Checking the contents of a text file for log-in

Seifer · #1 (**permalink**) December 10th, 2006, 07:16 AM

Hi All,

I'm fairly new to the Net development as as such the course I'm on has started teaching us legacy ASP.

One of the tasks is that we're asked to do is to validate a login against the details stored in a standard text file. Can anyone give me an idea on how this might be done as I'm struggling somewhat.

Many thanks,
Seif

m_soni21 · #2 (**permalink**) December 10th, 2006, 11:25 AM

Hii

All you can do is, first read the text file Line wise. then break the words accordingly. Store those information in a variable and then validate it.

Regards,
Soni

woodyz · #3 (**permalink**) December 10th, 2006, 11:35 AM

It would probably be good for you to ask specific questions on the things that are blocking you.

However, here is the basic idea:
You need a page with a couple of text input elements for UserId and Password, which could be named txtUserId and txtPassword, and a submit button for the user to click. The page can submit to itself, which is sometimes called a postback.

In the code of the page you need to read the form variables for the two text input elements, read from a file and compare the values from those variables against the data in the file.

To read values from form variables you use the request.form("txtUser") syntax.

To read from a file you will want to use the FileScriptingObject and a TextStream object. You can search these on the web to find lots of tutorials and examples.

You will need some way to store the allowed users in the file, but for now I would suggest starting with just one user. If you store the UserId on one line, and the Password on the next, that will probably be easiest for starters, then you can make it more sophisticated after you get that figured out.

Once you get the values from the file, you will compare them with the values that came from the postback, and then allow access if they match.

Of course... what does "allow access" mean? You will need to authenticate the user on each request for each page in your site. One way to do this is by checking for a value you store as a session variable. Lets call this session variable "Allowed". When someone successfully logs in you set this session variable to "True" like this:

Session("Allowed") = "True"

Once this is done, you can check this as the first action in any page on your site, and redirect to your login page if the user hasn't yet been authorized.

If not Session("Allowed") = "True" then
response.redirect "MyLoginPage.asp"
end if

That is the basics of it. Let us know if you have some specific question.

Woody Z
http://www.learntoprogramnow.com

Seifer · #4 (**permalink**) December 10th, 2006, 01:08 PM

Hi Woody, Soni,

Many thanks for the response. I'll give bit more detail as I'm just not getting it. First off, the detail of the text file, which is called customers.txt has the following data: -

Quote:

quote:101

Quote:

0
Abbi
Smith
abcdef
abbi.smith@abc.com
05555-111111
1 Orchard Road,Loughton,Milton Keynes,MK8 6AE
5-Nov-2004

I've also got two functions that I think will help: -

Code:

Function IsAuthenticCustomer(strFEmail, strFPwd)
'Purpose:   determine if credentials match an existing customer
'inputs:    strFEmail - email credential
'            strFPwd - password credential
'outputs:    None
'return:    CustomerID if customer found, else 0
'notes:        requires 'app_constants.asp'
'**************************************

'declare local variables
Dim arrFCustomers()
Dim intFHaveCustomers, intFCustLoop, intFCustID
Dim blnCustOK

'set the default value for the return flag
intFCustID = 0

'call the data access routine to collect all the customer records
intFHaveCustomers = GetAllCustomers(arrFCustomers, CUSTFILE)

If intFHaveCustomers > 0 Then
    For intFCustLoop = 0 to intFHaveCustomers-1
        'test the 4th (password) and 5th (email) elements of the array
        If CStr(arrFCustomers(5,intFCustLoop)) = strFEmail And CStr(arrFCustomers(4,intFCustLoop)) = strFPwd Then
            'save the ID
            intFCustID = CInt(arrFCustomers(0,intFCustLoop))
            'break out of the loop
            Exit For
        End If
    Next
End If

'set the return value
IsAuthenticCustomer = intFCustID
End Function

Code:

'**************************************
Function GetNextCustomerID()
'Purpose:   get the next customer ID number from the appdata file
'            and increment for the next time
'inputs:    None
'outputs:    None
'return:    next customer ID number in squence
'**************************************
'declare constants'
Const FORREADING = 1
Const FORWRITING = 2

'declare local variables'
Dim objFSO, objTS
Dim intFCustomerID, intFTransactionID
Dim strFAppDataFile

'set the application data file and map to file-sapce'
strFAppDataFile = Server.MapPath("data/appdata.txt")

'create the FileSystemObject
Set objFSO = CreateObject("Scripting.FileSystemObject")
'create TextStream object, but don't force create
Set objTS = objFSO.OpenTextFile(strFAppDataFile,FORREADING, False)

'read the two lines from the file, 2nd line is next transaction ID
intFCustomerID = CInt(objTS.ReadLine)
intFTransactionID = CInt(objTS.ReadLine)

objTS.Close        'close the file, but retain object for later
GetNextCustomerID = intFCustomerID        'save the return value
intFCustomerID = intFCustomerID + 1        'update for the next CustomerID

're-open the file for overwriting, or force creation if lost
Set objTS = objFSO.OpenTextFile(strFAppDataFile,FORWRITING, True)
'write the two values
objTS.WriteLine intFCustomerID
objTS.WriteLine intFTransactionID

objTS.Close                'close file
Set objTS = Nothing        'clear local objects
Set objFSO = Nothing    'clear local objects
End Function

I'm going to have a play around and will come back for help, if you guys don't mind?
Cheers again,
Seif

woodyz · #5 (**permalink**) December 10th, 2006, 04:16 PM

Yeah.
I don't think the GetNextCustomerId method has anything to do with your current task of authenticating your user.

So what exactly is your problem?

Woody Z
http://www.learntoprogramnow.com

Seifer · #6 (**permalink**) December 11th, 2006, 09:31 PM

I'm not sure on how to compare the values to the ones stored in the text file.

woodyz · #7 (**permalink**) December 12th, 2006, 11:50 AM

It looks like this line is doing your comparison:

Code:

If CStr(arrFCustomers(5,intFCustLoop)) = strFEmail And CStr(arrFCustomers(4,intFCustLoop)) = strFPwd Then

Is it not working? And if it is not working, what is happening?

Woody Z
http://www.learntoprogramnow.com

Seifer · #8 (**permalink**) December 17th, 2006, 08:49 PM

So far I have this: -

So far I've got this code: -

I've tried to get my code to establish that the file exists and to read it but thats as far as I can get. I'm really not getting this so any suggestions are appreciated. How do I get the value from the form into a variable then check them against what is stored in the file?

Code:

<%@Language=VBScript %>
<% Option Explicit
'*******************************************
'Application: A and B Pots and Pans - on-line sales application
'Author:    Steven Andrews
'Date:        14 December 2006
'Version:    1.1
'Page:        customer_login.asp
'QueryString: None
'Form:        Login page for the application
'Purpose:    To authenticate and login in a user.
'*******************************************
Const Filename = "data/customers.txt"    ' file to read just incase the Global.ASA doesn't load
' Create a filesystem object
Dim FSO
set FSO = server.createObject("Scripting.FileSystemObject")
' Map the logical path to the physical system path
Dim Filepath
Filepath = Server.MapPath("data/customers.txt")
if FSO.FileExists(Filepath) Then

    ' Get a handle to the file
    Dim file    
    set file = FSO.GetFile("data/customers.txt")


    ' Open the file
    Dim TextStream
    Set TextStream = file.OpenAsTextStream(ForReading, _
                                               TristateUseDefault)

    ' Read the file line by line
    Do While Not TextStream.AtEndOfStream
        Dim Line
        Line = TextStream.readline

'PROECDURES **************************************
%>


<%
'*******************************************
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
    <title>Customer Log-in</title>
    <link rel="STYLESHEET" type="text/css" href="abpans.css">
</head>
<body bgcolor="#FFFFFF" text="#000000" leftmargin="0" topmargin="0" rightmargin="0" bottommargin="0" marginwidth="0">
<img src="images/cook_shop.gif" alt="A and B Pans" width="500" height="60" border="0">
<table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
    <td width="25%" rowspan="3" valign="top" nowrap>
    Please use this form to log-in.</td>

    <td valign="top">

     <form action="customer_login.asp" method="post" name="customer_login">
     Email Address: <input name="Email Address" type="text"><br>
     Password: <input name="strFPwd" type="password"><br>
     <input name="Submit" type="submit" value="Submit">
     <input name="Reset" type="reset" value="Reset">
     </form>
    </td>
</tr>
</table>
</body>
</html>

Seifer · #9 (**permalink**) December 17th, 2006, 09:41 PM

I'm being dime, read up on the syntax

strFEmail = Request.Form("email_address")
strFPwd = Request.Form("password")

Seifer · #10 (**permalink**) December 17th, 2006, 09:53 PM

Where would I use the above as if I declare them, my page doesn't load. Am I supposed to declare these only within a comparison or something?

Need to download code?

Navigation