Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Access only from main page
- Thread starter Cris
- Start date
set a cookie in the main page and test it via the second page. or test the doument.referrer property. jared@aauser.com -
You can set a cookie like jaredn said, however, I believe it works better to put in an include file. Make an .asp page that checks for a member flag, first set it in the loginDone.asp...
<%
' LoginDone.asp - to verify the user's name and password.
' Once checked, and validated, set a session variable
' called memberFlag to true, then check for it in all your
' pages. Example...
dim uID, uPW, sql
uID = request.form("usersID"
uPW = request.form("usersPW"
sql = "select userID, userPW, userFname, userLname FROM userTable WHERE (((userTable.userID)='" & uID & "') And ((userTable.userPW)='" & uPW & "'));"
' open db connection and recordset connection here where
' rs = recordset
if not rs.eof then
session("userID" = rs("userID"
session("userPW" = rs("userPW"
session("userFirst" = rs("userFname"
session("userLast" = rs("userLname"
'And here you set the memberFlag
session("memberFlag" = True
response.redirect("afterLogin.asp"
else
session("memberFlag" = False
response.redirect("noAccess.asp"
End If
' End recordset and connection
%>
'Now create another page, for access verifying
<%
'checkAccess.asp
if session("memberFlag" not true then
session.abandon
response.redirect("noAccess.asp"
End if
%>
Now, the only other thing you need to do is include the page you just made.
------------somePage1.asp--------------------------
<!-- #include file="checkAccess.asp" -->
<%
dim i, j, old
etc,
etc,
etc,
'this is your page after you login, and every other page.
%>
Now when someone types in a URL for " it redirects them to 'noAccess.asp' because they never had their session variable "memberFlag"(which you can obviously call any name since it is a variable!)...set to true.
any q's, email me at jimbob550@hotmail.com
Jim
<%
' LoginDone.asp - to verify the user's name and password.
' Once checked, and validated, set a session variable
' called memberFlag to true, then check for it in all your
' pages. Example...
dim uID, uPW, sql
uID = request.form("usersID"
uPW = request.form("usersPW"
sql = "select userID, userPW, userFname, userLname FROM userTable WHERE (((userTable.userID)='" & uID & "') And ((userTable.userPW)='" & uPW & "'));"
' open db connection and recordset connection here where
' rs = recordset
if not rs.eof then
session("userID"
= rs("userID"session("userPW"
= rs("userPW"session("userFirst"
= rs("userFname"session("userLast"
= rs("userLname"'And here you set the memberFlag
session("memberFlag"
= Trueresponse.redirect("afterLogin.asp"
else
session("memberFlag"
= Falseresponse.redirect("noAccess.asp"
End If
' End recordset and connection
%>
'Now create another page, for access verifying
<%
'checkAccess.asp
if session("memberFlag"
not true thensession.abandon
response.redirect("noAccess.asp"
End if
%>
Now, the only other thing you need to do is include the page you just made.
------------somePage1.asp--------------------------
<!-- #include file="checkAccess.asp" -->
<%
dim i, j, old
etc,
etc,
etc,
'this is your page after you login, and every other page.
%>
Now when someone types in a URL for " it redirects them to 'noAccess.asp' because they never had their session variable "memberFlag"(which you can obviously call any name since it is a variable!)...set to true.
any q's, email me at jimbob550@hotmail.com
Jim
- Thread starter
- #4
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question