Setting Server Variables--How?

Posted on 2000-04-05
Last Modified: 2010-08-05
I have a server variable being checked by someone else's code.  It's like this:

If Request.Server("PATH_INFO") <> "login.asp" Then
End If

Is there any way for me to set the PATH_INFO variable so that I can fool that line of code into evaluating into true even if the user came from "login.asp" ?
Question by:bsimmons
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 2688633
if you click the hyperlink from login.asp page and come to that page which you disscussed above then you simply use HTTP_REFERER
simply write the code in that page so it tell you from where the request are submitted
response.write request.servervariable("HTTP_REFERER")
LVL 18

Expert Comment

ID: 2688645
How about this;

If Not Request.ServerVariables("PATH_INFO") <> "login.asp" Then

I'm not really sure of what you are trying to do... do you not want the user to go to login.asp, or what?  By getting the path info what are you gaining?

Author Comment

ID: 2689796
The code MUST stay as is.  I need to write an ASP that will allow you to do the login in the background.  This code is just something that checks if they came from a page on that server.  The "login.asp" is coincidental.  I just want to know if I can change the Server("PATH_INFO") variable using another ASP.  In other words: can I set Server("PATH_INFO") to equal anything I want it to?
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

LVL 18

Expert Comment

ID: 2690059

Server("PATH_INFO") = TRUE
Server("PATH_INFO") = Fred's page

I still don't see the logic behind using PATH_INFO though...

Author Comment

ID: 2690230
Thanks for the insight.  Send me an answer and I'll give you the points.
LVL 18

Expert Comment

ID: 2690353
If you are asking if you can set the variable PATH_INFO before it gets to the vaildation page then the answer is no!  I assume you want to set the variable to something other than login.asp in order to trick the <> Redirect into thinking that you already logged in...  The fact is that besides this beig a malitious act, it is impossible to modify the information being passed to the server as a packet.  The server is going to check the info as required, not as you pass it to the script.  I'm sure there is a way to trick the server into thinking the page info being passed to it is = login.asp, but I'm not going to discuss it.  Especially since you stated that the code MUST remain the same..

This is an act of hacking... please do not ask these types of questions here, we do not condone the malitious acts of hackers.

If this is not a malitious act then explain why you request it.

Author Comment

ID: 2690392
I am the Intranet Applications administrator at Ciena Corporation.  I am far from a hacker, however, yes, I am trying to hack MY SERVER.  The code MUST stay as is because it was written by a contractor we hired to write it.  Our MIS team doesn't want us to change his code, but make add-ons.  Essentially what I am trying to do is make the logon occur on a separate server so that users can log on to multiple secure intranet sights via ONE LOGIN.  I can't do that if his code is checking the packets.  Do you see another way around it?
Feel free to call me to validate existance as a non-hacker: 410-694-8189.
Or email

Expert Comment

ID: 2690592
too bad text inputs have no spell check.
LVL 18

Accepted Solution

mgfranz earned 50 total points
ID: 2691102
OK, thanks for clarifying this.  :-)  Now on with the good stuff, I imagine this could be done with a Session property that is passed to the server from another server.  Essentially what you would do is when a user logs in, it will set a session property, (you could use a cookie too), the session values would then be used to pass values to the other server.  I think you could set the PATH_USER property this way.  To make ammendments to the Request.ServerValues("PATH_USER") on the other server is not going to happen, you will need to modify the var path to either remove the "" in the var string to make it call a seperate value var of PATH_USER.

But check on the Session value, this might be the ticket...

And I appologize.

Author Comment

ID: 2691121
Thanks for all the help.  I kinda figured I was stuck with no recourse.  I wanted a second opinion.

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Adjust an existing ASP Query 45 28
ASP Classic - Read XML File inner content 10 73
SQL help please 15 36
Get Pop-Up Or Div Info Box From JQuery DataTable Cell in ASP 7 35
I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question