Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Not allowing URL in browser

Status
Not open for further replies.
johnpayback

johnpayback

IS-IT--Management
Oct 2, 2006
110
US
I have a page where I select an item each month. One I select this item is is good for the whole month. The issue is that if someone just retypes in the URL in the browser they can change my results. I do make it so the button can only be clicked one time and then it disables but they still have the ability to type in the URL in the browser. What method or code can I use to not allow the user to just re-type in the URL for the link that my button points to so that my results do not change?

JP
 
Sort by date Sort by votes
Hiya

Rather than using an image with a link to set the page via the querystring, try using a form to POST the required variables to the page instead. This way the url will always be the same and the only way to force different results would be to recreate a form that posts another variable to the page. Not foolproof, but better.

Nick (Webmaster)

 
Upvote 0 Downvote
I also thought about doing a Server.Transfer ("default.asp") and this works but instead of displaying the default.asp URL in the browser window it displays the asp page from the randomly generated number asp page. A little odd but it would work if I could get around that. I've also thought about the code below written in javascript. Haven't tried it yet though.

Code: 
    Sub JavaRedirect (strURL)
    'Response.Write "redirect to:" & strURL
    %>
    <SCRIPT language="JavaScript">
    <!--
    window.location.href = 
    '<%=URL%>';
    //-->
    </SCRIPT>
    <%
    End Sub
 
Upvote 0 Downvote
If you do it in client-side script the user can always do "View Source" and find the URL... either that or fish it out of the cache.
 
Upvote 0 Downvote
What if I rename the file each time the script is ran and then rename it back to .asp when the button to the script is re-enabled? Is that plausible/feasible/correct way? Thank you for the input. I believe I have some really good ideas on how to perform this task.

JP
 
Upvote 0 Downvote
Why not change your ASP to that it does not run more than once per month?

Like maybe at the top of the script you coulc read a file or database where a timestamp is stored and then compare that timestamp with the current system time... and then use the DateDiff function to determine if a month has passed between the two dates and if not halt the execution.
 
Upvote 0 Downvote
Will that work if all of my users are in different time zones? If so, what would be the best way to adjust for the timezones?

JP
 
Upvote 0 Downvote
Don't use the time from the client's machine, just the time on the server.
 
Upvote 0 Downvote
Ahh...I can do that. I was thinking of displaying the time the script was ran on the default page but I can just state that it is the timezone of the server. Thank you very much. I'll give this a whirl.

JP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

leifoet
  • Locked
  • Question
Wrong code in a href ?
Replies
1
Views
194
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
iis woos (not displaying pages correctly)
Replies
1
Views
185
penguinspeaks
penguinspeaks
leifoet
  • Locked
  • Question
How to combine A HREF with URL
Replies
1
Views
96
leifoet
leifoet
Swi
  • Locked
  • Question
PDF Interrogation
Replies
0
Views
110
Swi
Swi
penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
185
penguinspeaks
penguinspeaks

Part and Inventory Search

Sponsor

Back
Top