Project Summary
|
| < Day Day Up > |
|
Habitat Alert site Working through the exercises for this chapter, you added ASP (Active Server Pages) VBscript server-side logic to the administrative intranet site that supports the public internet site for the project. You defined the site (using a local testing server), added a connection string, and built recordsets through queries that allow the modification of the 
admin.mdb database. You built pages that control access to the database to users (subscribers) with Admin authorization level only.
Each of these tasks might be used with any database and are standard practice when functions for a site include transient users. An administrative site is typically required for "good housekeeping" and restricting access to the functions is sensible. The more critical the information, the more important such a restriction is. In most cases, the intranet site would be protected further by situating it on a secure server that might itself contain logic requiring additional verification of identity and authorization.
| Files | What Was Done | Where to Now? |
|---|---|---|
| | Used to view all users/subscribers in the database. You could use the same meth- ods to view only users with a specified AuthLevel or view a list of users from a specific zip code by filtering the results of your recordset. | Ready for upload to a server. |
| | As the entry point to the intranet site, you set up a login form to gather LoginName and password for the user, which is passed to a validation page. | Ready for upload to a server. |
| | You set up this page to verify the login and password of the user, checking their AuthLevel against the database of subscribers. You used server behaviors to control content presented to the user based on their authorization level. To prevent users from accessing this page directly, you added code that restricts access to the page and built a session variable in the page to store the users info for the entire site. | Ready for upload to a server. |
| | Using a server behavior to insert a record, you set up a form to allow creation of any level user and used Dreamweaver's built- in Form Validation behavior to ensure that all fields contained entries. You set up a redirect page where the user is sent if the task is successfully completed. You set up a check against the list of login names to prevent duplication of such and created a page where the user is sent if the entry is duplicated. You also restricted access to this page, preventing any user from typing in its URL to bypass the login page, by sending the non-logged-in user back to the login page. | Ready for upload to a server. |
| | Using a server behavior, you set up this page to remove a record from the subscribers table in the | Ready for upload to a server. |
| modify_users.asp | You set up this page to allow changes to be made to existing user records in the database. You used server behaviors to display a single record and created both a navigation object and a status object for moving through and identifying which record is displayed. Access to this page was also restricted. | Ready for upload to a server. |
| | You set up a redirect page (not_authorized.htm) to which users are sent when menu links are clicked and the user is not logged in. | Ready for upload to a server. |
|
| < Day Day Up > |
|
EAN: 2147483647
Pages: 491