Re: M$loth messes with our sites (again)

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 55887
interpreted = N
texte = Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  2. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  3. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  4. Re: M$loth messes with our sites (again) 2004/02/03 ( Glenn Busbin 2004)
  5. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  6. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  7. Re: M$loth messes with our sites (again) 2004/02/03 ( "Sal D'Anna" 2004)
  8. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  9. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  10. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  11. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  12. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  13. Re: M$loth messes with our sites (again) ( Rob Marquardt 2004)
  14. M$loth messes with our sites (again) ( John Peacock 2004)
Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Username for Admin Group (1997) WebCatalog losing Data (2001) Some Advise needed (1997) [Fwd: Rotating Banners ... (was LinkExchange)] (1997) docs for WebCatalog2 (1997) [date format] w/in sendmail (1997) can WC render sites out? (1997) WC2b12: Yes, Formulas.db is for real (1997) Serving images from databases (1998) [WebDNA] OT - some girls like guys for their WebDNA (2010) WebCat2 Append problem (B14Macacgi) (1997) taxrate - off by 1 cent (1997) Summing fields (1997) WebCat2b13MacPlugIn - [showif][search][/showif] (1997) [WebDNA] Installation problems for IIS 6 (2010) archived answer how to overwrite [username] and [password] (without authenticate dialog) not working for me. ? (2000) Out of the woodwork (2007) Calendar using WebCatalog? (1997) [WebDNA] feature requests (2008) Multiple download orders of the same product? (1997)