homepage Welcome to WebmasterWorld Guest from 54.227.20.250
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Microsoft / Microsoft IIS Web Server and ASP.NET
Forum Library, Charter, Moderators: ocean10000

Microsoft IIS Web Server and ASP.NET Forum

    
username/passoword verification
Blelisa

10+ Year Member



 
Msg#: 2499 posted 5:48 pm on Feb 17, 2005 (gmt 0)

Hello again,
Was wondering if someone could point me in the right direction to write and asp page that will take the information that my visitor has entered on my form and verify that this username and password exists in my database. I already know how to connect to the database and how to do the form, I am just missing the VBScript to look for the information and what to do if it finds it or it doesn't.
Thanks for the help!

 

mattglet

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 2499 posted 6:26 pm on Feb 17, 2005 (gmt 0)

You need to use the Request.Form collection to populate your variables with the user entered data. Then you perform a SQL query on the database, looking for that username/password combo. If the combo is found, allow them to proceed. If it's not found, then throw an error. Here's some very simple code:

user = Request.Form("username")
pass = Request.Form("password")

SQL = "SELECT username, password FROM yourtable WHERE username = '" & user & "' AND password = '" & pass & "'"
set rs = conn.execute(SQL)

if rs.eof then
'--- throw error
else
rs.close()
set rs = nothing

conn.close()
set conn = nothing
response.redirect("somewhere.asp")
end if

rs.close()
set rs = nothing

conn.close()
set conn = nothing

I highly suggest you check out the W3Schools link I provided to you earlier for some in depth description about how this all works.

Blelisa

10+ Year Member



 
Msg#: 2499 posted 6:54 pm on Feb 17, 2005 (gmt 0)

I thank you for your help, I have checked out those tutorials as you have suggested. I have gone through the asp, ado and sql. Where I seem to be missing my information is tutorials that are specific to my needs. But if it was a perfect world I suppose.........

too much information

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 2499 posted 7:04 pm on Feb 17, 2005 (gmt 0)

If you can't find examples that you are looking for online, you could always try your local bookstore.

I was designing a cart system for a site and found a book that taught ASP by building ... a cart system! It was perfect for me because I was able to learn the language by following an example of exactly what I wanted to build.

Take a look, you may find a book that teaches by putting together exactly what you are trying to do. Most instructional books go through the steps of creating and validating logins and how to handle events based on the login.

Good luck!

martyt

10+ Year Member



 
Msg#: 2499 posted 7:11 pm on Feb 17, 2005 (gmt 0)

I think it's bad form to store an unencrypted password in your database. Consider the possible liabilities if someone gets into your database full of unencrypted passwords and wreaks havoc with the data -- especially consider that users tend to choose the same userid and password just about everywhere they sign up for something; once you have their userid and password from one source, you've potentially got the keys to access their accounts at a lot of different places.

Instead, perform an MD5 hash or some other one-way encryption on the password when they create their account and store the result in your database. When they come back, perform the same hash on the password they enter and compare it to the hash stored in your database. If they match, let them in.

This protects you from ever being able to know your customers' passwords and thus from liability. If the customer loses their password, generate a new temporary password and force them to change the next time they log in.

mattglet

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 2499 posted 8:31 pm on Feb 17, 2005 (gmt 0)

martyt-

While I agree 110% with your points, you have to take into account your target audience on this post. Babysteps my friend, babysteps...

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Microsoft IIS Web Server and ASP.NET
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved