Solved

ASP URL

Posted on 2014-10-01
13
175 Views
Last Modified: 2014-10-13
Greeting,

I have an login.asp which doing LDAP authentication before redirect the users to an form. Now I want to add an exception. that is if the user was on a paticulaer URL then go to the login.asp if will bypass the LDAP authentication.

Please provide sample code.

Thanks.
0
Comment
Question by:mrong
  • 7
  • 5
13 Comments
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354782
What is the url you want to check?
0
 

Author Comment

by:mrong
ID: 40354796
sample URL like  http://www.yahoo.com/user/file/mypath
the 'mypath' part could be different.

Thanks.
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354820
You can try something like this:

If InStr(Request.ServerVariables("URL"), "mypath)  > 0 then
      '-- condition met, proceed
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354827
Missing a quote

If InStr(Request.ServerVariables("URL"), "mypath" )  > 0 then
      '-- condition met, proceed
0
 

Author Comment

by:mrong
ID: 40354837
what should I put for "mypath" ? it could be different.
Thanks.
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354854
What do you want it to equal in order for authentication to occur?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:mrong
ID: 40354861
if the beginning of previous URL is  http://www.yahoo.com/user/file
then redirect
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354892
Then try using this code

If Request.ServerVariables("SERVER_NAME") = "www.yahoo.com/user/file" then
       Do redirect
0
 

Author Comment

by:mrong
ID: 40354893
Below is what I am using. will the Session variables being carried after redirected?

  If InStr(Request.ServerVariables("URL"), "http://www.yahoo.com/user/file " )  > 0 then
    Session("username") = "UsersRedirected"
   Response.Redirect "http://mysite/form.asp"
  End if
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354930
your session variable will be carried over. try this for code:

 If Right( Request.ServerVariables("URL"), 9 ) = "user/file" then
    Session("username") = "UsersRedirected"
   Response.Redirect "http://mysite/form.asp"
  End if

Open in new window

0
 

Author Comment

by:mrong
ID: 40355101
Big_Monty,

Both
If InStr(Request.ServerVariables("URL"), "mypath" )  > 0 then
and
 If Right( Request.ServerVariables("URL"), 9 ) = "user/file" then
not working right.

Thanks.
0
 
LVL 32

Accepted Solution

by:
Big Monty earned 500 total points
ID: 40355633
ok i mis-read your question originally, you want to get where the user was coming from, not the current page. to do that, you have to do something like:

dim page
page = Request.ServerVariables("http_referer")
page = Mid( page, InStr( page, "/" ), Len( page ) )    '-- removes domain name from page name

 If page = "/user/file" then
      '-- no additional folder names in path
else
      '-- came from /user/file/myPath
end if

Open in new window


if the statement

If page = "/user/file" then

doesn't work, try doing a response.write of the page variable to see what it displays
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 40357542
The referring page can be spoofed.   I would add on to what Big Monty has shown you by adding an encrypted cookie or session variable to the page you want to test for.

On your /user/file page, towards the bottom of any asp code, add something like
session("lastpage")="/user/file"

Open in new window

Then on the page you want to test for, at the top of the page
IF session("lastpage")="/user/file" THEN
     'flag something good
     ELSE
     'flag something bad
END IF
session("lastpage")="myNewPage"

Open in new window


There are many options here.  The only downside to this method is if you have high traffic and your worker process resets (rare, but happens), you loose your session.  The other option is setting an encrypted cookie.  You can simply use response.cookies("lastpage") = "something" http://www.w3schools.com/asp/asp_cookies.asp but that is about as handy as using a querystring.  You would want to encrypt "something".   Using the session is going to be easier.

I use a similar function and use an include file on every page for the code to set the named page name.

Good luck!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

When it comes to writing scripts for a Client/Server computing environment it is essential to consider some way of enabling the authentication functionality within a script. This sort of consideration mainly comes into the picture when we are dealin…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
This video discusses moving either the default database or any database to a new volume.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now