This is a discussion on "Extra Login/Admin features" within the Classic ASP section. This forum, and the thread "Extra Login/Admin features are both part of the Program Your Website category.
|
|
|
|
|
 |
||
Extra Login/Admin features
|
||
| Notices |
 |
|
|
LinkBack | Thread Tools |
|
#1
Jul 31st, 2006, 18:29
|
|||
|
|||
Extra Login/Admin features
Hi. Could someone please help me with my login? What I want to do, is in my admin page, where I have all the users details, I want to be able to see when they last logged in, how many times they've logged in, and which user's are currently online? Just so that it can be used for reference, and also as a sort of extra security.
Also, is there any way that I can make the login more secure? At the moment, it only uses Sessions, is there anything else I could do to make it more secure? Thanks in advance, Simon        
|
|
|
|
#2
Aug 2nd, 2006, 17:20
|
|||
|
|||
|
Re: Extra Login/Admin features
So what system are you using? Does it natively track these details? Or does it have to be modified to do so?
So does "it only uses Sessions" means you do not verify any of the data before accepting it? Is the users information stored in a database? Do you place any restrictions on passwords? What do you do if a person losses there password? How do verify that it is really that user that is asking for there lost password? That should do for now. You really left a lot out so I don't know where to begin other than to ask these questions.
|
|
#3
Aug 3rd, 2006, 10:53
|
|||
|
|||
|
Re: Extra Login/Admin features
Ok sorry for leaving so much out.
The user's information is stored in a database, and the session checks their username. I haven't got any restrictions on the passwords. If a person loses their password, then they will have to email me, and I will ask them for their email, name and birthday for example to make sure that it is actually them. Thanks
|
|
#4
Aug 3rd, 2006, 22:04
|
|||
|
|||
|
Re: Extra Login/Admin features
Everytime a session variable is created you can increment a field in the database for that user to count how many times they have logged in. As for the rest well it isn't that simple depending on how you what it done but I find this page and its links to be quite helpful in this department:
http://www.aspfaq.com/show.asp?id=2095 As for making the login more secure well you should restrict the type of characters a user can use in their passwords and usernames to avoid SQL injection (if you don't know about this then I suggest you read up) or errors in your script. Also limiting the minimun number of letters for a password is always good since we all know that the smaller a password the easier it is to break. You should always validate everything a user inputs and test for errors, returning custom error messages. Limiting what a user can input can save you alot of grief later on. You can limit the number of times a user can try inputting erroneas password to protect against brute-force attacks. I suppose it depends on what most practical for the site and how valuelable the information it has is.
|
|
| Tags |
| extra, loginadmin, features |
| Thread Tools | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| what features | Hunter | Hosting & Domains | 12 | Dec 5th, 2007 13:58 |
| Should I include CSS2 features? | jonnymorris | Web Page Design | 18 | Jul 13th, 2007 16:48 |
| More new features planned! | Rob | Announcements and News | 0 | Dec 15th, 2006 22:23 |
| One Log-In Different Features... | courtjester | Classic ASP | 7 | Jul 26th, 2004 19:54 |
| download features | courtjester | Flash & Multimedia Forum | 21 | May 10th, 2004 09:12 |
