SQL PHP HTML ASP JavaScript articles and free scripts to download

Creating Login form and validation using ASP MSSQL

Try to develop a login page using ASP. Actually we will be displaying one html login form to the visitor to enter their userid and password and from ASP side code is not there but using ASP we will check the session values to find out whether the member is already logged in or this is a fresh login.


Read the detail on how to check session login status and display login form.


The login page has very simple code and through this page we will collect userid and password and then send the data by form post method to another page where we will do the matching from our MSSQL table. Here is the code for login page.

if (IsEmpty(Session("userid"))) then %>
<form method=post action=loginck.asp>
<table border="0" cellspacing="0" cellpadding="0" align=center>
<tr><td>User Id </td><td><input type=text name=userid></tr>
<tr><td>Password</td><td><input type=password name=password></tr>
<tr><td colspan=2 align=center><input type=submit value=Login></td></tr>
<%
else


Response.Write " You are logged in as " & Session("userid") & " <a href=logout.asp>Click here to log out </a>"
End if



Once the userid and password is entered by the member in login form and submitted the value is collected at action page.

Dim userid,password
userid=Request("userid")
password=Request("password")

Now the userid and password are stored in the variables. We have to take care of this data as other than characters and numbers are not allowed in these two fields. We have to validate these data before matching them with our database table. This is also a security requirement to prevent injection attack. We will use regular expression to check our user entered data. We will use one if condition for validation and once the validation is ok then only the code inside the if block will be executed. Here is the code.

dim RExp : set RExp = new RegExp
with RExp
.Pattern = "^[a-zA-Z0-9]{3,8}$"
.IgnoreCase = True
.Global = True
end with
If (RExp.test(userid) and RExp.test(password) ) then

The code after ( within ) the if then condition will be executed once the regular expression validation is passed. In the else block of the code we will keep the message to be displayed if the validation fails. That part is not shown in the above code. You can see that message in full code given at the end. Now let us work on how to match the record in MSSQL table with the user entered data. We have not displayed the MSSQL connection etc and here is the code for matching record.

rs.open "select userid from member where userid=''" & userid & "'' and password=''"& password &"''", conn

if rs.EOF Then
Response.Write "Sorry Incorrect Logint<br>"
Else
Response.Write "<br>Welcome " & rs("userid")
Session("userid")=rs("userid")
Response.Write "<br>Welcome " & Session("userid")

Response.Write "<br>Click here to go to <a href=mem/index.asp>member area</a>"

End if

The above code will match the data with table and display the error message if matching fails. Otherwise if login details are correct then a new session with userid is created. Next we will read how to create member pages and other parts of login script. Here is the complete code.

<%
Dim conn,rs,rs1,SQL,RecsAffected

Set conn=Server.CreateObject("ADODB.Connection")
conn.Mode=adModeRead
conn.ConnectionString = aConnectionString
conn.Open
Set rs =Server.CreateObject("ADODB.Recordset")

Dim userid,password
userid=Request("userid")
password=Request("password")

dim RExp : set RExp = new RegExp
with RExp
.Pattern = "^[a-zA-Z0-9]{3,8}$"
.IgnoreCase = True
.Global = True
end with
If (RExp.test(userid) and RExp.test(password) ) then


rs.open "select userid from member where userid='" & userid & "' and password= '"& password &"' ", conn

if rs.EOF Then
Response.Write "Sorry Incorrect Logint<br>"
Else
Response.Write "<br>Welcome " & rs("userid")
Session("userid")=rs("userid")
Response.Write "<br>Welcome " & Session("userid")

Response.Write "<br>Click here to go to <a href=mem/index.asp>member area</a>"

End if

Else ' Regular Expression checking
Response.Write " Invalid Data "
End if ' Regular Expression checking

Set rs = Nothing

conn.Close
Set conn = Nothing
%>

Be the first to post comment on this article :


Google+

Post Comment This is for short comments only. Use the forum for more discussions.
Name
Email( not to be displayed)Privacy Policy
1+2=This is to prevent automatic submission by spammers. Please enter the result of the sum as asked



Join Our Email List
Email:  
For Email Newsletters you can trust
HTML . MySQL. PHP. JavaScript. ASP. Photoshop. Articles. FORUM Contact us

©2000-2014 plus2net.com All rights reserved worldwide Privacy Policy Disclaimer