I have a basic comment page (code below) that I made in Visual Studio 2010 using GridView and FormView. The user fills in the text boxes, the info is put into the database and then inserted into my GridView. I want to password protect the form, so that not only does the person have to enter their name and comment, but they have to supply the correct password.

I know there are many ways to provide some type of password to a page, so any help is much appreciated.

<asp:UpdatePanel ID="UpdatePanel1" runat="server">
<ContentTemplate>

<div id="commentpanel">

   <asp:GridView ID="GridView1" runat="server" CellPadding="4" 
        DataSourceID="SqlDataSource1" ForeColor="#333333" GridLines="None" 
        DataKeyNames="commentor_id" AllowSorting="True" AutoGenerateColumns="False">
        <AlternatingRowStyle BackColor="White" ForeColor="#284775" />
        <Columns>
            <asp:CommandField ShowDeleteButton="True" />
            <asp:BoundField DataField="name" HeaderText="Name" SortExpression="name" />
            <asp:BoundField DataField="comments" HeaderText="Comments" 
                SortExpression="Comments" />
            <asp:BoundField DataField="date" HeaderText="Date" SortExpression="date" />
        </Columns>
        <EditRowStyle BackColor="#999999" />
        <FooterStyle BackColor="#5D7B9D" Font-Bold="True" ForeColor="White" />
        <HeaderStyle BackColor="#5D7B9D" Font-Bold="True" ForeColor="White" />
        <PagerStyle BackColor="#284775" ForeColor="White" HorizontalAlign="Center" />
        <RowStyle BackColor="#F7F6F3" ForeColor="#333333" />
        <SelectedRowStyle BackColor="#E2DED6" Font-Bold="True" ForeColor="#333333" />
        <SortedAscendingCellStyle BackColor="#E9E7E2" />
        <SortedAscendingHeaderStyle BackColor="#506C8C" />
        <SortedDescendingCellStyle BackColor="#FFFDF8" />
        <SortedDescendingHeaderStyle BackColor="#6F8DAE" />
    </asp:GridView>

</div>

<br />
<asp:FormView ID="FormView1" runat="server" DataSourceID="SqlDataSource1" 
        DefaultMode="Insert">
<InsertItemTemplate>
Name: <asp:TextBox ID="txtName" runat="server" Text='<%# Bind("name") %>'></asp:TextBox><br />
Comment (150 characters):<br />
<asp:TextBox ID="txtComments" runat="server" onkeypress="return imposeMaxLength(this, 150);" Text='<%# Bind("comments") %>'
TextMode="MultiLine" Rows="4" Columns="50"></asp:TextBox><br />
<asp:HiddenField ID="hidTimeDate" runat="server" Value='<%# Bind("date") %>' />
<asp:Button ID="butSubmit" runat="server" CommandName="Insert" Text="Submit" />
</InsertItemTemplate>
</asp:FormView>

</ContentTemplate>
</asp:UpdatePanel>

I take users don't have to log in to your site or you wouldn't need to protect the comment box, normal log ins could take care of that.
But all you need to do is add another text field to the page for the user to enter the password and then verify that entered password against the one stored in the database or wherever it hides. They match, comment gets saved.

I take users don't have to log in to your site or you wouldn't need to protect the comment box, normal log ins could take care of that.
But all you need to do is add another text field to the page for the user to enter the password and then verify that entered password against the one stored in the database or wherever it hides. They match, comment gets saved.

That is actually exactly what I want to do, I'm just not sure how to do it.

When the save button is clicked extract the correct password from the database, match it to the entered one and continue with the save procedure if they are the same.
You mention that you save data to the database so you know how to select the password from the database right?

string pwd = tbPassword.Text;  //entered password
SqlConnection conn = new SqlConnection(your connection string);
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandText = "SELECT password from database table"
conn.Open();
string correctPwd = cmd.ExecuteScalar();
conn.Close();
if(pwd.Equals(correctPwd)) {
  continue saving info
} else {
   display error message
}

Sorry if this is a dumb question, but I'm a newbie. Is the code you gave me in your last response the code-behind for the submit button?

Thank you for all your help.

Yep, partly, assuming you have a textbox on the page called tbPassword.text and of course the SQL statement needs to be correct for your table and column names.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.