Results 1 to 3 of 3

Thread: Security

  1. #1
    Picachoo Guest

    Default Security

    How do i make sure a user has to login before he access any other pages(even if he types in the URL).<BR><BR>I know how to do it with sessin variables. Is there a way to do it without session variables?

  2. #2
    Heaven's Martini Guest

    Default RE: Security

    sure<BR><BR>cookie.<BR><BR>or you can use request.servervariables("http_referer")<BR><BR>and test if the domain is yours.<BR><BR>or you could pass a field from form to form.<BR><BR>or a querystring.

  3. #3
    Egoz.ORG Guest

    Default Cookie & Tests

    &nbsp;<BR>Using some entry page (e.g., default.asp), establish the user&#039;s identity. Then send the user off to some sub-page (e.g., base.asp). In all subsequent sub-pages include some initial code at the top to test whether an identity has been established.<BR><BR>In low-volume web-app&#039;s i&#039;d use a Session("strIdentity") type of variable, mostly cause it&#039;s cleaner and less of a security risk than cookies. On mid/high volume webapp&#039;s write the established identity (preferably some reverse resolvable code) to a cookie, and have the test resolve this code as being legitimate or not.<BR><BR>.rob

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts