ASP and ASPX Examples and Documentation

Contents of template3.asp:

<html> <head> <!--- Client side scripts go here (VBScript or Javascript)---> <script language="VBScript"> <!--- sub show_pass_in_span temp=document.passform.pn.value passnum.innerHtml=temp td.innerHtml=now end sub ---> </script> <!------ end of client side script ---> </head> <% dim get_pass dim u_ok dim p_ok dim rspwd dim rsuid sub check_it u_ok=0 p_ok=0 set rs = Server.CreateObject("ADODB.Recordset") os="SELECT * FROM login Where user_id="+chr(39)+cstr(request.form("uid"))+chr(39) rs.Open os, "DSN=gl001;UID=gl001;PWD=11111" c=0 while not rs.EOF c=c+1 rspwd=rs("password") rsuid=rs("user_id") rs.movenext wend if c=1 then u_ok=1 if request.form("pwd")=rspwd then p_ok=1 exit sub end if end if rs.close set rs=nothing end sub sub put_the_loginpage (user_message) %> <body> <p> <center> <Table border="1"> <tr><td valign='middle' bgcolor='#999999'><img src="captsm.gif"></td> <td valign='middle' bgcolor='#999999'><center><font color="#ffffff"><font face="Comic Sans MS">  <br>  <b>Login Page (template3.asp)</b> <br>  <br>  </td></tr></table> <form name='passform' method='POST' action='template3.asp'> <% response.write "<P>"+user_message+"<p>" %> First, enter your User ID <input type="text" size="15" maxlength="15" name="uid"><p> Next, enter your Password <input type="password" name="pwd" size="15" maxlength="15"><p> <input type="submit" value="Now Click This Button to Login"> <% end sub sub put_the_quitpage (user_message) %> <body bgcolor="#aa0000"> <p> <center><p><b> <% response.write user_message end sub sub put_the_workingpage %> <body onLoad="show_pass_in_span"> <p> <Table border="1"> <tr><td valign='middle' bgcolor='#999999'> <img src="captsm.gif"></td> <td valign='middle' bgcolor='#999999'><center><font color="#ffffff"><font face="Comic Sans MS">  <br><b>Working Page Using the <i>template3.asp</i> <br> With Login and Userid-Password Checks on Each Pass<br>  </td></tr></table> <p> The user has passed the login screen <p>This and all subsequent passes <b>CHECKS the USERID and PASWORD EACH TIME</b> <form name="passform" method="post" action="template3.asp"> <p> Current pass is: <b><SPAN id="passnum"></SPAN></b> <p> Time-Date is: <SPAN id="td"></SPAN> <% end sub sub pass1 call check_it if u_ok=1 and p_ok=1 then call put_the_workingpage response.write "<input type='hidden' name='pn' value='1'>" response.write "<input type='hidden' name='uid' value='"+cstr(rsuid)+"'>" response.write "<input type='hidden' name='pwd' value='"+cstr(rspwd)+"'>" response.write "<p><input type='submit'>" else call put_the_quitpage("<b>Userid/PAssword No Longer in Request Data") end if end sub sub pass2 call check_it if u_ok=1 and p_ok=1 then call put_the_workingpage response.write "<input type='hidden' name='pn' value='2'>" response.write "<input type='hidden' name='uid' value='"+cstr(rsuid)+"'>" response.write "<input type='hidden' name='pwd' value='"+cstr(rspwd)+"'>" response.write "<p><input type='submit'>" else call put_the_quitpage("<b>Security Porblem. Userid/Password No Longer in Request Data") end if end sub sub pass3 call check_it if u_ok=1 and p_ok=1 then call put_the_workingpage response.write "<input type='hidden' name='pn' value='3'>" response.write "<input type='hidden' name='uid' value='"+cstr(rsuid)+"'>" response.write "<input type='hidden' name='pwd' value='"+cstr(rspwd)+"'>" response.write "<p><input type='submit'>" else call put_the_quitpage("<b>Security Porblem. Userid/Password No Longer in Request Data") end if end sub sub pass4 call check_it if u_ok=1 and p_ok=1 then call put_the_workingpage response.write "<input type='hidden' name='pn' value='4'>" response.write "<input type='hidden' name='uid' value='"+cstr(rsuid)+"'>" response.write "<input type='hidden' name='pwd' value='"+cstr(rspwd)+"'>" response.write "<p><input type='submit'>" else call put_the_quitpage("<b>Security Porblem. Userid/Password No Longer in Request Data") end if end sub sub pass5_or_more call check_it if u_ok=1 and p_ok=1 then call put_the_workingpage get_pass=cint(get_pass)+1 response.write "<input type='hidden' name='pn' value='" response.write cstr(get_pass) response.write "'>" response.write "<input type='hidden' name='uid' value='"+cstr(rsuid)+"'>" response.write "<input type='hidden' name='pwd' value='"+cstr(rspwd)+"'>" response.write "<p><input type='submit'>" else call put_the_quitpage("<b>Security Porblem. Userid/Password No Longer in Request Data") end if end sub ' '*** Top of Main ' get_pass=Request.Form("pn") select case get_pass case "" call put_the_loginpage ("") '*** NO message response.write "<input type='hidden' name='pn' value='log1'>" case "log1" call check_it if u_ok=1 AND p_ok=1 then call pass1 else if u_ok=0 then call put_the_loginpage("<b>USER ID INVALID -- TRY AGAIN</b>") else call put_the_loginpage("<b>PASSWORD INVALID -- TRY AGAIN</b>") end if response.write "<input type='hidden' name='pn' value='log2'>" end if case "log2" call check_it if u_ok=1 AND p_ok=1 then call pass1 else if u_ok=0 then call put_the_loginpage("<b>Second Login Attempt Failed<br>USER ID INVALID -- TRY AGAIN</b>") else call put_the_loginpage("<b>Second Login Attempt Failed<br>PASSWORD INVALID -- TRY AGAIN</b>") end if response.write "<input type='hidden' name='pn' value='log3'>" end if case "log3" call check_it if u_ok=1 AND p_ok=1 then call pass1 else if u_ok=0 then call put_the_quitpage("<b>Third Login Attempt Failed<br>USER ID INVALID -- TRY AGAIN</b>") else call put_the_quitpage("<b>Third Login Attempt Failed<br>PASSWORD INVALID -- TRY AGAIN</b>") end if end if case "1" call pass2 case "2" call pass3 case "3" call pass4 case else call pass5_or_more end select %> </form> </body> </html>

***** end of file *** printed: 229 lines on: 11/23/2009 5:55:58 AM