Click here to Skip to main content
Click here to Skip to main content

Multi-User Login and Authentication Code

, 9 Feb 2006
Rate this:
Please Sign up or sign in to vote.
New user registration, user login, user password retrieval, user account information, active users on site information, site administrator facilities, and a lot more..

Introduction

This article provides a fully functional code for protecting websites from unwanted visitors. The code is developed in ASP (Active Server Pages) and VBScript (Visual Basic Scripting). The aim of developing code in ASP and VBScript is because both languages are cross-browser compliant and give a more secured way to protect website content. The code runs on both session cookies (hidden cookies) and textual cookies (not the JavaScript ones). The session cookie gives more security to web content and remain active till the browser window is open. The moment one closes the IE/NS window, these cookies expire. The textual cookies (written in ASP) are used in this code to welcome visitors and show the desired information. With the execution of this code, the following can be achieved - a new visitor can register his/her login information, can select the desired username and password, can view his/her account information, and can change it later. Plus, the site admin can view the account information of his/her registered users online. All actions performed are done with the help of database connectivity using MySQL. The code is written in a easy-to-understand-and-modify way. Even a beginner can use it without even learning ASP or VBScript. All you have to do is to upload files on the server or local intranet to view the results.

Using the code

About New User Registration & Login

Now, let me tell you how it works. Firstly, when the user wants to visit the protected are of your site, he/she has to register his/her name before logging in - for this, they can use registration.asp.

After completing the registration process, a new user can login using login.asp. The user enters the username and password here - if the username and password are correct, then the protected page will be opened - protected.asp. If the username or password are incorrect - an error message will be displayed and the user will be redirected to login page again.

To logout from the protected area, use - logout.asp. After logout, if the the user/member has to login again, then he/she has to repeat the above process.

About the Authentication File

Please note that this file is very important if you have links in the protected area of your website and you want them not to be open without proper login.

Example:

Login Page --> After entering correct username and password opens --> Protected Page

Protected Page

Link1 - Link2 - Link3 - Link4 - Link5

Suppose the user visits the protected area of the website on day1 and finds that there are some links available in the protected page (i.e. protected.asp, in this case) and the user visits one of the given links. If the user notes the URL of that particular page then the user can easily visit that page without login. To prevent this, an authentication file is used. Therefore, the user has to login each time the user visits the site.

There are two methods to perform this:

  1. By including an authentication file on the top of every page linked to the protected area, before the <html> tag.
    <!--<span class="code-comment">#include file="logincheck.asp"--></span>
  2. By writing the content of the logincheck.asp on top of every page in the protected area, before the <html> tag.

About User-Account Information

Registered users can view and change their account details online.

About Password Retrieving

If user forgets his/her password then he/she can use this feature. On submitting the details filled at the time of registration, one can easily retrieve his/her password, view it, and change it if required.

About Site-Admin

This is an added feature where the site administrator can view or delete the account Information of his/her registered user. This can be done online. This is a very useful feature for an e-commerce site.

Points of Interest

The code helps in the following ways:

Security Measures

  1. Protects web content from unauthorized visitors.
  2. Deletes web cookies immediately after the user closes the browser window.
  3. Immediate expiration of the web content (web pages) thus helping in not saving it on the user's temp folder.
  4. Prompts user to login again once the session expires. Even if the user presses the Back button of the browser he/she will have to login again.
  5. User can't save the protected pages (Internet Explorer only) from the File menu of the browser window to his/her hard drive.
  6. ASP session and textual Cookies are used to run this code. It gives an added security to complete a web-site.

Other Benefits

  1. Registered users can view their account details online and can change the password from time to time.
  2. The Global.asa file is included which helps in showing the number of active users on a site.
  3. Web-site hit-counter is included to view the number of visits on a specific site.
  4. Site admin can view the complete account details of registered users.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Rahul Mahajan
Web Developer
India India
This is Rahul Mahajan from New Delhi, India. I'm Master Of Computer Application and currently working as Sr. Web/Graphics Designer/Developer and Presentation Specialist. I'm very much interested in developing ASP and JavaScript codes. There are lots of codes and script developed by me available online including developerdex.com, a1vbcode.com, programmerheavens.com, asp101.com, 1javastreet.com, 1aspstreet.com, pscode.com, 1cplusplusstreet.com, 1perlstreet.com, javacode.net, developerfusion.co.uk etc... Winner of Superior Coding Contest at Planetsourcecode.com.
Areas of specialization - HTML, DHTML, Java, JavaScript, ASP, .Net, VB, VB.Net, CSS, MySql etc.

Comments and Discussions

 
Questionplz send xcell file passward PinmemberMember 825477928-Sep-11 19:54 
GeneralMy vote of 1 Pinmemberkhubbaib29-Aug-10 19:43 
GeneralHELP ME Pinmemberkhubbaib28-Aug-10 14:28 
SIR I UPLOAD THIS CODE BUT PAGE NOT OPEN ONLY CODE OPEN WHY?HELP ME.SEE THAT WHAT I SAY.HELP ME SOON
GeneralVery Good Resource for Programmers PinmemberMember 475717821-Jan-08 21:41 
GeneralRe: Very Good Resource for Programmers PinmemberPhilippe Mori7-Jul-11 14:10 
Generalnice work But ... PinmemberMember 469473820-Jan-08 11:26 
Questionnot working properly in mozilla Pinmemberna_k4-Jan-08 4:45 
GeneralRe: not working properly in mozilla PinmemberMircea Puiu4-Jan-08 7:00 
GeneralRe: not working properly in mozilla Pinmemberna_k6-Jan-08 23:02 
GeneralLooks good so far PinmemberJmucciolo7-Dec-07 13:34 
GeneralThanks Pinmemberscuba steve5-Dec-07 8:30 
GeneralThank you Pinmembertaylanaktepe17-Oct-07 10:40 
GeneralNice code Pinmemberkrishna1914-Sep-06 20:55 
Generallogin PinmemberSeemaAmin13-Feb-06 10:38 
GeneralInteresting PinmemberCristian O.11-Feb-06 11:01 
GeneralNice Code Pinmembergirishraj10-Apr-06 22:45 
GeneralRe: Nice Code PinmemberMember 80641177-Jul-11 10:49 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web01 | 2.8.140821.2 | Last Updated 9 Feb 2006
Article Copyright 2006 by Rahul Mahajan
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid