|
Password Protection and
FrontPage, Part 2
Click here for Part 1
Now that you have the administration page taken care of it’s
all pretty much downhill from here.
Most of this stuff is cut and paste. In order to bypass MS
Words formatting select the code copy it, open up a text file
in notepad and paste the code there. Then you can copy the
code from the notepad text and paste it into FrontPage.
Or you can just use the files that I have provided as
attachments to the email.
You need 3 more pieces to make the passwords work, and they
are as follows:
1. An include added to all pages you want protected.
This is called secure.inc
2. An include for the login page telling it where to
look for the database and the password information. This
is called base.inc
3. A login page called login.asp for users to enter…
names and passwords.
The way this works is as follows. All of the pages that you
want to protect need to be renamed to ASP files by
substituting asp for htm. This will not affect the way they
are handled by FrontPage. The only FrontPage page I wasn’t
able to change to an asp was one that used a search form.
The reason you do this is so that the server processes the
script that tells it that a password is required to view the
page.
The secure.inc file is crated by making a new page and in HTML
view and removing all of the code. Then paste the following
code in that page:
<%
If Session("login") < 1 Then
Response.Redirect "login.asp?page=" &
Request.ServerVariables("URL")
End If
%>
Save as secure.inc and you are done.
Use the file by pasting the following code into the page
that you want to protect and then save it with an .asp
extension instead of .htm:
<!--#include file="./secure.inc"-->
Put the statement on your page in HTML view
before the first tag that look like this <HTML>
The base.inc file is created the same way the secure.inc
file was made. Paste the following code to create it and then
save it as base.inc:
<%
Dim sPath
sPath =
StrReverse(Request.ServerVariables("SCRIPT_NAME"))
sPath = StrReverse(Mid(sPath, InStr(1, sPath,
"/")))
sPath = Server.MapPath(sPath)
sPath = "driver={Microsoft Access Driver (*.mdb)};dbq="
& sPath & "\" & "fpdb/admin.mdb"
%>
This file is only used with the login.asp page.
To create the Login page just use the same method discussed
for the previous pages. It’s probably easiest that way. Here
is the code:
<!--#include file="./base.inc"-->
<%
Dim iStatus, conn, str, sPage
if IsEmpty(Request.form("page")) Then
sPage = Request("page")
else
sPage = Request.form("page")
End If
str = ""
If NOT IsEmpty(Request.Form("User")) Then
Open_Conn(sPath)
iStatus =
Check_Login(Request.Form("User"),Request.Form("Password"))
If iStatus > 0 Then
Session("login") = iStatus
Response.Redirect sPage
Else
Session("login") = -1
str = "Invalid user/password code<BR> Try again
"
End If
End If
%>
<html>
<head>
<title> Product
Tour</title>
<meta http-equiv= "Content-Type"
content="text/html;
charset=iso-8859-1">
</head>
<body bgcolor= "#E3DFDF"
text="#000000"
topmargin=0
leftmargin=0
>
<p> </p><table
width="900"
border="0"
cellspacing="0"
cellpadding="0"
height="560"
align="center">
<tr>
<td
valign="top"
rowspan="2"
width="228"
bgcolor="#E3D9CD">
</td>
<td
valign="top"
height="497"
width="672"
bgcolor="#FFFFFF">
<table
border=0
cellpadding=0
cellspacing=0
bgcolor="#CCCCCC"
width="672">
<tr>
<td></td>
<td>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
<td></td>
</tr>
</table>
<table
width="672"
border="0"
cellspacing="0"
cellpadding="0"
height="360">
<tr>
<td
rowspan="3"
width="30"></td>
<td
height="70"
valign="bottom"
colspan="3">
<p
class="overview">
</td>
<td
rowspan="3"
width="30"></td>
</tr>
<tr>
<td
height="17"
valign="bottom"
colspan="3"></td>
</tr>
<tr>
<td
height="340"
valign="top"
width="290">
<p
class=""><font
face="Verdana"
size="2">Please
enter your
Username & Password: </font>
<p
class="">
<FORM
NAME="f"
ACTION="./login.asp"
METHOD=POST>
<INPUT TYPE= hidden
NAME="page"
VALUE="<%
=sPage %>">
<TABLE BORDER= 1
ALIGN=CENTER
BGCOLOR=#FFFFFF><TR><TD
class="">
<TABLE BORDER= 1
ALIGN=CENTER
BGCOLOR=#E4D7CB><TR><TD>
<TABLE BORDER= 0
CELLPADDING=4
CELLSPACING=0
ALIGN=CENTER
BGCOLOR=#E3D9CD>
<TR
BGCOLOR=#644632
BORDER=0>
<TH
COLSPAN=2
VALIGN=TOP
bgcolor="#669999">
<font
color="#FFFFFF">Login
Form</font>
</TH>
</TR>
<TR>
<TD
VALIGN=TOP>
<font
color="#800000"
face="Verdana,
Arial, Helvetica, sans-serif"
size="2">Username</font>
</TD>
<TD
VALIGN=TOP>
<INPUT
TYPE=TEXT
NAME="User"
SIZE=15
MAXLENGTH=15
VALUE="<%
=Request.Form("User") %>">
</TD>
</TR>
<TR>
<TD
VALIGN=TOP>
<font
face="Verdana,
Arial, Helvetica, sans-serif"
color="#800000"
size="2">Password</font>
</TD>
<TD
ALIGN=LEFT
VALIGN=TOP>
<INPUT
TYPE=PASSWORD
NAME="Password"
SIZE=15
MAXLENGTH=15>
</TD>
</TR>
<TR>
<TD
COLSPAN=2
ALIGN=CENTER>
<INPUT
TYPE=SUBMIT
VALUE="Enter">
</TD>
</TR>
</TABLE>
</TD></TR></TABLE>
</TD></TR></TABLE>
</FORM>
<%
If str <> "" Then
Response.Write "<TABLE ALIGN=CENTER
BORDER=0><TR><TD>" & vbCrLf
Response.Write "<FONT FACE=Verdana>" &
str & "</FONT>" & vbCrLf
Response.Write "</TD></TR></TABLE>"
& vbCrLf
End If
%>
<p
class="">
<p
class=""><br>
</td>
<td
height="340"
valign="top"
width="32">
</td>
<td
height="340"
valign="top"
width="290">
<p
class=""><br>
</p>
<p> </td>
</tr>
</table>
</td>
</tr>
<tr>
<td
valign="bottom"
width="672"
bgcolor="#FFFFFF">
</td>
</tr>
</table>
</body>
</html>
<%
Function Check_Login(sUser, sPass)
Dim rs, sql
sql = "SELECT * FROM Results WHERE name ='" &
sUser & "' AND password='" & sPass &
"' "
Set rs = Server.CreateObject("ADODB.RecordSet")
rs.open sql, conn, 1, 1
If Rs.EOF Then
Check_Login = -1
Else
' rs.Fields("dDtConn").Value = Now()
' If rs.Fields("iCount").Value > 0 Then
' rs.Fields("iCount").Value =
rs.Fields("iCount") + 1
' Else
' rs.Fields("iCount").Value = 1
' End If
' rs.Update
Check_Login = CInt(rs.Fields("id"))
End If
rs.close
End Function
Function Open_Conn(sBase)
Set conn = Server.CreateObject("ADODB.Connection")
conn.open sBase,"",""
End Function
%>
|
