Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ASP Login Page 2

Status
Not open for further replies.
KeithAlex

KeithAlex

Technical User
Jan 19, 2004
6
US
How can I make an ASP login page so that until the user has not logged in, the user is not allowed to access any resources on that website. I have used the "setting permissions" from the Windows 2000 Server and although it works but it gives a login dialog box asking for username, password as well as "DOMAIN NAME". I want to avoid this dialog based approach and simply present the user with a login.htm or login.asp page even if the user directly tries to access any url/file directly knowing the path from previous visits and bookmarks.

Thank in advance.
 
Sort by date Sort by votes
You could use cookie or session variables in the 'head' section of the pages...

<%
if request.cookies(&quot;loggedin&quot;) <> &quot;yes&quot; then
response.redirect &quot;/login.asp&quot;
end if
%>

It indirectly works for some of my sites, but most of my stuff in Intranet style applications, and require an NT log in anyway.

 
Upvote 0 Downvote
TonyRosen's suggestion will have to be coupled with upon your users registering you create the tracking cookie. Then everypage can either include an include file with Tony's script and or just type it at the very top of each page.
 
Upvote 0 Downvote
Thanks TonyRosen and DeCojute for thougths. Certainly useful for webpages. However, cannot apply it towards other resources like jpeg files, wave files, mpeg movies etc on the webserver (or can I?)!

Thanks
 
Upvote 0 Downvote
graphics, wav, mpeg files are free for all unless:

You add them to a secure directory

or

Rename the files with a different file extension, which will give prying eyes more of a headache to decypher what each file is (not fool proof)

or

If concerned about search engines, then you can use Robots.txt file to tell the bots not to index the files.

these are just some of my thoughts.

regards,
Brian
The problem with doing something right the first time is that nobody appreciates how difficult it was.
 
Upvote 0 Downvote
One way you could do it is this...

Have a single password protected directory with a single file in it named login.asp. Then set login.asp as the Default Document in that directory. Lets say that directory on the server is /members/ so the login page's url would be /members/login.asp

'Code of login.asp'....
<%
Dim Session(&quot;login&quot;)
Session(&quot;login&quot;) = &quot;True&quot;
Response.Redirect(&quot;yoursitesmainpage.asp&quot;)
%>

Thats all the code for that page. Then, on every page that you want to be protected you would put this at the very top...

<%
If Session(&quot;login&quot;) = &quot;&quot; or IsNull(Session(&quot;login)) Then
Response.Redirect(&quot;members/login.asp&quot;)
%>

That way, if a user tries to access a protected page they'll automatically be sent to the protected directory and be required to log in, even if the requested page isn't in a protected directory.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

penguinspeaks
  • Locked
  • Question
Return to current location on page after asp processes.
Replies
2
Views
668
penguinspeaks
penguinspeaks
penguinspeaks
  • Locked
  • Question
write HTML code within ASP line
Replies
1
Views
738
xwb
xwb
leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
764
leifoet
leifoet
how2trainyourdragon
  • Locked
  • Question
Request.Server variables blank for classic ASP
Replies
12
Views
1K
GriffMG
GriffMG
Swi
  • Locked
  • Question
JQUERY AJAX POST and how to receive data via Classic ASP
Replies
0
Views
829
Swi
Swi

Part and Inventory Search

Sponsor

Back
Top