Using the code
About New User Registration & Login
Now, let me tell you how it works. Firstly, when the user wants to visit the protected are of your site, he/she has to register his/her name before logging in - for this, they can use registration.asp.
After completing the registration process, a new user can login using login.asp. The user enters the username and password here - if the username and password are correct, then the protected page will be opened - protected.asp. If the username or password are incorrect - an error message will be displayed and the user will be redirected to login page again.
To logout from the protected area, use - logout.asp. After logout, if the the user/member has to login again, then he/she has to repeat the above process.
About the Authentication File
Please note that this file is very important if you have links in the protected area of your website and you want them not to be open without proper login.
Login Page --> After entering correct username and password opens --> Protected Page
Link1 - Link2 - Link3 - Link4 - Link5
Suppose the user visits the protected area of the website on day1 and finds that there are some links available in the protected page (i.e. protected.asp, in this case) and the user visits one of the given links. If the user notes the URL of that particular page then the user can easily visit that page without login. To prevent this, an authentication file is used. Therefore, the user has to login each time the user visits the site.
There are two methods to perform this:
- By including an authentication file on the top of every page linked to the protected area, before the
- By writing the content of the logincheck.asp on top of every page in the protected area, before the
About User-Account Information
Registered users can view and change their account details online.
About Password Retrieving
If user forgets his/her password then he/she can use this feature. On submitting the details filled at the time of registration, one can easily retrieve his/her password, view it, and change it if required.
This is an added feature where the site administrator can view or delete the account Information of his/her registered user. This can be done online. This is a very useful feature for an e-commerce site.
Points of Interest
The code helps in the following ways:
- Protects web content from unauthorized visitors.
- Deletes web cookies immediately after the user closes the browser window.
- Immediate expiration of the web content (web pages) thus helping in not saving it on the user's temp folder.
- Prompts user to login again once the session expires. Even if the user presses the Back button of the browser he/she will have to login again.
- User can't save the protected pages (Internet Explorer only) from the File menu of the browser window to his/her hard drive.
- ASP session and textual Cookies are used to run this code. It gives an added security to complete a web-site.
- Registered users can view their account details online and can change the password from time to time.
- The Global.asa file is included which helps in showing the number of active users on a site.
- Web-site hit-counter is included to view the number of visits on a specific site.
- Site admin can view the complete account details of registered users.