kousis
asked on
asp-security
If one of the user adds a link of a secured page to his favourite and in the latter time he wants to have a look at the page. As it is a secured page we do not display the page to him instead he gets a login page once the user is authenticated then they have to get back to the page which the user is interested it.
For this I have to get the Address from the address bar and have it, so that I can redirect him.
How Do I get it?
TIA
For this I have to get the Address from the address bar and have it, so that I can redirect him.
How Do I get it?
TIA
no.. you put a security mechanism that redirects him to the login page if he's not logged in (it reads mostly session variable)
Try like this
Creating a login for a section of your web site is fairly easy. First, create a login form (loginForm.asp):
<form action=loginHandler.asp method=post>
Username: <input type=text name='username'><BR>
Password: <input type=password name='password'><BR>
<input type=submit Value='Log In'><BR>
</form>
Next, create a login handler (loginHandler.asp):
<%
'------------------------- ---------- ---------- ---------- --
'-- check to see that the form was completely filled out--
'------------------------- ---------- ---------- ---------- --
if request.form("username")=" " or request.form("password")=" " then
response.redirect("loginFo rm.asp")
end if
'------------------------- ---------- ---------- ---------- --
'-- open your database connection and check for a record--
'------------------------- ---------- ---------- ---------- --
set conn = server.createObject("ADODB .Connectio n")
conn.open "<insert connection string here>"
u = lcase(request.form("userna me"))
p = lcase(request.form("passwo rd"))
sql = "select lin = count(username) from logintable where lower("
sql = sql & "username)='" & u & "' and lower(password)='" & p & "'"
set rs = conn.execute(sql)
'------------------------- ---------- ---------- ---------- -
'-- Decide whether to let them in --
'------------------------- ---------- ---------- ---------- -
if rs("lin")<>1 then
'access Denied
response.redirect ("loginForm.asp")
end if
session("login")=true
response.redirect ("hiThere.asp")
%>
Finally, at the top of each page, you test the session variable that you assigned in the script above:
<%
if not session("login") then
response.redirect("loginFo rm.asp")
end if
%>
rgrds
Creating a login for a section of your web site is fairly easy. First, create a login form (loginForm.asp):
<form action=loginHandler.asp method=post>
Username: <input type=text name='username'><BR>
Password: <input type=password name='password'><BR>
<input type=submit Value='Log In'><BR>
</form>
Next, create a login handler (loginHandler.asp):
<%
'-------------------------
'-- check to see that the form was completely filled out--
'-------------------------
if request.form("username")="
response.redirect("loginFo
end if
'-------------------------
'-- open your database connection and check for a record--
'-------------------------
set conn = server.createObject("ADODB
conn.open "<insert connection string here>"
u = lcase(request.form("userna
p = lcase(request.form("passwo
sql = "select lin = count(username) from logintable where lower("
sql = sql & "username)='" & u & "' and lower(password)='" & p & "'"
set rs = conn.execute(sql)
'-------------------------
'-- Decide whether to let them in --
'-------------------------
if rs("lin")<>1 then
'access Denied
response.redirect ("loginForm.asp")
end if
session("login")=true
response.redirect ("hiThere.asp")
%>
Finally, at the top of each page, you test the session variable that you assigned in the script above:
<%
if not session("login") then
response.redirect("loginFo
end if
%>
rgrds
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Umm.....Silvers5...What happens when a user that has cookies turned off tries to access the site? Session variables ain't goona work.
Well yes.. but remember that only less than 3% of users have cookies off! otherwise he'll need to make it the amazon.com way.. pass query strings or hidden fields values from/to each page.. which is pain in the A** :o) we use cookies and lots of them since by default cookies are enabled and the vast majority of internet users don't know how to disable them.. the pluses of the cookies are more than the minuses
rgrds
rgrds
kousis,
Every question you have ever asked is still open. Please resolve them appropriately as soon as possible. Continued disregard of your open questions will result in the force/acceptance of a comment as an answer; other actions affecting your account may also be taken. I will revisit these questions in approximately seven (7) days.
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11039425
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20177400
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20163586
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20163383
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20134855
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11808378
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20130338
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20108322
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11809519
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20007642
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11857019
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11856898
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11856518
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11781498
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11723119
Thanks,
Netminder
Community Support Moderator
Experts Exchange
Every question you have ever asked is still open. Please resolve them appropriately as soon as possible. Continued disregard of your open questions will result in the force/acceptance of a comment as an answer; other actions affecting your account may also be taken. I will revisit these questions in approximately seven (7) days.
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11039425
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20177400
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20163586
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20163383
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20134855
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11808378
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20130338
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20108322
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11809519
https://www.experts-exchange.com/jsp/qShow.jsp?qid=20007642
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11857019
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11856898
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11856518
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11781498
https://www.experts-exchange.com/jsp/qShow.jsp?qid=11723119
Thanks,
Netminder
Community Support Moderator
Experts Exchange
Force/accepted by
Netminder
Community Support Moderator
Experts Exchange
Netminder
Community Support Moderator
Experts Exchange