates the message to give the user and adds it onto the URL so that it tells the user they entered the wrong information (see step 4). Name and save the processing page "login_proc.asp".
<%
If Request.Form("RefURL") <> "" Then
RefURL = Request.Form("RefURL")
Else
RefURL = "admin/default.asp"
End IfSet Conn = server.CreateObject("ADODB.Connection")
Conn.Open "PROVIDER=SQLOLEDB;DATA SOURCE=mssql02.1and1.com;UID=dbo266996089;PWD=dhaka06;DATABASE=db266996089"
Set RS = Server.CreateObject("ADODB.RecordSet")SQL = "SELECT * FROM tbl_Login WHERE UserName = '" & Request.Form("UserName") & "' AND Password = '" & Request.Form("Password") & "'"
Set RS = Conn.Execute(SQL)
If RS.EOF then
Response.Redirect("login.asp?MSG=Invalid username or password. Please try again!")
Else
Session("User") = True
Session("UserName") = RS("UserName")
Response.Redirect RefURL
End IfSet Conn = Nothing
Set RS = Nothing
%> -
4
Add the following line of code right above your form code (step 2) in login.asp.
<%=Request.QueryString("msg")%>
If there is a successful database match your page will display to the user.
If no match is found the code in step 3 will send the user back to the login.asp page and display the message "Invalid username or password. Please try again!".
-
1
