Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

Welcome to the new platform of Programmer's Heaven! We apologize for the inconvenience caused, if you visited us from a broken link of the previous version. The main reason to move to a new platform is to provide more effective and collaborative experience to you all. Please feel free to experience the new platform and use its exciting features. Contact us for any issue that you need to get clarified. We are more than happy to help you.

how to prevent a loop with asp

I have a script on my website that allows me to protect my website so only people who logged into the site are able to see the protected pages. here are my question:

i used a cookie in my login script with the following code

If (not rs.BOF) and (not rs.EOF) then
Response.Cookies("Username") = rs.Fields("User_name")
Response.Write Request.Cookies("url to my protected page")

else
Response.Redirect "http://www.yourwebsite.com/access-denied-page.html"
end if

here is the code for the protected page which calls the check.asp file:



and here is the check.asp file

<%if Request.Cookies("User_name") <> "" then
Response.Redirect ("send them to view the web site")
session("submitted")="false"
else
'send them back to login page
Response.Redirect "Login.htm"
Response.End
end if%>

when i type in a wrong password I have the change to retype the password and when the password id right than i go back to the index.page but as it is password protected i go through the same procedure again.

Comments

  • bagles1bagles1 Posts: 54Member
    Well here is a simple way to get around your dilemma. If you are redirecting or posting back to the same page. Hope this helps.

    <%
    strAction = Request("formaction")

    select case strAction
    case "checklogin"
    call checkLogin
    case else
    call doLogin
    end select

    sub checkLogin()
    ' do login check here
    ' if login is correct then
    ' call success procedure
    ' else
    ' call failure procedure
    ' end if
    call failureProcedure
    end sub

    sub successProcedure() %>


    Login Success

    SUCCESS



    <% end sub

    sub failureProcedure() %>


    Login Failure

    FAILURE



    <% end sub

    sub doLogin()
    %>



    Login Test










    <% end sub %>

    -Bagles1
  • abrauchiabrauchi Posts: 14Member
    Thank you for this explenation. Does this script mean that I can place it into each single page I would like to protect? And all I need to do is placeing my login check in here? Or will i just redirect from this script to the login page? I know I am stupdi. But I am new in the field and I have a hard time to understand the logic in some of the things. I was able to understand the c++ I did. But i don't know why I have such a hard time to understand this stuff........

    : Well here is a simple way to get around your dilemma. If you are redirecting or posting back to the same page. Hope this helps.
    :
    : <%
    : strAction = Request("formaction")
    :
    : select case strAction
    : case "checklogin"
    : call checkLogin
    : case else
    : call doLogin
    : end select
    :
    : sub checkLogin()
    : ' do login check here
    : ' if login is correct then
    : ' call success procedure
    : ' else
    : ' call failure procedure
    : ' end if
    : call failureProcedure
    : end sub
    :
    : sub successProcedure() %>
    :
    :
    : Login Success
    :
    :
    :

    SUCCESS

    :
    :
    : <% end sub
    :
    : sub failureProcedure() %>
    :
    :
    : Login Failure
    :
    :
    :

    FAILURE

    :
    :
    : <% end sub
    :
    : sub doLogin()
    : %>
    :
    :
    :
    : Login Test
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    : <% end sub %>
    :
    : -Bagles1
    :

  • bagles1bagles1 Posts: 54Member
    <%
    ' This script is only inserted on your login page.
    ' I have commented the logic behind this script,
    ' please read below to follow along. If you still
    ' don't understand I will try to explain further.

    ' This is a check to see if the page has been posted
    ' back to. If not it will be empty.
    strAction = Request("formaction")

    ' Here we are checking to see what the value of strAction is
    ' and then call the appropriate procedure. The procedures will
    ' only be "checkLogin" which is where you would check if the
    ' username and password are valid or "doLogin" which displays
    ' the login form.
    select case strAction
    case "checklogin"
    call checkLogin
    case else
    call doLogin
    end select

    ' In this procedure you will be validating the users login
    ' information that was submitted in the form.
    sub checkLogin()
    ' do login check here.
    ' This is where you will query the database and see
    ' if the username and password are correct.
    ' if login is correct then
    ' If you are going to be checking if the user
    ' has successfully logged in on every page after
    ' this one then you might set a simple session variable
    ' here and then call the success procedure. Like this:
    ' Session("isLoggedIn") = "yes"
    ' On every page after this one you will just check to see
    ' if the Session variable = "yes" or not.
    ' call success procedure
    ' else
    ' call failure procedure
    ' end if
    end sub

    ' This procedure would just display information to the user who has
    ' successfully logged in.
    sub successProcedure() %>


    Login Success

    SUCCESS



    <% end sub

    ' This procedure would just display information to the user who has
    ' not successfully logged in.
    sub failureProcedure() %>


    Login Failure

    FAILURE



    <% end sub

    ' Procedure to display the Login form so that the user has the opportunity
    ' to login in to the site.
    sub doLogin()
    %>



    Login Test










    <% end sub %>

    -Bagles1


  • abrauchiabrauchi Posts: 14Member
    Thank you so much for your help i will try it out and see what i can do with it.
Sign In or Register to comment.