All Forums >> [Scripting] >> ASP >> preventing unauthorized access Do you like VisualBasicScript.com? Link to us and help spread the word about our forum. Thanks!
To prevent unauthorized access to my website, i inserted the following script at the beginning of my asp files:
<% If Session("LoginUser") = "" Then Response.Redirect "index.htm" End if %>
the LoginUser happens when the authorized user successfully first enters their user id & password (stored in an ACCESS database). if the valid user id is not entered, it redirects to index.htm. this could happen when the unauthorized user simply puts the page address in their browser trying to go around the system.
the problem i am having is that this simple code works fine, but after some time the server seems to "forget" the valid LoginUser, and when the page is refreshed the valid user is redirected to index.htm.
can anyone think of a better way of either changing the above script or using different script to prevent unauthorized website access?
lessonsd, I also need to create a password protected page. (I also intened on keeping the logon id's and password in Access). How do you create the page?
1. after checking whether the UID and the PWD exist in the database or not
2. if yes then put these two lines:
3. in the default.asp (for example) put these few lines of code:
In conclusion, using sessions is like using a global variable that could be used anywhere in the site, and every session is diffrent from every user. For example if user1 had logged in then his session("Loged") will contain the data "yes" but if user2 hasn't loged in (visitor) the his session("Loged") will be empty, even if both of the users are online in the same time, but on diffrent PCs.
All Forums >> [Scripting] >> ASP >> preventing unauthorized access 
Printable Version
preventing unauthorized access - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread