[web] ASP Login
Author
I have been looking for a good login script, for over a month now, that uses an Access database (not the best database but it is the only I can use). What I mainly need is a more personalized set-up. Basically what I need is for every person that logs in it should show different links/nav.
Example: If the the Girls Varsity Volleyball Coach signs in I dont want to give him the links to the JV Boys Basketball.
If either someone could refer me to an OpenSource ASP script that uses Access databases or if someone could write up a script for me, that would be greatly appreciated.
Note: the only reason I am using ASP is because I am a student building a website for my High School and they only have default Windows Server 2003 cservers. I would have rather use PHP but they are really stubborn.
Don't use Access use SQL Server 2005 Express instead.
http://msdn.microsoft.com/vstudio/express/sql/
http://msdn.microsoft.com/vstudio/express/sql/
Author
Quote:Original post by ROBERTREAD1
Don't use Access use SQL Server 2005 Express instead.
http://msdn.microsoft.com/vstudio/express/sql/
Thanx, I'll look into that, but that doesn't help me with the login script.
Don't use ASP, use ASP.NET instead, it's less deprecated.
Also, MSAccess is not suitable as a web back end, the Jet database engine is unreliable and will destroy your data, is very slow etc.
Mark
Also, MSAccess is not suitable as a web back end, the Jet database engine is unreliable and will destroy your data, is very slow etc.
Mark
Author
Quote:Original post by markr
Don't use ASP, use ASP.NET instead, it's less deprecated.
Also, MSAccess is not suitable as a web back end, the Jet database engine is unreliable and will destroy your data, is very slow etc.
Mark
I heard that ASP.NET is more complicated and the reason I was using MSAccess was because that was the only database I could think of at the time. I have to work with everything I have and I dont have much. I can basically only use a databse that doesn't need any software, or ,DLL's, installed on the server. Oh and the other thing is that I don't even know if they have ASP.NET installed on the server. They may have it on the new server they are putting in but I would doubt it because they don't need it, or use it. They only use ASP on 2 pages out of their whole website.
The reason I have so many restrictions is becuase I am building a website for my High School and my District is very strict (or stubborn), they wont install anything for me.
Well I've never worked with ASP, but I assume it is similar to ASP.NET...
I will assume that ASP does not have built in session management and give you an idea of how to write your code. I won't write the code for you again since I don't know ASP.
First You need a "users" table that has a "username" (primary) and "password" fields, aswell as a "groupID" (that would separate Girls Varsity Volleyball Coach from JV Boys Basketball in your example), and any other fields that you might need for each user.
Next you need to have a session-management table (assuming ASP doesn't do that for you). the "sessions" table contains "sessionID", "username", "lastActivity".
When a user logs in, you must query the "users" table and look for the given username/pasword combination.
If a match is found, you will add to the "sessions" table a new entry with a random sessionID, and the user's username.
lastActivity should be used to know when a session has expired.
The SessionID is sent to the user and stored on the users machine as a Cookie (or propagated to him from page to page using GET or POST)
or you could always use the built in session system:
if(login(username, password)) then
session("loggedIn") = true
else
session("loggedIn") = false
end if
in PHP this wouldn't be possible.
Anyway from here it's very easy and depends on your application:
when the user enters any "users-only" page, you must Request the sessionID and check the sessions table to see which user is that. (or u could simply check if session("loggedIn") = true in the second method.
Remember: never send the user's username or password to the client and use them for authentication on each page. even if the cookies are encrypted this is not a good idea. instead generate a random sessionID that will expire frequently and send THAT to the client, then use it to identify the user on each page.
I know you were expecting code but... sorry.
Hope that was helpful if you didn't know all this. if you did, good luck ;)
I will assume that ASP does not have built in session management and give you an idea of how to write your code. I won't write the code for you again since I don't know ASP.
First You need a "users" table that has a "username" (primary) and "password" fields, aswell as a "groupID" (that would separate Girls Varsity Volleyball Coach from JV Boys Basketball in your example), and any other fields that you might need for each user.
Next you need to have a session-management table (assuming ASP doesn't do that for you). the "sessions" table contains "sessionID", "username", "lastActivity".
When a user logs in, you must query the "users" table and look for the given username/pasword combination.
If a match is found, you will add to the "sessions" table a new entry with a random sessionID, and the user's username.
lastActivity should be used to know when a session has expired.
The SessionID is sent to the user and stored on the users machine as a Cookie (or propagated to him from page to page using GET or POST)
or you could always use the built in session system:
if(login(username, password)) then
session("loggedIn") = true
else
session("loggedIn") = false
end if
in PHP this wouldn't be possible.
Anyway from here it's very easy and depends on your application:
when the user enters any "users-only" page, you must Request the sessionID and check the sessions table to see which user is that. (or u could simply check if session("loggedIn") = true in the second method.
Remember: never send the user's username or password to the client and use them for authentication on each page. even if the cookies are encrypted this is not a good idea. instead generate a random sessionID that will expire frequently and send THAT to the client, then use it to identify the user on each page.
I know you were expecting code but... sorry.
Hope that was helpful if you didn't know all this. if you did, good luck ;)
btw...You say the school is running Win 2k3?...I think asp.net is installed by default with it.
Insead of asking us to write the script for you, use [google] and learn how to run SQL Querys using ASP.
Make a table like memento_mori said, it shouldn't be too tough, if you have specific questions about that part of it, go ahead and ask...I don't think anyone is going to hold your hand through this, you have to be willing to do something on your own.
Insead of asking us to write the script for you, use [google] and learn how to run SQL Querys using ASP.
Make a table like memento_mori said, it shouldn't be too tough, if you have specific questions about that part of it, go ahead and ask...I don't think anyone is going to hold your hand through this, you have to be willing to do something on your own.
Author
Quote:Original post by ArchG
btw...You say the school is running Win 2k3?...I think asp.net is installed by default with it.
Insead of asking us to write the script for you, use [google] and learn how to run SQL Querys using ASP.
Make a table like memento_mori said, it shouldn't be too tough, if you have specific questions about that part of it, go ahead and ask...I don't think anyone is going to hold your hand through this, you have to be willing to do something on your own.
I was not expecting anyone to hold my hand and unlike most of you people I have a life. I am just a little busy at the moment trying to build a very dynamic website (and i am always learning something new (For this stupid website I went from a very new PHP coder to a very new ASP coder)), running my high school auditorium and creating highly animated slide shows. I am learning as much as i can in my spare time (and i dont have much of it). I am amazed at how much i have accomplished on this site in the past couple of months.
If you want to look at it go here: http://75.37.44.15
if you want to look at the login page i found that is suitable for my needs go here: http://75.37.44.15/administrator/
I still need to work on the look of the pages of the admin panel.
The most dynamic pages of the site are the faculty pages and the sports pages.
Quote:
I was not expecting anyone to hold my hand and unlike most of you people I have a life.
I'm quite sure most people here have lives and are very busy as well, which is probably why no one was willing to write a login script for you.
I looked at the administration page, and it looks like you have yourself a good start. I'm guessing when people try logging in it checks the database table for their username and password? Now all you need is that create account handler page to add the record to the database table.
Author
Quote:Original post by ArchGQuote:
I was not expecting anyone to hold my hand and unlike most of you people I have a life.
I'm quite sure most people here have lives and are very busy as well, which is probably why no one was willing to write a login script for you.
I looked at the administration page, and it looks like you have yourself a good start. I'm guessing when people try logging in it checks the database table for their username and password? Now all you need is that create account handler page to add the record to the database table.
I just needed to fix the permissions on the db file (because i moved it to a different folder)
I also need to fix some links because I renamed a bunch of pages.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement