how to control the right of html accessing

Ask a Question related to ASP Database, Design and Development.

  1. Kris Eiben #1

    Default Re: how to control the right of html accessing

    Use asp or jsp for ALL pages you want to protect, so you can include
    server-side code. Then, at the top of every restricted page, check to
    make sure the user has access to the page -- and if not, redirect to a
    "sorry, you need to log in" page. That way, if the user's not logged
    in, he will never see the content of the page even if he has bookmarked
    the URL.

    An example using session variables, assuming all users with rights can
    see all pages:
    1) Store the user's ID in a session variable when he first logs in
    Session("userID") = whatever
    2) On the top of each page:
    ' set up connection
    SQL = "Select userID from user_rights where userID = " &
    Session("userID")
    set rs = conn.Execute(SQL)
    if rs.EOF then
    ' clean up recordset and connection
    response.redirect "YouNeedToLogin.asp"
    end if
    'rest of page goes here

    You could improve this login procedure by sending a querystring variable
    to the YouNeedToLogin page, so that when the user logs in you can return
    him to the page he was trying to access.

    "jack" <fei_ying@21cn.com> wrote in message
    news:08cc01c34503$d7435b40$a301280a@phx.gbl...
    > i have a task as following:
    > some body has right to access an html page,some body has
    > no right,these right information
    >
    > are in database...sounds simple,get information from
    > database,verify if the user has that
    >
    > right,then go to that page or not go to.......but if i
    > programme on server using asp or
    >
    > jsp,at the end ,i need to use the url where is the place
    > of that html,so user ALWAYS can
    >
    > input that url directly into the browser to access that
    > html,that 's the question....anybody
    >
    > can help me????

    Kris Eiben Guest
    Reply With Quote Reply With Quote

    2. Similar Questions and Discussions

    1. Accessing swf or javascript in different html
      Hi, From my understanding, the swf instance can communicate with other swf instance through the LocalConnection class. Also, the flex application...
    2. accessing html fields
      I have an input field defined outside the <form> area. Its a simple html text input that is used to enter the number of hours. <input...
    3. How do I get a custom Control Designer to write to the HTML of my control?
      I have created a custom 'Control Designer' that provids a popup dialog for entering more complex properties (such as property builder in the data...
    4. Accessing values of one customer Control from another custom control
      Hi All, I am a newbie in creating ASP.NET custom controls. I have created one custom control say X.ascx for getting the location of the user like...
    5. how to control the right of accessing html
      i have a task as following: some body has right to access an html page,some body has no right,these right information are in database...sounds...
  2. jack #2

    Default Re: how to control the right of html accessing

    >-----Original Message-----
    >Use asp or jsp for ALL pages you want to protect, so you
    can include
    >server-side code. Then, at the top of every restricted
    page, check to
    >make sure the user has access to the page -- and if not,
    redirect to a
    >"sorry, you need to log in" page. That way, if the
    user's not logged
    >in, he will never see the content of the page even if he
    has bookmarked
    >the URL.
    >
    >An example using session variables, assuming all users
    with rights can
    >see all pages:
    >1) Store the user's ID in a session variable when he
    first logs in
    > Session("userID") = whatever
    >2) On the top of each page:
    > ' set up connection
    > SQL = "Select userID from user_rights where
    userID = " &
    >Session("userID")
    > set rs = conn.Execute(SQL)
    > if rs.EOF then
    > ' clean up recordset and connection
    > response.redirect "YouNeedToLogin.asp"
    > end if
    > 'rest of page goes here
    >
    >You could improve this login procedure by sending a
    querystring variable
    >to the YouNeedToLogin page, so that when the user logs in
    you can return
    >him to the page he was trying to access.
    >
    >"jack" <fei_ying@21cn.com> wrote in message
    >news:08cc01c34503$d7435b40$a301280a@phx.gbl...
    >> i have a task as following:
    >> some body has right to access an html page,some body has
    >> no right,these right information
    >>
    >> are in database...sounds simple,get information from
    >> database,verify if the user has that
    >>
    >> right,then go to that page or not go to.......but if i
    >> programme on server using asp or
    >>
    >> jsp,at the end ,i need to use the url where is the place
    >> of that html,so user ALWAYS can
    >>
    >> input that url directly into the browser to access that
    >> html,that 's the question....anybody
    >>
    >> can help me????
    >
    >
    >.
    >
    jack Guest
    Reply With Quote Reply With Quote
  3. jack #3

    Default Re: how to control the right of html accessing

    thank you ,very much
    >-----Original Message-----
    >Use asp or jsp for ALL pages you want to protect, so you
    can include
    >server-side code. Then, at the top of every restricted
    page, check to
    >make sure the user has access to the page -- and if not,
    redirect to a
    >"sorry, you need to log in" page. That way, if the
    user's not logged
    >in, he will never see the content of the page even if he
    has bookmarked
    >the URL.
    >
    >An example using session variables, assuming all users
    with rights can
    >see all pages:
    >1) Store the user's ID in a session variable when he
    first logs in
    > Session("userID") = whatever
    >2) On the top of each page:
    > ' set up connection
    > SQL = "Select userID from user_rights where
    userID = " &
    >Session("userID")
    > set rs = conn.Execute(SQL)
    > if rs.EOF then
    > ' clean up recordset and connection
    > response.redirect "YouNeedToLogin.asp"
    > end if
    > 'rest of page goes here
    >
    >You could improve this login procedure by sending a
    querystring variable
    >to the YouNeedToLogin page, so that when the user logs in
    you can return
    >him to the page he was trying to access.
    >
    >"jack" <fei_ying@21cn.com> wrote in message
    >news:08cc01c34503$d7435b40$a301280a@phx.gbl...
    >> i have a task as following:
    >> some body has right to access an html page,some body has
    >> no right,these right information
    >>
    >> are in database...sounds simple,get information from
    >> database,verify if the user has that
    >>
    >> right,then go to that page or not go to.......but if i
    >> programme on server using asp or
    >>
    >> jsp,at the end ,i need to use the url where is the place
    >> of that html,so user ALWAYS can
    >>
    >> input that url directly into the browser to access that
    >> html,that 's the question....anybody
    >>
    >> can help me????
    >
    >
    >.
    >
    jack Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139