Sign in to follow this  

[web] ASP Login

This topic is 3763 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I have been looking for a good login script, for over a month now, that uses an Access database (not the best database but it is the only I can use). What I mainly need is a more personalized set-up. Basically what I need is for every person that logs in it should show different links/nav. Example: If the the Girls Varsity Volleyball Coach signs in I dont want to give him the links to the JV Boys Basketball. If either someone could refer me to an OpenSource ASP script that uses Access databases or if someone could write up a script for me, that would be greatly appreciated. Note: the only reason I am using ASP is because I am a student building a website for my High School and they only have default Windows Server 2003 cservers. I would have rather use PHP but they are really stubborn.

Share this post


Link to post
Share on other sites
Don't use ASP, use ASP.NET instead, it's less deprecated.

Also, MSAccess is not suitable as a web back end, the Jet database engine is unreliable and will destroy your data, is very slow etc.

Mark

Share this post


Link to post
Share on other sites
Quote:
Original post by markr
Don't use ASP, use ASP.NET instead, it's less deprecated.

Also, MSAccess is not suitable as a web back end, the Jet database engine is unreliable and will destroy your data, is very slow etc.

Mark


I heard that ASP.NET is more complicated and the reason I was using MSAccess was because that was the only database I could think of at the time. I have to work with everything I have and I dont have much. I can basically only use a databse that doesn't need any software, or ,DLL's, installed on the server. Oh and the other thing is that I don't even know if they have ASP.NET installed on the server. They may have it on the new server they are putting in but I would doubt it because they don't need it, or use it. They only use ASP on 2 pages out of their whole website.

The reason I have so many restrictions is becuase I am building a website for my High School and my District is very strict (or stubborn), they wont install anything for me.

Share this post


Link to post
Share on other sites
Well I've never worked with ASP, but I assume it is similar to ASP.NET...

I will assume that ASP does not have built in session management and give you an idea of how to write your code. I won't write the code for you again since I don't know ASP.

First You need a "users" table that has a "username" (primary) and "password" fields, aswell as a "groupID" (that would separate Girls Varsity Volleyball Coach from JV Boys Basketball in your example), and any other fields that you might need for each user.

Next you need to have a session-management table (assuming ASP doesn't do that for you). the "sessions" table contains "sessionID", "username", "lastActivity".

When a user logs in, you must query the "users" table and look for the given username/pasword combination.
If a match is found, you will add to the "sessions" table a new entry with a random sessionID, and the user's username.
lastActivity should be used to know when a session has expired.

The SessionID is sent to the user and stored on the users machine as a Cookie (or propagated to him from page to page using GET or POST)

or you could always use the built in session system:

if(login(username, password)) then
session("loggedIn") = true
else
session("loggedIn") = false
end if

in PHP this wouldn't be possible.

Anyway from here it's very easy and depends on your application:
when the user enters any "users-only" page, you must Request the sessionID and check the sessions table to see which user is that. (or u could simply check if session("loggedIn") = true in the second method.

Remember: never send the user's username or password to the client and use them for authentication on each page. even if the cookies are encrypted this is not a good idea. instead generate a random sessionID that will expire frequently and send THAT to the client, then use it to identify the user on each page.

I know you were expecting code but... sorry.
Hope that was helpful if you didn't know all this. if you did, good luck ;)

Share this post


Link to post
Share on other sites
btw...You say the school is running Win 2k3?...I think asp.net is installed by default with it.

Insead of asking us to write the script for you, use [google] and learn how to run SQL Querys using ASP.

Make a table like memento_mori said, it shouldn't be too tough, if you have specific questions about that part of it, go ahead and ask...I don't think anyone is going to hold your hand through this, you have to be willing to do something on your own.

Share this post


Link to post
Share on other sites
Quote:
Original post by ArchG
btw...You say the school is running Win 2k3?...I think asp.net is installed by default with it.

Insead of asking us to write the script for you, use [google] and learn how to run SQL Querys using ASP.

Make a table like memento_mori said, it shouldn't be too tough, if you have specific questions about that part of it, go ahead and ask...I don't think anyone is going to hold your hand through this, you have to be willing to do something on your own.


I was not expecting anyone to hold my hand and unlike most of you people I have a life. I am just a little busy at the moment trying to build a very dynamic website (and i am always learning something new (For this stupid website I went from a very new PHP coder to a very new ASP coder)), running my high school auditorium and creating highly animated slide shows. I am learning as much as i can in my spare time (and i dont have much of it). I am amazed at how much i have accomplished on this site in the past couple of months.

If you want to look at it go here: http://75.37.44.15

if you want to look at the login page i found that is suitable for my needs go here: http://75.37.44.15/administrator/
I still need to work on the look of the pages of the admin panel.


The most dynamic pages of the site are the faculty pages and the sports pages.

Share this post


Link to post
Share on other sites
Quote:

I was not expecting anyone to hold my hand and unlike most of you people I have a life.


I'm quite sure most people here have lives and are very busy as well, which is probably why no one was willing to write a login script for you.

I looked at the administration page, and it looks like you have yourself a good start. I'm guessing when people try logging in it checks the database table for their username and password? Now all you need is that create account handler page to add the record to the database table.

Share this post


Link to post
Share on other sites
Quote:
Original post by ArchG
Quote:

I was not expecting anyone to hold my hand and unlike most of you people I have a life.


I'm quite sure most people here have lives and are very busy as well, which is probably why no one was willing to write a login script for you.

I looked at the administration page, and it looks like you have yourself a good start. I'm guessing when people try logging in it checks the database table for their username and password? Now all you need is that create account handler page to add the record to the database table.


I just needed to fix the permissions on the db file (because i moved it to a different folder)

I also need to fix some links because I renamed a bunch of pages.

Share this post


Link to post
Share on other sites
Quote:
Original post by blackbirdblackbird1
I heard that ASP.NET is more complicated
it is, that's why it's so much easier to use. It's "more complex" in that it is a much more complete system and does more for you.

What you're talking about in your OP is "Roles Based Security". Perhaps that is a start for you to look up a few tutorials. However, I will tell you that ASP.NET 2.0 will automatically manage roles-based logins when coupled with SQL Server 2k5. Incidentally, Visual Web Developer Express Edition and SQL Server 2k5 Express Edition and free to download, install, and use, with no licensing restrictions on use. Security is significantly enhanced in ASP.NET and SQL Server 2k5; it would be silly NOT to use them. You might want to check out 4 Guys From Rolla.

Quote:
Original post by memento_moriWell I've never worked with ASP, but I assume it is similar to ASP.NET...
I will assume that ASP does not have built in session management...

and in both cases your assumption would be incorrect.

Quote:
Original post by ArchG
btw...You say the school is running Win 2k3?...I think asp.net is installed by default with it.

Yes, it is.

Share this post


Link to post
Share on other sites

This topic is 3763 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this