Dear AncientOne,
As your content is already accessible to anonymous visitors, I'm not
exactly sure how far you wanna take your security scheme. Do you just
wanna keep Google out? Try changing the robots.txt file in your website
root (which I see that you do not have -
http://www.w8usa.org/robots.txt - you have to have one - that is just
webmastering 101). Here's a sample robots.txt file:
User-agent: *
Disallow: /
User-agent: Roverbot
Disallow: /
Just copy the above, paste into notepad, and upload to your server with
the name robots.txt. The example that I have given you will prevent
search engine spiders from indexing your web site at all. That may not
be good. Every folder that you want to be protected should be included
in the list above. I am almost certain that is not what you had in
mind. Plus, that trick never works, Bullwinkle. If there is any
direct html link to your page club_Library.htm - and I see that there
isn't (search engine spiders cannot read where your flash nav bar is
pointing, by the way)- a lot of spiders will index your page anyway. I
am not talking about a direct link to your page just on YOUR website, I
mean there can be no direct link to the library page anywhere on the
Internet.
The rest of this article assumes that you are hosted on a
Windows--based server, or at least one that can handle .asp extensions
on web pages. If you're not, ask your hosting company about upgrading
you to that service, or, if they do not offer it, give some strong
consideration to moving your website to one that does. Data driven
sites are far, far, superior in capabilities to straight html pages.
You can customize the user experience, provide information from remote
data sources, implement a powerful security schema, and so on. A whole
new world is going to open up to you. Let's continue.
Now, If you just want people to type in anything to get in (thereby
keeping the search engine spiders out), you can send an e-mail to every
one that you want to have access the username and password given below,
or create a login page with the username and password written right on
the page that they should enter. Here is how to do that. First,
create a new folder called library. Save
http://www.w8usa.org/club_Library.htm to the new folder and give it a
new name:
http://www.w8usa.org/libary/library.asp - changing the file
name extension from htm to asp. will not make any difference, even
though FP will throw up a warning window. Do it anyway. Then, in HTML
view, erase all of the code on the page
http://www.w8usa.org/club_Library.htm , and replace it with :
<SCRIPT LANGUAGE="JavaScript">
window.location="
http://www.w8usa.org/libary/index.asp";
// -->
</script>
I tell you to do this because that Flash menu bar that you've created
on the bottom of your page is hard coded to point to
http://www.w8usa.org/club_Library.htm - this way you will not have to
change that menu bar. Next, in the library folder, create a new page
called index.asp, and here's all the code that you need to put in that
page:
<%response.buffer=true%>
<%
response.redirect "login.asp"
%>
This will redirect visitors to your login page, and protect you from
nosy browsers. Now, let's create the login page. Here is the code for
that:
<%
Response.Expires = -1000
Response.Buffer = True
Session("UserLoggedIn") = ""
If Request.Form("login") = "true" Then
CheckLogin
Else
ShowLogin
End If
Sub ShowLogin
%>
<html>
<head>
<title>Please Login</title>
</head>
<body>
Please type in User Name: user - and Password: enter
<form action="login.asp" method="post">
User Name: <input name="username">
Password: <input type="password" name="userpwd">
<input type="hidden" name="login" value="true">
<input type="submit" value="Login">
</form>
</body>
</html>
<%
End Sub
Sub CheckLogin
If LCase(Request.Form("username")) = "user" And
LCase(Request.Form("userpwd")) = "enter" Then
Session("UserLoggedIn") = "true"
Response.Redirect "library.asp"
Else
Response.Write("User Name/Password entered is invalid. Please try
again.")
ShowLogin
End If
End Sub
%>
Remember to save this page as login.asp in the library folder. Now for
the easy part. You can create an entire subsection of your web in the
library folder, and every page will be protected as long as you add the
following code to the top of every page that you want to protect
(before the <html> tag):
<%
Response.Expires = -1000
Response.Buffer = True
If Session("UserLoggedIn") <> "true" Then
Response.Redirect("
http://www.w8usa.org/libary/login.asp")
End If
%>
If the visitor has not logged in, they will be redirected back to the
login page. That's it. If, on the other hand, you would like to have
a database login system that forces the user to register, to use a real
e-mail address, allows them to set their own username and password,
and so on, a complete application for that can be found at:
http://aspalliance.com/178 - good luck, AncientOne.