Passing variables between sites on a server

Results 1 to 3 of 3

Thread: Passing variables between sites on a server

  1. #1
    Grant Williamson Guest

    Default Passing variables between sites on a server

    I run a webhosting business, and I&#039m planning to implement a WWW based site management console. I&#039ve installed a nice little ASP script that lets users modify their site, upload files etc. which is designed to exist with each website&#039s directory on the webserver(I&#039m running IIS4 on NT btw). So, if a customer&#039s website is "", the site management console is at "".<BR><BR><BR>The problem I&#039m having is the authentication of users. Basically, I want to have a single "login page" on my webhosting homepage ( where a user types in their username and password, a script checks this against a database, finds out what sites they own, and then redirects them to their specific /siteman.asp page.<BR><BR>The problem is, that for the siteman.asp page to be able to tell if they are an authenticated user, it needs to be passed something from the verification script on But I can&#039t figure out how to do this, as both cookies and session variables exist only on a single domain name...if i set:<BR><BR>Session("verified") = "sure is"<BR><BR>at, a user&#039s "" will read that session variable as being empty.<BR><BR>Is there any way, apart from using the "Get" method (ie. request.querystring) to pass variables between scripts on different virtual servers? I don&#039t want to use the GET method, becuase then a hacker could just type, say "" and have access to their site. Using a POST method would be better, but is there any way to "simulate" a POST form from within an ASP script?<BR><BR>Any help from anybody would be much appreciated!<BR><BR>Grant Williamson<BR><BR><BR><BR>

  2. #2
    beefturkey Guest

    Default RE: Passing variables between sites on a server

    have you consider using the response.redirect property?<BR>like..after u check their login info, if they enter the right authenication they redirect to their page based on their login info else redirect them to other warning site saying that login fail. example<BR><BR>if session("verified") = "sure is" then<BR> response.redirect("")<BR>else<BR> response.redirec("")<BR>end if<BR><BR>where the sitemanauthen.asp do another redirect to your client&#039s manage site page. I think if u use the Get method in this file will not show up your client&#039s siteman page.<BR><BR>now if that didn&#039t help, i would suggest to create a siteman.asp file on the fly using "response.write" with html codes<BR><BR>i hope that give you some ideas<BR><BR><BR>

  3. #3
    Join Date
    Dec 1969

    Default I wouldn't do that

    I don&#039t understand Session Variables, so correct me if I&#039m wrong. It looks like your idea would work, but it would be even less secure than the "GET" way he suggested. For instance, someone could just type directly and not have to authenticate at all. <BR><BR>Is there a problem you&#039re running into using POST? I use method="POST" for all my asp pages, then just request.form to get the variables on the other page.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts