Re: M$loth messes with our sites (again)

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 55887
interpreted = N
texte = Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  2. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  3. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  4. Re: M$loth messes with our sites (again) 2004/02/03 ( Glenn Busbin 2004)
  5. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  6. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  7. Re: M$loth messes with our sites (again) 2004/02/03 ( "Sal D'Anna" 2004)
  8. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  9. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  10. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  11. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  12. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  13. Re: M$loth messes with our sites (again) ( Rob Marquardt 2004)
  14. M$loth messes with our sites (again) ( John Peacock 2004)
Dan, So, what happens when the USER_NAME and PASS_WORD are valid? On 2/3/04 2:45 PM, "Dan Strong" wrote: > Clint, > > I use this scheme, but I'll be the first to admit that there's probably a > better (more > elegant/effective) way... that said, I've had it in use for about 5 months > now, and as far as I > can tell, it works pretty well. > > Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and > a few [showif]s to > handle the errors. > > --------------------------------- > [!] -- ## Reject if referrer is not Login Page -- [/!] > [hideif [referrer]^http://www.yoursite.com/your_login_page.html] > [redirect your_login_page.html] > [/hideif] > [!] -- ## END Reject if referrer is not Login Page -- [/!] > > [showif [USER_NAME]=] > [redirect your_login_page.html?error=USERNAME_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [showif [PASS_WORD]=] > [redirect your_login_page.html?error=PASSWORD_BLANK[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_USERNAME=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME > ¬Found=NOT_FOUND][/text] > [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] > [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/showif] > > [text show=f]AUTHENTICATED_PASSWORD=[lookup > db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi > eld=PASS_WORD¬Found=NOT_FOUND][/text] > [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] > [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif > [user_name]=]&user_name=[user_name][/hideif]] > [/hideif] > --------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Shopping Cart - prices? (1997) WebCat2.0 [format thousands .0f] no go (1997) carriage returns in data (1997) Separate SSL Server (1997) Sorting error (1997) vars (2000) Netscape v. IE (1997) XML Syntax, Cookies and Variables.... (2004) Virtual hosting and webcatNT (1997) WebCat2 beta 11 - new prefs ... (1997) WebCat2 beta 11 - new prefs ... (1997) WebCat2b15MacPlugin - showing [math] (1997) shipping costs (2000) question: webmerchant connection (1997) Sorting by highest number of matches unique to a field (2003) Unknown exception in WebDNA 4.5.0 (2003) WebCat2b13MacPlugin - [math][date][/math] problem (1997) Setting a null value for reply to address using sendmail... (2001) Problems with [Applescript] (1997) Counting records (2000)