[thelist] Elated ASPpassword protection - comments?
Wade Armstrong
wade_lists at runstrong.com
Mon Nov 25 14:53:15 CST 2002
If you're going to use a .txt file to store username/password combos, you
should also make sure that that file is oustide the web root, for the same
reasons as with the database.
If you're only authenticating a small number of users, why use an external
file at all? Something like:
<%
Dim bolAuthenticated
bolAuthenticated = false
Dim username, password
username = Request.Form("username")
password = Request.Form("password")
Select Case username
Case "name1"
If (password = "password1") Then
bolAuthenticated = true
End If
Case "name2"
If (password = "password2") Then
bolAuthenticated = true
End If
End Select
If (bolAuthenticated = false) Then
Response.Redirect("loginfailed.html")
End If
%>
Should do the trick just fine.
Wade
on 11/25/02 12:34 PM, Flavia Tarzwell (FayeC) at ftarzwell at fayec.com wrote:
> The reason for not using a db is because this is for an admin module
> which will be manipulated by one or two people max so there's no need to
> have a db/table just to include one or two users.
> Second, this is an outsourcing little project and the person who is in
> contact with the client is not a tech/programmer....I have had
> difficulties explaining things like why the db folder should be one
> level above the asp pages....
>
> Wade Armstrong wrote:
>
>> I haven't seen any obvious cause for the error, although I haven't tested
>> the code. Can I ask why you don't want to use a database? Every ASP
>> hosting
>> account that I've seen supports Access databases...
>>
>> Wade
>>
>>
>
--
More information about the thelist
mailing list