Wrox Programmer Forums
|
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old November 4th, 2003, 08:33 PM
Friend of Wrox
  
Join Date: Oct 2003
Posts: 336
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to alyeng2000
Default Prevent Access to other Pages
Hi every one,

I need to ask if i could prevent website surfers from showing any page untill he is authenticated from the first page???

i mean if default.asp is the default starting page and if the user hit www.domain.com/otherpage.asp he will not be able to view the page or will be redirected to the home page...

thanks for any help



Ahmed Ali
Software Developer
__________________
Ahmed Ali
Senior Software Developer
 
Old November 4th, 2003, 08:59 PM
Friend of Wrox
  
Join Date: Oct 2003
Posts: 336
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to alyeng2000
Default
i got it fastly!!!!

i used this jscript at the top of the page and it did what i need

<script type="text/javascript" language="JavaScript1.2">
<!--
if (document.referrer.indexOf("DomainName") == -1)
window.location = "http://www.DomainName.com";
//-->
</script>

i am asking if there is a way using ASP?????
any one has a comment.



Ahmed Ali
Software Developer
 
Old November 4th, 2003, 09:20 PM
Friend of Wrox
  
Join Date: Jun 2003
Posts: 596
Thanks: 1
Thanked 3 Times in 3 Posts
Default
Ahmed,
I have not used the method you have illustrated but it looks to me that this will only test what the previous page was.
It will not test that the user has been authenticated, logged on or any other code on default.asp has been executed.
If you wish the user to be logged on to your site I suggest using a session variable to when they successfully log on such as a logonID.
Then test that on your further asp pages.


======================================
They say, best men are moulded out of faults,
And, for the most, become much more the better
For being a little bad.
======================================
 
Old November 4th, 2003, 11:57 PM
Friend of Wrox
  
Join Date: Oct 2003
Posts: 336
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to alyeng2000
Default
thanks rodmcleay,
i asking if using the client side code is secure enough than using ASP
as faster solution.

any comment.

Ahmed Ali
Software Developer
 
Old November 5th, 2003, 10:30 AM
planoie's Avatar
Friend of Wrox
  
Join Date: Aug 2003
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default
Using clientside code is terribly NOT secure. All a user needs to do is shut off JavaScript and the check will fail. Plus as Rod pointed out, you are only testing the referrer of the current page.

Again, Rod has the right suggestion: the easiest way is to test for a session variable status. Save your login state in the session, then test it on all the pages. You could create a function or an include file that does this test and redirects if it fails, and call the function or include the file on every page that needs to validate login state.

Peter
----------------------------------------
Work smarter, not harder.





Similar Threads
Thread Thread Starter Forum Replies Last Post
Access Pages From Sub Domain.. vivek_inos ASP.NET 1.0 and 1.1 Professional 0 December 1st, 2006 01:41 AM
Please Help! Ms Access Data Access Pages Iashia06 Access 0 May 4th, 2006 03:29 PM
Data Access Pages Surfingeurope Access VBA 0 January 30th, 2006 01:01 PM
Access Data Pages mcrichards BOOK: Access 2003 VBA Programmer's Reference 1 May 16th, 2005 07:36 AM
MS Access Pages zmark Access 0 September 21st, 2004 08:31 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.