ASP Example #2
I have read the instructions for password protecting a webpage at http://htmlgoodies.earthweb.com/beyond/asp2.html
I have checked with my web hosting company to make sure that ASP is supported and it is. I have copied all the information and made changes to only one file, engine.asp. The change I made was where it asks for the directory name. Here is what I put
When I go to /cn/password.asp and enter the username and password, I get this error:
Microsoft VBScript runtime error '800a004c'
Path not found
/cn/engine.asp, line 8
What am I doing wrong? If this script won't work for me, is there another that I can try to do a simple password protection of either a single page or a directory?
That script should work. Its only requirements really are ASP and that you can read from a text file.
That error means that your server can't find the path or file that you have entered on line 8 of engine.asp. Just double and triple check to make sure that you have the path from the root right. For example, if your site is www.yoursite.com, and your passwords.txt is located in www.yoursite.com/secure/engine.asp, you want line 8 to look like Set MyTextFile=MyFileObject.OpenTextFile(Server.MapPath("\secure") & "\passwords.txt")
Hope this helps!
As far as other options, you have plenty of options, but I think that is about as easy as it gets. I wanted a little more flexibility for my authentication pages, so I did the following:
authenticate.asp: checks cookies to see if user is logged in. If so, sets Session("authenticated") = True, if not, redirects to login page.
Then, any page that I want to be authenticated, I just add <!-- #include file="authenticate.asp" --> as the very first line, and it will authenticate when needed, and display the page if already authenticated. I could post that code if you wanted me to, just let me know.
Last edited by cmelnick; 06-04-2003 at 11:46 AM.
Thanks for the reply.
I have double-checked the directory. Maybe I am misunderstanding the concept.
the cn directory is just like you said:
For example, if your site is www.yoursite.com, and your passwords.txt is located in www.yoursite.com/secure/engine.asp,
Within the cn directory are the files I downloaded and copied and pasted into Notepad. Then I FTP'd the files to the cn directory. Therefore the file engine. asp is in the cn folder or yoursite.com/cn/engine.asp. I must be misunderstanding the whole file path name. Can you help?
Hello again. Sorry about the confusion. I meant to say, the path to your passwords.txt file, not engine.asp.
So line 8 in engine.asp would be Set MyTextFile=MyFileObject.OpenTextFile(Server.MapPath("\cn") & "\password.txt")
However, I think that is what you said you had in the beginning, so now we are back to where we started...
Before you spend more time trying to get this to work, I think you need to understand more what this script is doing, because it is basically useless and totally insecure. The way it is set up now, if the user decided not to log in, they could just type in http://www.yourserver.com/cn/inyougo.asp and completely bypass your login page. They could also type in http://www.yourserver.com/cn/passwords.txt and get the list of passwords. That part is harder to get around, but it can be better than it currently is. The longer I looked at the htmlgoodies code, the more I disliked it.
As I said before, I have an authentication script that would work a lot better for you with a little tweaking. (Mine currently uses an Access DB, but could be modified to use a txt password file.) Let me know if you want me to share it, or help you modify it.
Sorry for the delay in response. I would be very grateful if you would share your script with me and help me to get it up and running. Let me know what to do next.
Deadline is looming. Can anyone help me please? I just need a simple program. This password protection is more a formality than a security issue.
Here you go...Attached is a complete example of a secure login script that is very flexible.
You can go to http://www.aardwulf.com/tutor/auth/ to see the different pages in action.
I used FrontPage when I first started maintaining our website because it was a fire and FrontPage was all I knew how to use. However, I am wondering if your script has any conflicts with Frontpage or frontpage extensions.
I am still going to proceed. If this doesn't work, I can't get back to it until Tuesday. Can you log in Tuesday around 11:00 am ET to chat with me? Thanks for all of your help. I guess it is obvious I don't do programming for a living.
Sorry, I don't know squat about Frontpage. My sophisticated web development software package (notepad ) is all I use.
I can't guarentee I will be on then, but I will try...
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)