In this tutorial, I will show you how to implement user authentication in ASP by using an Access Database. We will need a Microsoft Access Database and some ASP code. ASP code wll be used to access to database and valide member information. The database is for storing authorized member information.
First, we need to create an Access Database table in which we will store the username and password of the authorized user. But, we will first create a directory under IIS where we will store our files. Create a directory under C:\Inetpub\wwwroot and name it as ''members''.
After that, open Microsoft Access Program from your computer
and create a database with the name, “members.mdb” and save it
in the folder, “members” that we just created.
And create a Table to store username and password for the
authorized user. Use the following data fields and values shown
below. And name it as “members”.
| Field Name | Data Type | Field Size |
| user | Text | 15 |
| password | Text | 15 |
Now, we will put the initial user information in the database. Open the newly created Table “members” and put the following data as shown in the picture below.
User Name: arakan
Password: victory
After creating a database, we have to create a login page. Below is the code for login page, ''member_login.asp''.
member_login.asp
<html>
<head>
<title>Creating a password protected SP page with Database</title>
</head>
<body>
<h2><strong>Creating a password protected ASP page with Database</strong></h2>
<p>Login Form to the Secure Page </p>
<form name="form1" method="post" action="member_check.asp">
<label>User Name
<input name="User" type="text" id="User">
</label>
<p>
<label>Password
<input name="Pass" type="text" id="Pass">
</label>
</p>
<p>
<label>
<input type="submit" name="Submit" value="Submit">
</label>
</p>
</form>
</body>
</html>
In this login page, we have set the login form action to ''member_check.asp''. This page will contain ASP code to connect to the Access database and will compare form input values with the information stored in the database. If the correct username and correct password is provided, then we will display a welcome message. Else, we will display an error message and will redirect him to the login page..
member_check.asp
<%
'set variables
Dim struser, strpass, strcon, conn, strSql, rs, strText, strUserNameInDb, strPasswordInDb
struser = Request.Form("User")
strpass = Request.Form("Pass")
'first create ado connection object
Set conn = Server.CreateObject("ADODB.Connection")
'create connection string to open database through jet database engine
strcon = "PROVIDER=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("members.mdb")
'now connect to database - conn
conn.Open(strcon)
'after that, we need to open the record set to read the database table recrods
'before that let's set the SQL querystring to query the database
strSql = "select user, password from members"
'create ado recordset object
Set rs = Server.CreateObject("ADODB.Recordset")
'open the recordset
rs.Open strSql, conn
'record set is now open.
'read the recordset info and save it in the variables
strUserNameInDb = rs("user")
strPasswordInDb = rs("password")
'and compare them with the values submitted by the member
'if submited information matchs with the one stored in the database
'then display welcome message
If struser = strUserNameInDb AND strpass = strPasswordInDb Then
'save the welcome message in a variable
strText = "<h2>Welcome! </h2> You are a registered member of this site."
'if user name and password is not correct then display error message
Else
'save the error message in a variable
strText = "<h2>Error! </h2> You are not authorised to enter this area."
End If
'close and destroy recordset object
rs.Close
set rs = Nothing
'close and destroy connection object
conn.Close
Set conn = Nothing
%>
<html>
<head>
<title>Creating a password protected secure ASP page</title>
</head>
<body>
<%=strText%>
</body>
</html>
 |
 |
 |
|||||||||||
|
|
|
|||||||||||
 |
 |
 |
|||||||||||
|
|
|
A.B.N: 96 996 282 647