Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

check to see if a session variable is valid (enduser loged in)

Status
Not open for further replies.
specialist

specialist

Programmer
Sep 7, 2001
50
US
Hello!
A very easy answer, but...
I really have been beating my head against the wall trying to figure this out but for the life of me i cannot!

Here is the deal:

I have an intranet application which requires endusers to login with their username and password. the username and pword are session variables defined in a form then being checked against a table in a sql2k db. Fair enough, I have that working fine! One point for me.
HOWEVER

I would like to check for the username and password variables if the enduser clicks on the link w/o going thru the form. For example -- if the end user had the page bookmarked, I would like the enduser to be re-directed to the login page if the username and password variables are not there. OR, if someone does not have a user/pass and is not allowed in there, I do not want them to be able to type the full URL and access the page.

VERY EASY for YOU, but not for me.

Please help if you can, thank you...

Mike
 
Sort by date Sort by votes
Add this code to all pages you want secured:

Code: 
<%
IF (isEmpty(Session("Username") OR isEmpty(Session("Password")) THEN
   Response.redirect("login_page.asp")
END IF
%>

This will see if the session variables are empty, and then redirect to your login page ("login_page.asp" in this example)if they're not set.

As an added bonus, I would "remember" the URL the user was trying to access in the login form, so you can redirect the user to it once they've successfully logged in. You can do this with a hidden variable in the login form:

Code: 
<input type="hidden" name="Referrer" value="<%=Request.ServerVariables("HTTP_REFERER")%>">

After that, check for a successful login and redirect back to the original URL with:

Code: 
Response.Redirect(Request.Form("Referrer"))

Misty

 
Upvote 0 Downvote
Also you can put the script that you want to include on ever page into an INCLUDE file. That way, if the script ever changes, you only have to change it in one place.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

leifoet
  • Locked
  • Question
How to check if a datatable is empty ?
Replies
0
Views
181
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
READ TEXT FILE BASED ON VARIABLE 1
Replies
2
Views
179
guitarzan
guitarzan
penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
166
penguinspeaks
penguinspeaks
leifoet
  • Locked
  • Question
Wrong code in a href ?
Replies
1
Views
168
leifoet
leifoet
leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
237
leifoet
leifoet

Part and Inventory Search

Sponsor

Back
Top