Re: M$loth messes with our sites (again)

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 55887
interpreted = N
texte = Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  2. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  3. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  4. Re: M$loth messes with our sites (again) 2004/02/03 ( Glenn Busbin 2004)
  5. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  6. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  7. Re: M$loth messes with our sites (again) 2004/02/03 ( "Sal D'Anna" 2004)
  8. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  9. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  10. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  11. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  12. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  13. Re: M$loth messes with our sites (again) ( Rob Marquardt 2004)
  14. M$loth messes with our sites (again) ( John Peacock 2004)
Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

MacAutorize and T1 (1998) [WebDNA] An actual attempt to get WebDNA and MAMP Pro to work - (2018) no global [username] or [password] displayed ... (1997) New Command prefs ... (1997) Server crash (1997) Price recalc based on quantity (1997) Authenticate (1997) RE: Missing contexts on NT (1997) WebCat2 several catalogs? (1997) [LOOKUP] (1997) What is the default seed for the encrypt context? (2000) Error Type 3 (1999) Problems passing [SKU] with $Replace in 2.0 (1997) Forms (1998) Secure server question (1997) Global replace (2000) WebDNA v6.0 (2004) Tax Laws for Online Sales (2003) [Protect] tag NOT working in 4.01 with Webstar 4.2 ! (2000) Download to disk NOT display in browser (2002)