Re: M$loth messes with our sites (again)

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 55887
interpreted = N
texte = Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  2. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  3. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  4. Re: M$loth messes with our sites (again) 2004/02/03 ( Glenn Busbin 2004)
  5. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  6. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  7. Re: M$loth messes with our sites (again) 2004/02/03 ( "Sal D'Anna" 2004)
  8. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  9. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  10. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  11. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  12. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  13. Re: M$loth messes with our sites (again) ( Rob Marquardt 2004)
  14. M$loth messes with our sites (again) ( John Peacock 2004)
Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

search results not sorted with 'cl' (1998) Most Efficiant Way to do restricted Areas (1997) Price + Texte (1999) Comments in db? (1997) The address of this list has changed to WebCatalog-Beta@talk.smit (2000) maximu values for sendmail! (1997) [WebDNA] Authorize.net and [tcpconnect] (2016) FireSite and PIXO (1998) Virtual hosting and webcatNT (1997) MacAuthorize Hub/Client and program linking (1997) Fun with Dates - finally resolved but.... (1997) Looking for hosting provider (2007) Grant, please help me ... (1997) ImageMagick on OSX (2003) Running _every_ page through WebCat ? (1997) Emailer port change (1997) Re:[off] Promotions Co? (1997) Reversed words (1997) Re[2]: Using [Include] Context (1999) Date search - yes or no (1997)