|
|
 |
Creating a News management system (Part 2)Our page 'login.asp' will only allow the news administrator access to the following pages ('add_news.asp', 'insert_news.asp', 'del_all.asp', 'delete_record.asp', 'edit_all.asp', 'edit_record.asp, 'update_record.asp') to administer the news. 'Login.asp' <%
Response.Expires = -1000 'Make sure the browser doesn't cache this page Response.Buffer = True'enables our response.redirect to work %> <html> <head><title>News Management System - Login</title> </head> <body> <% If Request.Form("submit") ="Login" Then 'check if form has been submitted CheckLoginForm Else ShowLoginForm End If %> <% Sub CheckLoginForm 'check if the value of the text field 'username' and 'password' are correct If Request.Form("username") = "mic" AND Request.Form("password") = "pass" Then Session("BlnLoggedIn") = True Response.Redirect "add_news.asp" Else 'if the values entered are incorrect then display the message below Response.Write "<div align='center'>You are not logged in.</div><br>" ShowLoginForm End If End Sub %> <% Sub ShowLoginForm %> <div align='center'> <!-- start the HTML login form --> <form name="form" action="login.asp" method="post"> <table> <tr><td>User Name :</td><td><input type="text" name="username"></td></tr> <tr><td>Password : </td><td><input type="password" name="password"></td></tr> <tr><td colspan="2"><input type="submit" name="submit" value="Login"></td></tr> </table> </form> <!-- end the HTML login form --> </div> <% End Sub %> </body> </html> If request.form("submit")="Login" then the value Login has been passed and we know that the visitor has clicked and submitted the form. In this scenario the subroutine CheckLoginForm is called and its code executed. CheckLoginForm will check to see if the username and password equal the values the visitor has entered. If they are correct then a Session variable 'BlnLoggedIn' will be created and set to True and the visitor will then be redirected to the 'add_news.asp'. If the visitor has not clicked the submit button then no value will be passed i.e. request.form("submit") will not equal Login and in that case the subroutine ShowLoginFrom will be called. In this tutorial the username is 'mic' and the password is 'pass' though you can easily change the username and password for your login. The subroutine 'ShowLoginForm' simply creates a form. The image below shows how the form will look on your screen. I have entered the login details in the screenshot below.  Now that we have created our login page we will need to password protect our other pages in our 'admin' folder. To password protect these pages you can simply add the following code at the top of the pages. If someone tries to access any these pages they will be redirected back to the login page. <%
'Our login protection code If Session("BlnLoggedIn") <> True Then Response.Redirect("login.asp") End If %> Having created the database and now the login page save the 'login.asp' page in your 'admin' folder. Next we will build our admin navigation system.
Membership Software Integrates with PayPal
Site developed by Michael Wall - Web Design Belfast N.Ireland. |
|
