• Click On The Banner Above For Over 16,000 Woodworking Plans!

  • Click On The Banner Above For Great Abs!

Please like this page:


April 24th, 2017



Query Strings

Creating a Simple Login Process

access.mdb

This is the database where the username and passwords are kept. It should be stored in a directory, where it can't be accessed directly by a user, but only accessed by scripts which are stored on the server.

If you want to set up the database yourself:
I have called the database access.mdb If you change this name, then ensure that you also change the references to it in addinguserproc.asp and loginproc.asp

I have called the table users. If you change this name, then ensure that you also change the references to it in addinguserproc.asp and loginproc.asp

The table has 3 fields:
userID which is an autonumber
Username which is a text field
Password which is also a text field
EmailAddress which is also a text field

I have kept it simple for these purposes, but in a real life situation you may want to make it slightly more complicated.

addinguser.asp

This is simply a form for a new user to add their information. More fields can be added if required by just adding more lines. For example:

<%Response.Write("Address <input type = ""Text"" name =""Address"">")%>

addinguserproc.asp

This script checks that the user has entered a password and username and email address. It then adds these values to the database as a new user and logs in that user in a similar way to loginproc.asp . It then redirects that user to success.asp to tell them that they are logged in

authenticate.asp

This should be included at the top of each file that you want to password protect. The asp file should have

<%Response.Write("<%@ Language=VBScript %>" & vbcrlf)Response.Write("
" & vbcrlf)Response.Write("<%Option explicit %>")%>

at the top and this should be included immediately after these two lines by putting:

<% Response.Write("<!-- #INCLUDE FILE = "authenticate.asp" -->") %>

delete.asp

This script is activated from viewusers.asp in order to delete users from the database.emailcheck.asp

This is a simple script to check that the person adding their email address is entering a valid email address. It checks that there is only one @ sign and also there there is a dot there

failure.asp

This tells the user, that they are not logged in if it is true or their username if they are logged in.

login.asp

This is a simple form for a user to log in. It requires a Username and password, however other fields can be added as with addinguser.asp .

loginproc.asp

This checks that a Username and Password were entered. It then checks them against the database to make sure that the Username exists and that the password entered is valid.If they are, then it writes a session variable of their username and redirects them to the success page

logout.asp

This page simply sets the session variable equal to "" . It then redirects the user to failure.asp to tell them that they are not logged in.

success.asp

This could say anything, but to show that the script is working, I have written the session variable produced by loginproc.asp to show the user name.

viewusers.asp

This shows all valid users in a table. For security, don't put this in a place which can be easily found by visitors. Alternatively, password protect this page by changing authenticate.asp to only allow access if there is a particular username that has been logged in. You are also able to delete users from this page, but once deleted, they are deleted permanently.

Any more questions please email scripts@grabthebasics.com