After receiving a few queries about how to store passwords using ACCESS and ASP, and then use them as "logins", I thought, well, why not write in a separate article, instead of attaching multiple ASP files that are full of confusing comments and variables only to be decipherable by my brain?
I'm assuming you've installed, and are running PWS (Personal Web Server) on your machine, if you are not already working on a server that supports ASP.
First of all, create a database, for instance, customers.Define a table with all the fields you require (include email and password).
After the database has been created, you need to create a DNS in order to access this database through your ASP pages.
If you have never created it, this is how you do it:
Go to the Control Panel (My Computer -> Control Panel), and click on the icon that should be saying "ODBC Data Sources (32bit)". In the resulting window, select the "System DSN" tab. Then click on the "Add..." button. From the given list of Database drivers, select "Microsoft Access Driver (.mdb)" and click the "Finish" button. You reach a place where you have to enter the "Data Source Name". Enter it, anything, for instance, "customers". Then click the "Select..." button. This lets you select the Access database you created. Press Ok, press Ok, and press Ok. Your DSN is created.
In the first part, I'll write about storing the passwords.
Before this, let's make an include file to create and initialize the session variables that we are going to need (we can use cookies, but some clever folks disable cookies on their browsers).
File name: sessions.inc
<%
if session("email")"" then
session("email")"notlogged"
session("pass")"" end if
%>
This file you can include in every page as
so that you can use them whenever you need them.
Now accepting login and password.
For this you require a normal HTML form. You can have "n" number of fields in a form, but here, our primary concern is, getting the email as login, and the accompanying password.
Here's the form:
Please enter your details:
onsubmit"return validate(this);"> Enter Email:
Enter Password:
We validate the form before it proceeds to the "action" file so that there is very little server-side processing. A simple validation:
Note: Put the following Javascript above the tag.
So now when the user clicks on "Submit", he/she goes to "storelog.asp" In between, you can have a file to confirm the form fields and give the user an option to modify them before finally saving.
A few things. In order to use a database through ASP, you need to have a DNS created for that database on the server.
STORELOG.ASP should somewhat look like this:
<% dim sEmail, sPass, noError noError"y" sEmailrequest.form("email") sPassrequest.form("pass")
' The following lines setup a connection to the DNS we created above
Dim toDatabase 'To connect to the DNS Dim toRecordset 'To connect to the individual tables
Set toDatabase Server.CreateObject("ADODB.Connection") toDatabase.Open "customers"
Set toRecordset Server.CreateObject("ADODB.Recordset") toRecordset.Open "logins", toDatabase, 2
' 2 Opens the recordset in "Write Mode"
' Let us say "logins" is some table you created in the database.
toRecordset.AddNew toRecordset("email")sEmail toRecordset("password")sPass on error resume next toRecordset.Update if err.number<>0 then ' do something if some error occurs. ' one error could be that the email already exists in the database.
noError"n" end if
toRecordset.Close
Set toRecordset Nothing
toDatabase.Close
Set toDatabase Nothing
if noError"y" then ' If the info was saved smoothly.
session("email")sEmail
session("pass")sPass end if
' Here you can display some message that the record has been saved. %>
This saves the login information of a new customer. Now, how do we use it in the future? First, the login form, that could be on any page.
Remember you can use somewhat same validation Javascript here too, so I'm not repeating it, but just mentioning it.
Please login by entering your email and password.
onsubmit"return validate(this);"> Enter Email:
Enter Password:
LOGIN.ASP
At the top of the page, along with other ASP commands, include this too:
<% response.buffertrue %>
This is required if you want to send the user to some page after he/she has successfully logged in.
<%
dim sEmail, sPass, noError noError"y" sEmailrequest.form("email") sPassrequest.form("pass")
' The following lines setup a connection to the DNS we created above
Dim toDatabase 'To connect to the DNS Dim toRecordset 'To connect to the individual tables
Set toDatabase Server.CreateObject("ADODB.Connection") toDatabase.Open "customers"
fndSQL"select from logins where email'" & sEmail & "' and password'" & sPass & "'"
Set toRecordsettoDatabase.execute(fndSQL)
if toRecordset.eof then
response.write "Your details are not in the database, please try again, or register yourself."
else
session("email")toRecordset("email")
session("pass")toRecordset("password")
end if
toRecordset.Close
Set toRecordset Nothing
toDatabase.Close
Set toDatabase Nothing
response.redirect "To some URL"
%>
>From now onwards, whenever you want to perform some action that should only be performed if the user is logged in, just check the value is session("email"), like:
<%
if session("email")<>"notlogged" then
' do things for the logged in customer
else
' tell the customer that he she is not logged in.
end if
%>
Hope this helps. If you need further queries, or in future you need some other ASP work, you are welcome to write to me at amrit@bytesworth.com.
About the Author
Amrit Hallan is a freelance web designer. For all web site development and web promotion needs, you can get in touch with him at http://www.bytesworth.com. For more such articles, visit http://www.bytesworth.com/articles and http://www.bytesworth.com/learn You can subscribe to his newsletter [BYTESWORTH REACHOUT] on Web Designing Tips & Tricks by sending a blank email at bytesworth-subscribe@topica.com