代码例子 - Ask For Login
日期:2013-03-30 浏览次数:21405 次
The need for a security system is obvious if your pages include sensitive information.
This sample shows you how to setup some of your pages to ask for login if the user has not logged in yet.
2eNetWorX/dev site uses this kind of protection for interactive pages and file downloads.
Let's assume that we have a page where the visitors can ask questions. We want to make sure that the user
has logged in before being able to ask a question.
If the user has not logged in yet, we will ask for a login. After a successful login, we will redirect the
user to the page requested.
First, we will have a common file to check for login. You need to include this file into all the pages
that require login.
security.asp
<%
bLoggedIn = (len(session("UserName")) > 0)
if bRequireLogin then
'Login required
if Not bLoggedIn then
'Not logged in, ask for login
response.redirect "login.asp?comebackto=" & _
request.servervariables("script_name") & "?" & _
server.urlencode(request.querystring)
'Note how we construct the page to come back
end if
end if
%>
login.asp
First thing to do in our login.asp page is to get the page where the user is redirected from. The variable
sReferer is used to redirect back to the page the user has come from.
sGoBackTo variable will used in the <form> tag for persisting this location when we submit the login form.
<%
if request("comebackto") <> "" then
sReferer = request("comebackto")
sGoBackTo = "?" & request.querystring
end if
if request("cmdLogin") <> "" then
'Login Form submitted
sUserName = request("txtUserName")
sPassword = request("txtPassword")
'Check for username and password
if sUserName = "bill" And sPassword = "gates" then
bLoginSuccessful = True
end if
session("UserName") = sUserName
'After a successful login, let's send the user
'back to the page requested. The variable sReferer
'holds the page to go back, if it is empty, we should
'redirect the user to our default page.
if sReferer = "" then
response.redirect "index.asp"
else
response.redirect sReferer
end if
else
'Display the Login Form
%>
<form action="login.asp<%=sGoBackTo%>" method="post">
<input type="text" name="txtUserName"><br>
<input type="password" name="txtPassword"><br>
<input type="submit" name="cmdLogin"><br>
</form>
<%
end if
%>
testpage.asp
Now, all you need to do is setting bRequireLogin to True and including the security.asp file.
<%
bRequireLogin = True
%>
<!--#include file="security.asp"-->
Users should be logged in to see this text.
I hope this sample gives you a quick overview of a simple security system implementation with ASP.
You are always welcome to express your feedback!
by Hakan Eskici
This sample shows you how to setup some of your pages to ask for login if the user has not logged in yet.
2eNetWorX/dev site uses this kind of protection for interactive pages and file downloads.
Let's assume that we have a page where the visitors can ask questions. We want to make sure that the user
has logged in before being able to ask a question.
If the user has not logged in yet, we will ask for a login. After a successful login, we will redirect the
user to the page requested.
First, we will have a common file to check for login. You need to include this file into all the pages
that require login.
security.asp
<%
bLoggedIn = (len(session("UserName")) > 0)
if bRequireLogin then
'Login required
if Not bLoggedIn then
'Not logged in, ask for login
response.redirect "login.asp?comebackto=" & _
request.servervariables("script_name") & "?" & _
server.urlencode(request.querystring)
'Note how we construct the page to come back
end if
end if
%>
login.asp
First thing to do in our login.asp page is to get the page where the user is redirected from. The variable
sReferer is used to redirect back to the page the user has come from.
sGoBackTo variable will used in the <form> tag for persisting this location when we submit the login form.
<%
if request("comebackto") <> "" then
sReferer = request("comebackto")
sGoBackTo = "?" & request.querystring
end if
if request("cmdLogin") <> "" then
'Login Form submitted
sUserName = request("txtUserName")
sPassword = request("txtPassword")
'Check for username and password
if sUserName = "bill" And sPassword = "gates" then
bLoginSuccessful = True
end if
session("UserName") = sUserName
'After a successful login, let's send the user
'back to the page requested. The variable sReferer
'holds the page to go back, if it is empty, we should
'redirect the user to our default page.
if sReferer = "" then
response.redirect "index.asp"
else
response.redirect sReferer
end if
else
'Display the Login Form
%>
<form action="login.asp<%=sGoBackTo%>" method="post">
<input type="text" name="txtUserName"><br>
<input type="password" name="txtPassword"><br>
<input type="submit" name="cmdLogin"><br>
</form>
<%
end if
%>
testpage.asp
Now, all you need to do is setting bRequireLogin to True and including the security.asp file.
<%
bRequireLogin = True
%>
<!--#include file="security.asp"-->
Users should be logged in to see this text.
I hope this sample gives you a quick overview of a simple security system implementation with ASP.
You are always welcome to express your feedback!
by Hakan Eskici
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
