How to password protect your asp pages

After doing some basic cost accounting, you've calculated that it costs your company an average of $2.14 to respond to a customer's order inquiry on the telephone but only 10 cents if the customer accesses the data via your Web site. Surely you don't need any more research to convince you that the Internet is the way to go.

In "Do It on the Web," JofA, Mar. 01, page 43, we demonstrated how to create a basic Web site with Microsoft's FrontPage. In this article we'll go several steps further: To demonstrate a Web site's flexibility, we'll show you how to set up a site that lets customers determine whether what they want to buy is in your inventory, verify orders and change an order if need be, and convert an order's format to Excel because some accounting data are best handled in a spreadsheet.

While this workshop focuses on enhancing customer service, with some adaptation, you can modify it for many other uses.

VIEWING ORDERS

In order to track this tutorial, you'll need to download the Access database and the FrontPage file we created in the earlier article. You'll find them at http://ftp.aicpa.org/public/download/GardenDelights.exe and at http://ftp.aicpa.org/public/download/ExoticFoods.mdb.

Once they're downloaded, create a folder called webs7 in the C:\My Documents\My Webs folder (assuming C:k is your root directory). Unzip GardenDelights.exe to C:\My Documents\My Webs\webs7, and now you're ready to begin. Add a table to ExoticFoods.mdb by opening the database and double-clicking on Create table in Design view (see exhibit 1, at right).

[EXHIBIT 1 OMITTED]

Using the knowledge you obtained in the prior article, create five fields: OrderNo, CustNo, Password, ProdDesc and Quantity. OrderNo has been designated as the primary key (right-click on the OrderNo and select Primary Key from the shortcut menu). Save the table as Orders (see exhibit 2, at left).

[EXHIBIT 2 OMITTED]

Add a few records to the table (select View, Datasheet View) as shown in exhibit 3, at left, and close both the database and Access.

[EXHIBIT 3 OMITTED]

Now open FrontPage and the Garden Delights Web site and create a new page by doing the following: In Navigation View, click on the Home Page (Garden Delights) and select File, New and Page. Right-click on the new page, select Rename from the shortcut menu and change the page label to Orders. Press Enter and select View, Refresh to see the new file (orders.htm) in the Folders List. Right-click on order.htm, select Rename and change the file to orders.asp. To change the Page Title to Customer Orders, double-click on the orders.asp file, right-click on the page and select Page Properties, add Customer to the Title and click on OK (see exhibits 4 and 5, below).

[EXHIBIT 4-5 OMITTED]

Type in Check Your Order on the orders.asp page. We'll use the Database wizard to modify the existing Food database connection to display the customer orders. Select Insert, Database, Results and click on Use an existing database connection. Make sure the Food database connection is selected by clicking on the down arrow until you find it (see exhibit 6, page 51).

[EXHIBIT 6 OMITTED]

Click on Next to find the Orders table (see exhibit 7, page 51). You may have to click on the down arrow to find it.

[EXHIBIT 7 OMITTED]

Click on Next to show the fields that will be displayed; there are only five fields in this example. You can scroll down to view all the fields (see exhibit 8, page 51).

[EXHIBIT 8 OMITTED]

Now we have to password-protect the information so only the company and the customer can access it. Since we don't want the password to appear on the screen, click on Edit List and remove Password from Displayed Fields on the right by double-clicking to send it to the Available fields area (see exhibit 9, page 51). Click on OK.

[EXHIBIT 9 OMITTED]

Click on More Options, Criteria and then on Add to tell FrontPage how to restrict the records. In this example, the customer would enter its number in OrderNo to search for its orders. Note that Use this search form field is checked (see exhibit 10, page 52).

[EXHIBIT 10 OMITTED]

Click on OK (see exhibit 11, page 52).

[EXHIBIT 11 OMITTED]

Click on the Add button again and use the dropdown box to find Password. This will require users to enter their password (see exhibit 12, page 52). Click on OK.

[EXHIBIT 12 OMITTED]

Click on OK again to return to the More Options dialog box. Click on the Defaults button and add a default value for the OrderNo field by clicking on Edit. The default can be any value--just make sure it is not an actual order number so that a customer's order doesn't appear as the default. Click on OK. Repeat the process to add a default value for Password. Finally, you may want to modify the default message by suggesting customers reenter their order number (see exhibit 13, page 52).

[EXHIBIT 13 OMITTED]

Click on OK, Next, Next and Finish. Save the page. To customize the Submit button on the search form, right-click on the button and select Form Field Properties from the shortcut menu. Type in Check your order in the Value/label textbox and click on OK (see exhibit 14, page 52). The Reset button is not helpful in this application; click on it once to select and delete it. Save the page.

[EXHIBIT 14 OMITTED]

Finally, we'll change the properties of the Password field in the search function so that asterisks (* * * *) fill the textbox. To do that, right-click on the Password textbox, select Form Field Properties and change the Password field from No to Yes. Click on OK and save the page (see exhibit 15, page 52). Be aware that each time you tweak the Web page and regenerate the database, the field defaults back to No--so you have to change it back each time.

[EXHIBIT 15 OMITTED]

CUSTOMER OPTIONS

Now we want to give customers an opportunity to either confirm their orders or, if necessary, change them. Although this requires a bit of coding, it's worth the effort and you can streamline the process by using FrontPage's Replace feature. The activity requires three pages: a catalog order page, a confirmation page and a thank-you page.

Start by creating the catalog order page. In Navigation View, click on the Home Page (Garden Delights) and select File, New, Page. At the top of the page, enter a heading: Garden Catalog, Complete the form to receive the newest 75-page catalog. Select Insert, Form, One-line textbox. Press Shift-Enter to create a line break. Repeat until there are seven textboxes, one for each data item to be collected (see exhibit 16, page 52). We'll add the textbox labels shortly.

[EXHIBIT 16 OMITTED]

Now we'll create a two-column, seven-row table inside the form. To do that, make sure your cursor is inside the form and click on Table, Insert, Table and then set seven rows and two columns. Change the border size to 0 to make the table invisible. Drag the textboxes one at a time into the second column. Place the corresponding labels in the first column of the table.

To name a textbox, right-click on it and select Form Field Properties. Replace the default name, such as T1, with a meaningful name: Name for the Name box, Address for the Address box, and so on. You will need to click on OK after each entry. Save the catalog order page as catalog.asp and change the page title to Catalog Orders by right-clicking on the page and selecting Page Properties.

We'll make a copy of this page as the foundation for the confirmation page, which we'll prepare now. Save the catalog.asp page under a new name--confirm.asp. Change the heading to Confirm your shipping information. Delete the Reset button by selecting it and pressing Delete. Enter user instructions next to the Submit button: Need to make changes? Click your Browser's BACK button (see exhibit 17, page 52). Save the page. We'll return later to this screen to make more changes.

[EXHIBIT 17 OMITTED]

Reopen catalog.asp and click the HTML tab at the bottom of the screen. We'll make two minor changes. First, change <form method="POST" action="--WEBBOT-SELF--"> to <form method=" POST" action="confirm.asp">.

Then delete the short paragraph that refers to the webbot. It is easy to distinguish because the type is light gray, whereas the remainder of the HTML code is usually black, brown or blue. Highlight the light gray text and press Delete. Save it.

Thus far, we have directed FrontPage to collect information in catalog.asp and display it in confirm.asp. Users can go back to make changes to their order or submit it to the database after we finish confirm.asp.

FrontPage has a default confirmation page that will appear automatically. For that reason we will replace it with our own thank-you page. On a new page, enter Thank you for your order. You may want to create a link back to the home page. Save the page as thankyou.htm (see exhibit 18, page 53).

[EXHIBIT 18 OMITTED]