Hi

I have a section of my site which I want to password protect to make it accessible to staff members only. It's not a high security requirement - I just want to deter general visitors from accessing the pages. There's just one generic password (no username) which the user needs to enter.

I know how to password protect individual pages using ASP, but I don't want users to have to re-enter the password every time they go to a new page in this section, so I'm looking for the best solution to this.

I thought about using a hidden field on each page which would post the password (once successfully entered the first time) on to any subsequent pages. The main problem with this is I don't know how to submit a form using a link, other than using javascript, which I want to avoid (for accessibility reasons).

Obviously the other options are to use cookies or session variables, which I don't know much about. I understand they both have their drawbacks.

Can anyone suggest what would be the best approach?

Thanks in advance
Ian

I would use the session variable myself:

<%Session.Timeout = 300 'or as long as you want the variable to last....

session("user") = Request.form("username") 'or whatever
%>

Then in subsequent pages, just use something like:

<%If session("user") <> "" Then
'show stuff
Else
'dont show stuff
End If
%>

I tried it with the session variable and that seems to work a treat.

Cheers
Ian

Top banana!