hiding the url address

Results 1 to 3 of 3

Thread: hiding the url address

  1. #1
    warble Guest

    Default hiding the url address

    I have a page that can only be gotton to thru a username password page. Problem is once a person is at the page they can print the page and the url address is on the page. How can I prevent the url from being displayed?

  2. #2
    Join Date
    Dec 1969

    Default RE: hiding the url address

    Here is what I did. I declared a session value when they first logged on. From then on, I incuded the pages seesioncheck.asp at the top of all of my pages. Sessioncheck makes sure that the session variable exists, and if it doesn&#039t, sends them back to log in. Here is the code.<BR><BR>&#060;% <BR>&#039this checks to make sure that they have logged in. <BR>&#039If not, they are sent back to log in<BR>nunca=""<BR>submitter=session("submitter")<B R>if submitter=nunca then<BR>Response.Redirect("logon.asp?validate=fals e")<BR>end if<BR>%&#062;

  3. #3
    Pedro Guest

    Default RE: hiding the url address

    That&#039s just the way we do ours :-)<BR><BR>Usually we keep at least two classes of users, so there&#039s a session variable with the username and another session variable with the user role (member, guest, administrator, etc).<BR><BR>At login page, if authentication goes through, you assign the following variables:<BR>&#060;%<BR>Session("username")= strUsername &#039 Or wherever the value comes from...<BR>Session("role")="member" &#039 or admin, etc...<BR>%&#062;<BR><BR>Now, at the top of every page, you put this little piece of code:<BR>&#060;%<BR>if session("username")="" then<BR>session("error_message")="Please login!"<BR>response.redirect "login.asp"<BR>end if<BR>%&#062;<BR>The "error_message" session variable is used in all of our pages. If the session variable is not empty, it prints the message. It saves us on the hassle of sending message strings back and forth.<BR><BR>If the page is both password-protected and role-protected (for example, a site administration page that only certain trusted people can access) you do two checks, first check that the username is not empty, then check that session("role")="admin" or whatever you set it to.<BR><BR>Pedro<BR>http://www.veraperez.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts