I have an ASP page that sends a location variabe to the database and
retrieves the appropriate corresponding data. I would like to add a
simple password to open this page.
The page is accessed by selecting a location which opens the page via
a links such as:
http://dir-w2k/equiplist/search/CRL....cation=BRN_101 http://dir-w2k/equiplist/search/CRL....cation=BRN_102 http://dir-w2k/equiplist/search/CRL....cation=BRN_103
Here's the Problem:
After validating the password the page loads as:
http://dir-w2k/equiplist/search/CRL.ASP instead of
http://dir-w2k/equiplist/search/CRL....cation=BRN_101
How can I add a password protection that will check the password first
then continue to search for the original selected variable
(Location=BRN_101)and return data.
I've been at this for three days and need someone with fresh eyes
The actual page code is as follows:
<%@ LANGUAGE=VBSCRIPT %>
<%
Response.Buffer = True
STATUS = Request("STATUS")
PASSWORD = Request("PASSWORD")
If STATUS = "CHECKEM" Then
If PASSWORD = "12345" THEN
Session("PASSWORDACCESS") = "Yes"
End If
End If
If Session("PASSWORDACCESS") <> "Yes" Then
%>
<HTML>
<BODY bgcolor="#FFFFFF">
<form method="POST" action="CRL4.asp">
<BR>
<BR>
<BR>
<div align="center"><center><p><input type="password"
name="PASSWORD" size="10"><br>
<input type="hidden" value="CHECKEM" Name="STATUS" >
<input type="submit" value="Login"></p>
</center></div>
</form>
</BODY>
</HTML>
<%
Response.End
End If
%>
<HTML>
<BODY bgcolor="#FFFFFF">
<%
Dim SQLFrom, SQLWhere, SQLQuery
SQLFrom = "SELECT * From Inventory_Database Where "
SQLWhere = Request.QueryString("Location")
SQLWhere = SQLFrom & " Room_Code Like " & "'" &
Replace(Request.QueryString("Location"), "'", "''")
& "%' Order By Building"
SQLQuery = SQLWhere
rsList.Open SQLQuery, Conn
%>
<%If (Not rsList.EOF)Then
response.write ("<font size=8 color=#800080 face=Arial>" &
rsList("Building") & " " & rsList("Room Number")) %>
<div align="center">
<center>
<table border="0" cellpadding="0" cellspacing="0"
style="border-collapse: collapse" bordercolor="#111111" width="100%">
<tr>
<td width="95%" align="center" colspan="6"> </td>
</tr>
<tr>
<td width="20%" align="center"> </td>
<td width="15%" align="center"> </td>
<td width="15%" align="center"> </td>
<td width="15%" align="center"> </td>
<td width="15%" align="center"> </td>
<td width="15%" align="center"> </td>
</tr>
<tr>
<td width="20%" align="center"><b>
<font size="4" face="Arial"
color="#800080">Equipment</font></b></td>
<td width="15%" align="center"><b>
<font size="4" face="Arial"
color="#800080">Brand</font></b></td>
<td width="15%" align="center"><b>
<font size="4" face="Arial"
color="#800080">Model</font></b></td>
<td width="15%" align="center"><b>
<font size="4" face="Arial" color="#800080">Serial
Number</font></b></td>
<td width="15%" align="center"><b>
<font size="4" face="Arial" color="#800080">Procurement
TAG</font></b></td>
<td width="15%" align="center"><b>
<font size="4" face="Arial" color="#800080">Replacement
Lamp</font></b></td>
</tr>
</table>
</center>
</div>
<%
While (Not rsList.EOF)
%>
<div align="center">
<center>
<table border="1" cellpadding="0" cellspacing="0"
style="border-collapse: collapse" bordercolor="#111111" width="100%">
<tr>
<td width="20%" align="center"><% response.write ("" &
rsList("Equipment") & "") %> </td>
<td width="15%" align="center"><% response.write ("" &
rsList("Brand") & "") %> </td>
<td width="15%" align="center"><% response.write ("" &
rsList("Model") & "") %> </td>
<td width="15%" align="center"><% response.write ("" &
rsList("Serial Number") & "") %> </td>
<td width="15%" align="center"><% response.write ("" &
rsList("UofS Procure TAG") & "") %> </td>
<td width="15%" align="center"><% response.write ("" &
rsList("Lamp Model") & "") %> </td>
</tr>
</table>
<%
rsList.MoveNext
Wend
Else response.write ("<font size=5 color=#800080 face=Arial>There is
no audiovisual inventory assigned to this room.")
%>
<BR><BR>
<%
response.write ("<A href=""" & ("CRL2.asp?location=" &
Request.QueryString("Location") & "")& """><font size=4 color=#800080
face=Arial>Return")
End If
%>
</BODY>
</HTML>