Solved

Setting Server Variables--How?

Posted on 2000-04-05
10
332 Views
Last Modified: 2010-08-05
I have a server variable being checked by someone else's code.  It's like this:

If Request.Server("PATH_INFO") <> "login.asp" Then
Response.Redirect("login.asp")
End If

Is there any way for me to set the PATH_INFO variable so that I can fool that line of code into evaluating into true even if the user came from "login.asp" ?
0
Comment
Question by:bsimmons
10 Comments
 
LVL 4

Expert Comment

by:FRehman
ID: 2688633
if you click the hyperlink from login.asp page and come to that page which you disscussed above then you simply use HTTP_REFERER
simply write the code in that page so it tell you from where the request are submitted
response.write request.servervariable("HTTP_REFERER")
0
 
LVL 18

Expert Comment

by:mgfranz
ID: 2688645
How about this;

If Not Request.ServerVariables("PATH_INFO") <> "login.asp" Then
Response.Redirect("login.asp")

I'm not really sure of what you are trying to do... do you not want the user to go to login.asp, or what?  By getting the path info what are you gaining?
0
 

Author Comment

by:bsimmons
ID: 2689796
The code MUST stay as is.  I need to write an ASP that will allow you to do the login in the background.  This code is just something that checks if they came from a page on that server.  The "login.asp" is coincidental.  I just want to know if I can change the Server("PATH_INFO") variable using another ASP.  In other words: can I set Server("PATH_INFO") to equal anything I want it to?
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 18

Expert Comment

by:mgfranz
ID: 2690059
Yes.

Server("PATH_INFO") = TRUE
or
Server("PATH_INFO") = Fred's page

I still don't see the logic behind using PATH_INFO though...
0
 

Author Comment

by:bsimmons
ID: 2690230
Thanks for the insight.  Send me an answer and I'll give you the points.
0
 
LVL 18

Expert Comment

by:mgfranz
ID: 2690353
If you are asking if you can set the variable PATH_INFO before it gets to the vaildation page then the answer is no!  I assume you want to set the variable to something other than login.asp in order to trick the <> Redirect into thinking that you already logged in...  The fact is that besides this beig a malitious act, it is impossible to modify the information being passed to the server as a packet.  The server is going to check the info as required, not as you pass it to the script.  I'm sure there is a way to trick the server into thinking the page info being passed to it is = login.asp, but I'm not going to discuss it.  Especially since you stated that the code MUST remain the same..

This is an act of hacking... please do not ask these types of questions here, we do not condone the malitious acts of hackers.

If this is not a malitious act then explain why you request it.
0
 

Author Comment

by:bsimmons
ID: 2690392
I am the Intranet Applications administrator at Ciena Corporation.  I am far from a hacker, however, yes, I am trying to hack MY SERVER.  The code MUST stay as is because it was written by a contractor we hired to write it.  Our MIS team doesn't want us to change his code, but make add-ons.  Essentially what I am trying to do is make the logon occur on a separate server so that users can log on to multiple secure intranet sights via ONE LOGIN.  I can't do that if his code is checking the packets.  Do you see another way around it?
Feel free to call me to validate existance as a non-hacker: 410-694-8189.
Or email bsimmons@ciena.com
0
 
LVL 1

Expert Comment

by:nunya
ID: 2690592
too bad text inputs have no spell check.
;-)
0
 
LVL 18

Accepted Solution

by:
mgfranz earned 50 total points
ID: 2691102
OK, thanks for clarifying this.  :-)  Now on with the good stuff, I imagine this could be done with a Session property that is passed to the server from another server.  Essentially what you would do is when a user logs in, it will set a session property, (you could use a cookie too), the session values would then be used to pass values to the other server.  I think you could set the PATH_USER property this way.  To make ammendments to the Request.ServerValues("PATH_USER") on the other server is not going to happen, you will need to modify the var path to either remove the "" in the var string to make it call a seperate value var of PATH_USER.

But check on the Session value, this might be the ticket...

And I appologize.
0
 

Author Comment

by:bsimmons
ID: 2691121
Thanks for all the help.  I kinda figured I was stuck with no recourse.  I wanted a second opinion.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question