B
Bobby Edward
I am creating a simple website with a login page and some "admin only"
pages.
In my login page's submit button I just say if the "password is correct"
then...
session("IsAdmin") = True
In my admin only pages I check if session("IsAdmin") = True
If it's NOT then I redirect them to the login.aspx page.
Is this solution pretty solid, or is it easy to hack? I keep the password
in the web.config appsettings section so it's easy to change.
I know I could use Membership stuff, but I'm just doing a simple, quick
website.
Your thoughts are appreciated!
pages.
In my login page's submit button I just say if the "password is correct"
then...
session("IsAdmin") = True
In my admin only pages I check if session("IsAdmin") = True
If it's NOT then I redirect them to the login.aspx page.
Is this solution pretty solid, or is it easy to hack? I keep the password
in the web.config appsettings section so it's easy to change.
I know I could use Membership stuff, but I'm just doing a simple, quick
website.
Your thoughts are appreciated!