Making a "logged in" home base page. AHH!

Results 1 to 4 of 4

Thread: Making a "logged in" home base page. AHH!

  1. #1
    Ben Kellogg Guest

    Default Making a "logged in" home base page. AHH!

    I have a typical login format: a "post" style html form referring to an ASP "logged in" screen. This ASP page functions as the home base for the "logged in" ASP screens. It passes the necessary variables to the other "logged in" pages by passing variables across querystrings. THe question is how can I refer back to this home base page from these other peripherial pages without ruining security? <BR><BR>A querystring would have to include either the password, or some variable telling the page to bypass the password validation. Both would ruin security.<BR><BR>I don&#039t want to use a form for returning to the page. Help me!

  2. #2
    Join Date
    Dec 1969

    Default RE: Making a

    try using cookies or sessions instead of querystring<BR><BR>j

  3. #3
    Chrace Guest

    Default RE: Making a

    The base page:<BR>If not Session("SuccessfullyLoggedIn") Then<BR>Request("pass") etc etc get from database etc etc validate login and password etc etc<BR>If bValidateIsVeryGoodAndFineAndOk then<BR>Session("SuccessfullyLoggedIn") = true<BR>End If<BR>End If<BR><BR>Bingo! :)<BR><BR>PS:<BR>In the top of any protected page:<BR>If not Session("SuccessfullyLoggedIn") Then<BR>Response.redirect("login.asp")<BR>End If<BR><BR>..removes possibility to call the page directly in the browser.

  4. #4
    Ben Kellogg Guest

    Default RE: Making a

    Thanks a lot, Chrace. I&#039ll start working on that now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts