PLEASE HELP!!! Password passing between pages???

Results 1 to 3 of 3

Thread: PLEASE HELP!!! Password passing between pages???

  1. #1
    Join Date
    Dec 1969

    Default PLEASE HELP!!! Password passing between pages???

    I am designing a site where one logs on and I want the server to know that they are logged. Initially I will use the post method in a form to initially log in, but once logged in, how can I have the information internally stored so that the scripts know what the userid and password are so that I dont have to pass them in forms or through the url every time a different page is accessed. What is the most popular way of doing this? Right now I am passing the userid and password to each page through the url and it SUCK!!! PLEASE HELP!!! THANKS, ANDREW

  2. #2
    David Bass Guest

    Default RE: PLEASE HELP!!! Password passing between page

    You could do something like this (using session variables):<BR><BR> &#060;%<BR>mode = request.form("mode")<BR><BR>if mode = "" then %&#062;<BR> &#060;html&#062;&#060;body&#062;&#060;form method=post action=login.asp&#062; Password &#060;input size=6 type=password name=password&#062;&#060;input type=submit name=Submit value=Login&#062;&#060;input type=hidden name=mode value=try&#062;&#060;/body&#062;&#060;/html&#062;<BR>&#060;%<BR>else<BR>if mode = "try" then<BR> session("password") = request.form("password")<BR><BR> password = session("password")<BR><BR> if (password = "thepassword") then<BR> response.redirect "yourstartpage.asp"<BR> else<BR> response.redirect "login.asp"<BR> end if<BR>end if<BR>end if<BR><BR>%&#062;<BR>

  3. #3
    Join Date
    Dec 1969

    Default RE: PLEASE HELP!!! Password passing between page

    What I do is I have a list of users and passwds in a database with UserName as the unique id.<BR>When the visitor hits any of my ASP&#039s, I do<BR> &#060;% if len(Session("UserName")) &#060;1 then Response.Redirect "Login.asp" %&#062;<BR>If this test passes the user is able process the page. Else he must login via a form where he submits UserName and Passwd via post method (ie &#060;form action="Login.asp" method="Post"&#062;).<BR>In the login.asp i retrieve the Passwd for UserName from the database then:<BR> &#060;% <BR> if Request.Form("Passwd") = rsUsers("Passwd") then<BR> Session("UserName") = Request.Form("UserName")<BR> Response.Redirect "Default.Asp" &#039 Or where ever you like.<BR> else<BR> Response.Redirect "Login.asp"<BR> End If<BR> %&#062;<BR>Via this simple authentication if a visitor is not logged in they cannot access any of the ASP pages in the system. Once the sesion variable is set via Session("UserName") is set to something, I know he is logged on. To set it he must enter valid username/passwd. The Form Post method makes sure the variables, passed to the next page, are not visible in the in the Browers Addres bar as part of the url, and you collect them at the other end via ASP Request.Form method.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts