I have a webpage which is stored in the computer. I use the IIS to make a site so i can view it like: http://localhost/nameofsite

I have a login system..which basically does:


1. checks for a User name and password in Microsoft Access database.


<!--#include file="adovbs.inc"-->
<!--#include file="msadox.dll"-->
<%
dim con,rs
set con=server.CreateObject("ADODB.Connection")
set rs=server.CreateObject("ADODB.Recordset")
with con
.ConnectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source="& Server.MapPath("password.mdb")& ";Persist Security Info=false"
.open
end with

with rs
.ActiveConnection=con
.CursorType=adopendynamic
.LockType=adlockoptimistic
.CursorLocation=aduseclient
.Open "Select * from auth"
end with
name1=Request.form("txtname")
pass=Request.form("txtpass")
do while not rs.EOF
if trim(name1)=trim(rs("user")) and trim(pass)=trim(rs("pass")) then
found=true
exit do
end if
rs.moveNext
loop
Response.Clear()
if found then
response.redirect("choice.html")
else
response.redirect("error.html")
end if
%>



2. Now i enter the correct password it brings me to choice.html if the pw is wrong then it will bring me to a page(error.html) which will instantly have pop up saying wrong password then redirect me to the login page again.

3. Yay i can log in...but wait!....when i go to the login page again..it doesn't tell me that i'm logged in already !

I also want some indications that i'm already log in like haveing some text which says "You are logged in" in every page i visit. Till i click on logout button!

Edited: I have very limited programming skills..the above code is from my lecturer cause i've just started learning asp.

use cookies(I con't remember how to set it up in ASP, so ask in the ASP forum) to store your log-in info, that way all your pages can be .asp, then if you are not logged in redirect to loggin, otherwise show content.

thanks for the reply

GODDDDD all pages in asp...i'm done for :eek:

it's not that bad, you can rename all your html files with an .asp extension and they will work. then just put your code to display the logged in message. you would want to set a session variable on the page that checks to see if you logged in

<% Session("loggedin") = true %>

then on your other pages you just check to see if that session variable is set and if it is display the message. you should also use it to prevent access to pages that require a login. something like this

<%
dim displaymessage 'create variable to hold message
if Session("loggedin") is true then
displaymessage = "Your are logged in!"
end if
%>

then in your html code where you want the message to show up put:

<%=displaymessage%>

<%
if Session("loggedin") is true then
response.redirect "login.asp"
end if
%>
will be a better solution as this only allows users logged in to veiw the page, otherwise they get redirected to login.
with a bit of clever scripting you can make it store the page from and then redirect after logging in so they don't lose there place.

You might also want to redirect users who attempt to access restricted pages. Scrager already showed you but will be redirecting users who are logged in! :)

<%
If CBool(Session("loggedin")) Then
Response.Write "You are logged in"
Else
Response.redirect "login.asp"
End If
%>

Regards.

Current i have only 1 member page

http://localhost/test/members.asp


if somebody directly enter the link above how do i prevent him from comming in and redirecting him to login page...do i use the method in those previous post?

i got another question

How do i post data from the database onto a website?

I have a section called "Recent News" in my mainpage(everybody can see)
Now...to change the content for ( Recent news ), i have to go to macromedia dreamweaver and edit the html file.

Now i want a function that lets me login with admin priviledges, so i can edit the "Recent news" directly from my browser.

My idea:

Once i log in, i can go to a page where it will have only a
textbox and "Update" button

So i type something in the textbox and click update, then my mainpage(which everybody can see) will have the "recent news' section changed to something i just typed.

if somebody directly enter the link above how do i prevent him from comming in and redirecting him to login page...do i use the method in those previous post?

Yep. We can go through it in more detail if you like. I will move this thread to the ASP forum.

Regarding your second question; it's highly possible, but I do not recommend you attempt to develop such applications unless your truly interested in Web Development. There are alot of variables that need to be considered when writing software for the web -- and a secure administration backend is not something you can just "whip up". It's like trying to build a house by asking people in a builders forum how to do it.

In either case, if you are truly interested in developing your skills in this area, we can go through the entire process. But, if you only want to get this up and running, I highly suggest you hire a professional.

Regards.

for now i'm not concerned about security (lets treat it as a play around website) but i want it to work just like a professional site minus the security.

Read the following tutorials at w3schools:

- ADO (ActiveX Data Objects): http://www.w3schools.com/ado/default.asp
- SQL (Structured Query Language): http://www.w3schools.com/sql/default.asp
- ASP (Active Server Pages): http://www.w3schools.com/asp/default.asp

It is imperative you understand all three for database programming in ASP.

Regards.