Search Tools Links Login

Login Authentication with 2 Files!

This simple file (2 files including the text file
of usernames/passwords) allows password
protection of web pages. It was created with 2
thoughts in mind: 1. User does not need access to
the web server the script resides on (NT
authentication is impossible unless you own the
Web Server) 2. Needs no database access.

Original Author: Nik Martin


If you want to protect a page called secured.asp (must be .asp because the code in the include is asp code), then place this include in the FIRST line of the HTML, before the tag: "" The path is relative to wherever secured.asp exists. Also assumed is a file that holds your usernames / passwords (by default passwords.txt). PLEASE rename this file to something I would never guess!!!


If sucessfull, user is passed through to the original web page requested (along with any query strings applicable to the original page). So, if your original request looked like: http:\www.somesite.comsendmail.asp?id=1zx Then once being validated, you will still be passed to the same address, with the "id=1zx" query_string intact. If unsuccessfull, the user stares at a login page forever.

Side Affects

Hairy palms, sweaty feet, & a craving for bologna.

API Declarations

This is a compilation of all the
login schemes I found on the
'net that for some reason were
missing some functionality I needed.


'include this on pages to protect
' (put it before the tag):
Response.Buffer = True
Function ValidateLogin(sId,sPwd)
dim FSObject
dim LoginFile

Set FSObject = Server.CreateObject("Scripting.FileSystemObject")
Set LoginFile = FSObject.OpenTextFile(Server.MapPath("passwords.txt"))
' change this to the path ame
' of the file that holds your passwords
'DATA FORMAT IN TEXT FILE: "usernamepassword"

ValidateLogin = False

WHILE NOT LoginFile.AtEndOfStream 'Scan the text file to determine if the user is legal
IF LoginFile.ReadLine = sID & " " & sPwd THEN 'If username AND password are found,
ValidateLogin = True ' You passed!

End If
LoginFile.Close 'Close the text file
Set LoginFile = Nothing 'free up objects
Set FSObject = Nothing
End Function
Dim sText
Dim fBack
fBack = False
If Request.Form("dologin") = "yes" Then
'Try to login
If ValidateLogin( Request.Form("id"),Request.Form("pwd") ) = True Then
'It is OK!!!
'We are logged in so lets go back to the file that included us
fBack = True
Session("logonid") = Request.Form("id")
sText = "Wrong User ID or Password"
End If
'We are not trying to login...
If Session("logonid") <> "" Then
fBack = True
'We are logged in so lets go back to the file that included us
sText = "Please login"
End If
End If
If fBack = False Then %>

You need to login

Dim sURL
sURL = Request.ServerVariables("SCRIPT_NAME")
If Request.ServerVariables("QUERY_STRING") <> "" Then
sURL = sURL & "?" & Request.ServerVariables("QUERY_STRING")
End If

User ID:

End If

About this post

Posted: 2002-06-01
By: ArchiveBot
Viewed: 137 times




No attachments for this post

Loading Comments ...


No comments have been added for this post.

You must be logged in to make a comment.