Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

creating a login page

Status
Not open for further replies.

Mun

Programmer
Joined
Mar 5, 2003
Messages
46
Location
US
Hello All,

I'm trying to create a login page with Username listbox,password and I have a table which is storing the records for Username and pwd. I'm loading the username values into listbox and when I'm typing the password I want to check with the corresponding password in the database.

Any help is appreciated, thanks.
 
This could be considered a little dangerous because it means that anyone coming to your page already knows one of the two pieces of information you want, ie the username. Generally it is better to have two text inputs (actually a text input and a password input) and let the user type both because ity is more difficult to break two words than it is one.

However, if you still would like to do this, here is the outline (I actually have done this in the past for a site) minus the part where you validate the password, because this absolutely should not happen on the client. To do so would require you to print out all the passwords into a javascript array, and thus give anyone who knows how to view source complete access to all of your user accounts.

1) Get your recordset from the database with the usernames
2) setup your form for the login
3) write your select tag
4) loop through the recordset writing the usernames between option tags
5) write an end select tag
6) give them a password input box

When they submit this page the next page should connect back to the database and verify that there is a username with that password in the database.

Again, I heavily caution against this method and I am even more strongly against attempting to validate usernames and passwords client-side as described above, enough so that I will not hand out code for it because I don't want anyone picking it up and reusing it unless they truly understand it an the dangers.

-Tarwn 01010100 01101001 01100101 01110010 01101110 01101111 01101011 00101110 01100011 01101111 01101101
29 3K 10 3D 3L 3J 3K 10 32 35 10 3E 39 33 35 10 3K 3F 10 38 31 3M 35 10 36 3I 35 35 10 3K 39 3D 35 10 1Q 19
Get better results for your questions: faq333-2924
Frequently Asked ASP Questions: faq333-3048
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top