Databases
StackOverflow2013
Postsdbo
POASP password protect improvement
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POASP password protect improvement
    text
    copied!<p>I stumbled across a simplistic, but helpful way to password protect a page here: <a href="https://stackoverflow.com/questions/2596690/pop-up-password-protect">Pop up password protect</a></p> <p>Here's the code:</p> <pre><code>&lt;% needAuthentication = True If Request.Form.Count &gt; 0 Then If Request.Form("username") &lt;&gt; "jon" Or Request.Form("password") &lt;&gt; "secret" Then ' Redirect to another URI Response.Redirect("/") Response.End End If needAuthentication = False End If %&gt; &lt;html&gt; &lt;body&gt; &lt;% If needAuthentication Then %&gt; &lt;form method="post" action="thenameofthepage.asp"&gt; &lt;div&gt;Username: &lt;input type="text" name="username" /&gt;&lt;/div&gt; &lt;div&gt;Password: &lt;input type="text" name="password" /&gt;&lt;/div&gt; &lt;div&gt;&lt;input type="submit" value="Submit" /&gt;&lt;/div&gt; &lt;/form&gt; &lt;% Else %&gt; &lt;p&gt;Page content here&lt;/p&gt; &lt;% End If %&gt; &lt;/body&gt; &lt;/html&gt; </code></pre> <p>Two questions: 1) How can I improve this that when the password fails it calls an alert box "Login Failed" and resets the form? 2) How insecure is this? Are there ASP methods to improve security?</p> <p>A few notes: No database involved -- this is just a page protected by one global password. And, if you couldn't already tell, my ASP skills are non-existent. Thanks in advance.</p> <p>UPDATE: (alert working with failed login but page content loading anyway)</p> <pre><code>&lt;% needAuthentication = True authenticationFailed = False If Request.Form.Count &gt; 0 Then If Request.Form("password") &lt;&gt; "secret" Then authenticationFailed = True End If needAuthentication = False End If %&gt; &lt;html&gt; &lt;body&gt; &lt;% If needAuthentication Then %&gt; &lt;form method="post" action="passwordtest.asp"&gt; &lt;div&gt;Password: &lt;input type="text" name="password" /&gt;&lt;/div&gt; &lt;div&gt;&lt;input type="submit" value="Submit" /&gt;&lt;/div&gt; &lt;/form&gt; &lt;% Else %&gt; &lt;p&gt;Page content here&lt;/p&gt; &lt;% End If %&gt; &lt;% If authenticationFailed Then %&gt; &lt;script type="text/javascript"&gt; alert("Invalid login"); &lt;/script&gt; &lt;% End If %&gt; &lt;/body&gt; &lt;/html&gt; </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload