Summary

Creating the tour diary functionality has shown us how to implement several useful ideas. We first looked at creating a secure area of the site, by creating a new directory and adding our secure pages to it. The ASP.NET configuration file (Web.config) was used to store the access details for that secure area. The really great thing about ASP.NET is that once security is configured, you don't have to worry about doing security checks in each page. ASP.NET knows whether you've logged in or not, and if you haven't, it automatically redirects you to the login page. This means less coding for you, and a simple way to implement secure sites.

We also looked at moving code into a data-access layer – it's something we've said before (and no doubt will again!), but this is a sensible design choice. It means the data code is separate from the ASP.NET pages, and allows you to easily change the code if you need to.

The final example looked at filtering data, giving the user a much more friendly page, allowing them to concentrate on their favorite band members.

In the following chapter, we will be looking at how to include functionality in your site to remember your visitors and keep a track of who is logged in and when they did so.