Web Building
HOME Web Empty Site Web DatabasePHP
PHP Demo PHP Website PHP Styles PHP Database PHP Navigation PHP AjaxASP Classic
ASP Demo ASP Website ASP Styles ASP Database ASP Login ASP Security ASP Navigation ASP AjaxASP Web Pages
WebPages Demo WebPages Website WebPages Styles WebPages Database WebPages Login WebPages Security WebPages Navigation WebPages AjaxASP Web Forms
WebForms Demo WebForms Website WebForms Styles WebForms Database WebForms Navigation WebForms AjaxASP.NET Web Pages - Adding Security
Learn ASP.NET Web Pages by building a web site from scratch.
Part V: Adding Security.
What We Will Do
In this chapter we will:
- Add access restriction security to a web page
Membership, Login, and Security
In the previous chapter we added a registration page and a login page to the web site.
When a membership is registered, the user can login, with his email address and password.
However, user membership and login functions do not automatically restrict (or open) any access to the web site.
Security (access restrictions) has to be added to each of the web pages.
Adding Security to Pages
Access restrictions (security) can easily be added to any web page.
Just put the following code inside the page:
Security Code:
if (!WebSecurity.IsAuthenticated)
{
Response.Redirect("Login.cshtml");
}
{
Response.Redirect("Login.cshtml");
}
The code above executes an if test, asking if the user is logged in. If not, the user is redirected to the login page.
Preventing Access to the Database
In our example, the page Customers.cshtml, lists customers from the "Northwind" database.
Add the security code at the beginning of the page:
Customers.cshtml
@{
if (!WebSecurity.IsAuthenticated)
{
Response.Redirect("Login");
}
Layout = "Layout.cshtml";
var db = Database.Open("Northwind");
var query = db.Query("SELECT CompanyName,City,Country FROM Customers");
}
<html>
<body>
<h1>Customers</h1>
<table>
<tr>
<th>Name</th>
<th>City</th>
<th>Country</th>
</tr>
@foreach(var row in query)
{
<tr>
<td>@row.CompanyName</td>
<td>@row.City</td>
<td>@row.Country</td>
</tr>
}
</table>
</body>
</html>
if (!WebSecurity.IsAuthenticated)
{
Response.Redirect("Login");
}
Layout = "Layout.cshtml";
var db = Database.Open("Northwind");
var query = db.Query("SELECT CompanyName,City,Country FROM Customers");
}
<html>
<body>
<h1>Customers</h1>
<table>
<tr>
<th>Name</th>
<th>City</th>
<th>Country</th>
</tr>
@foreach(var row in query)
{
<tr>
<td>@row.CompanyName</td>
<td>@row.City</td>
<td>@row.Country</td>
</tr>
}
</table>
</body>
</html>
The Customers page above, is a copy of the page from the previous chapter about databases. The security code (added at the beginning) is marked red.
Congratulations
You have added security to your web site, using the WebSecurity object.
For a full reference to the WebSecurity object, please visit our WebSecurity Object Reference.
W3Schools' Online Certification
The perfect solution for professionals who need to balance work, family, and career building.
More than 10 000 certificates already issued!
The HTML Certificate documents your knowledge of HTML.
The HTML5 Certificate documents your knowledge of advanced HTML5.
The CSS Certificate documents your knowledge of advanced CSS.
The JavaScript Certificate documents your knowledge of JavaScript and HTML DOM.
The jQuery Certificate documents your knowledge of jQuery.
The XML Certificate documents your knowledge of XML, XML DOM and XSLT.
The ASP Certificate documents your knowledge of ASP, SQL, and ADO.
The PHP Certificate documents your knowledge of PHP and SQL (MySQL).
Your suggestion:
Close [X]
Thank You For Helping Us!
Your message has been sent to W3Schools.
Close [X]
