Re: M$loth messes with our sites (again)

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 55887
interpreted = N
texte = Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  2. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  3. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  4. Re: M$loth messes with our sites (again) 2004/02/03 ( Glenn Busbin 2004)
  5. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  6. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  7. Re: M$loth messes with our sites (again) 2004/02/03 ( "Sal D'Anna" 2004)
  8. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  9. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  10. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  11. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  12. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  13. Re: M$loth messes with our sites (again) ( Rob Marquardt 2004)
  14. M$loth messes with our sites (again) ( John Peacock 2004)
Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Comments in db? (1997) Running _every_ page through WebCat ? (1997) Where is f2? (1997) Fufillment e-mail? (1998) WebCat2 beta FTP site (1997) Date search and sendmail (1997) Netscape 3.01 can't see db in form (1997) redirect with frames (1997) Passing Cart variable to subdirectory files? (1997) autocommit problem (1998) WebCatalog for guestbook ? (1997) Listserver problem (1997) WebDNA FAQ or FAQs -- was "weird problem" (2004) RAM variables (1997) Beta 18 (1997) WebDNA 4.5 upgrade? (2002) Mine Headers for E-mail (1998) WebCat2b13 Mac plugin - [sendmail] and checkboxes (1997) Search in 2 or more catalogs (1997) Search bug. Help (2002)