Hi,

The user will be prompted for their User Name and ProjectID to access to the Administration module. The select list will be displayed base on their projectID, for instances:
<%If Session("projectID") = "project1a" Then%>
<option value="document1">Doc 1</option>
<option value="document2">Doc 2</option>
<option value="document3">Doc 3</option>
<option value="document4">Doc 4</option>
<%End If%>

<%If Session("projectID") = "project1b" Then%>
<option value="document5">Doc 5</option>
<option value="document6">Doc 6</option>
<option value="document7">Doc 7</option>
<option value="document8">Doc 8</option>
<%End If%>

Due to there are many projects with different documents which only allow to view or edit by certain users, so I have to set the user permission. Below is my database.

UserName ProjectID
Ivy project1a
cristine project1a
Amy project1b
Micheal project1c
--
--
--

for the user to access to the module they are request to enter their username and projectID,and the projectID later will be saved in Session("projectID").

My concern is that, can't it be no secure since I need to hard code the projectID in my asp page???
if other people be a ble to access my pc and view the code, then the data might be no secure.

Please advice!

then u can try to insert the relationship of "doc 1~ doc 9...." and "project1a,..." into database, when user login to the system then u can check the relation and retrieve the data from database.

and if u let people use ur PC then there is no more secure if u r not keep ur source code properly, like bank allow ppl go into their money save room. at least u hire a guard!! :)

Thanks:)