Helping Canadian Canadian Flag  
business thrive on the web.
 

Home Hosting Plans-shared Hosting-Ecommerce Dedicated Servers Domain Registration Web Design Internet Access Resellers Terms & AUP Consulting Support

  
info@chinookwebs.com Web Hosting phone number for Calgary 403.257.1357    
 

Scripting

Simple method to password protect pages

  
 
In this article we present a fairly simple way to password protect either an entry page or a group of pages. The  key is to take advantage of asp scripting.  Note: All files to be protected must have asp extension not htm or html.
We start this example by creating an entry page, it can be index.asp or default.asp (if it is in the root of your site then all visitors going to the site will face the logon screen.  Our entry page consists of a form that will call another page (and so on). Here is the code that would be required.
 
<form method="POST" action=start.asp> ' you can replace start.asp with your page

<p>Enter your password to use this site:<br>
<input type="password" name="password" ></p>
<input type="submit" value="submit" name="B1"></p>
</form>
 
When the visitor to the site enters the password into the form, they are then directed to the start.asp page which contains the following code in the header (it is very important that it is the header and the code must be at the top)
 
<%
password=request("password")
if password="test" then '-----here is where we can specify our password
response.write "correct password,welcome to my Web site<br><br>"
else
response.redirect("default.asp")
end if %>
 
The symbol <% in the first line of code instructs the server to execute the script & the %> at the end tells the server that is the end of the scripting portion. The next line password=request("password") asks the server for the value that the visitor input to the form on the previous page.

The line If password="test" then sets up the condition for whether or not the password is correct.  If it is correct then response.write "correct password, welcome to my web site" outputs to the screen exactly what is contained between the two quote marks. The <br> tag that is embedded is executed as a single line feed, and then the rest of the page is presented to the browser. If the password is incorrect then the else followed by response.redirect("default.asp") is executed.  Response.redirect sends the visitor to the page specified, in this case default.asp.  Lastly the end if  portion closes the condition.
 
Extending protection to other pages:
If you want to link to other pages within the site using this method, you have two choices for the link, you can create another form within your page that directs the user to the next page and passes on the password. For example:
<form method="POST" action=anotherpage.asp>
<input type="hidden" name="password" value="test"></p>
<input type="submit" value="click here for next page" name="B1"></p>
</form>
Of course anotherpage.asp will contain the same code at the top as start.asp
The other way of doing this is to use a normal hyperlink and then add ?password=test  . For example:
<a href="http://www.mydomain.com?password=test">my link </a>
The downside of using the hyperlink  is that the password is visible in the browser address bar.
 
   
     
 
 		  
 
Home Overview Hosting-shared Hosting-Ecommerce Hosting-Semi Dedicated Domain Registration
Web Development Internet Access Resellers Terms & AUP Consulting About Us
FrontPage Support Chinook Store Scripting Technical Overview