Re: M$loth messes with our sites (again)

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 55889
interpreted = N
texte = Nothing. The page is displayed, you are not redirected and thus, you are 'logged in'. As I said it's primitive, but it works for me :) Consider that i only use this scheme to lock down a single page... not sure it's so hot for 'sessions' and whatnot, but there you go :) -Dan On Tue, 03 Feb 2004 15:28:43 -0600 Clint Davis wrote: >Dan, > >So, what happens when the USER_NAME and PASS_WORD are valid? > > > >On 2/3/04 2:45 PM, "Dan Strong" wrote: > >> Clint, >> >> I use this scheme, but I'll be the first to admit that there's probably a >> better (more >> elegant/effective) way... that said, I've had it in use for about 5 months >> now, and as far as I >> can tell, it works pretty well. >> >> Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and >> a few [showif]s to >> handle the errors. >> >> --------------------------------- >> [!] -- ## Reject if referrer is not Login Page -- [/!] >> [hideif [referrer]^http://www.yoursite.com/your_login_page.html] >> [redirect your_login_page.html] >> [/hideif] >> [!] -- ## END Reject if referrer is not Login Page -- [/!] >> >> [showif [USER_NAME]=] >> [redirect your_login_page.html?error=USERNAME_BLANK[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/showif] >> >> [showif [PASS_WORD]=] >> [redirect your_login_page.html?error=PASSWORD_BLANK[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/showif] >> >> [text show=f]AUTHENTICATED_USERNAME=[lookup >> db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME >> ¬Found=NOT_FOUND][/text] >> [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] >> [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/showif] >> >> [text show=f]AUTHENTICATED_PASSWORD=[lookup >> db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi >> eld=PASS_WORD¬Found=NOT_FOUND][/text] >> [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] >> [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/hideif] >> --------------------------------- > > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------ http://www.StrongGraphicDesign.com http://www.SearchBoise.com ------------------------------------------------------------ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  2. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  3. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  4. Re: M$loth messes with our sites (again) 2004/02/03 ( Glenn Busbin 2004)
  5. Re: M$loth messes with our sites (again) 2004/02/03 ( Clint Davis 2004)
  6. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  7. Re: M$loth messes with our sites (again) 2004/02/03 ( "Sal D'Anna" 2004)
  8. Re: M$loth messes with our sites (again) 2004/02/03 ( Kalin Mintchev 2004)
  9. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  10. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  11. Re: M$loth messes with our sites (again) ( "Dan Strong" 2004)
  12. Re: M$loth messes with our sites (again) ( Clint Davis 2004)
  13. Re: M$loth messes with our sites (again) ( Rob Marquardt 2004)
  14. M$loth messes with our sites (again) ( John Peacock 2004)
Nothing. The page is displayed, you are not redirected and thus, you are 'logged in'. As I said it's primitive, but it works for me :) Consider that i only use this scheme to lock down a single page... not sure it's so hot for 'sessions' and whatnot, but there you go :) -Dan On Tue, 03 Feb 2004 15:28:43 -0600 Clint Davis wrote: >Dan, > >So, what happens when the USER_NAME and PASS_WORD are valid? > > > >On 2/3/04 2:45 PM, "Dan Strong" wrote: > >> Clint, >> >> I use this scheme, but I'll be the first to admit that there's probably a >> better (more >> elegant/effective) way... that said, I've had it in use for about 5 months >> now, and as far as I >> can tell, it works pretty well. >> >> Your_login_page.html has a 2-field form on it ("USER_NAME" & "PASS_WORD"), and >> a few [showif]s to >> handle the errors. >> >> --------------------------------- >> [!] -- ## Reject if referrer is not Login Page -- [/!] >> [hideif [referrer]^http://www.yoursite.com/your_login_page.html] >> [redirect your_login_page.html] >> [/hideif] >> [!] -- ## END Reject if referrer is not Login Page -- [/!] >> >> [showif [USER_NAME]=] >> [redirect your_login_page.html?error=USERNAME_BLANK[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/showif] >> >> [showif [PASS_WORD]=] >> [redirect your_login_page.html?error=PASSWORD_BLANK[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/showif] >> >> [text show=f]AUTHENTICATED_USERNAME=[lookup >> db=your_login.db&lookinfield=USER_NAME&value=[USER_NAME]&returnfield=USER_NAME >> ¬Found=NOT_FOUND][/text] >> [showif [AUTHENTICATED_USERNAME]=NOT_FOUND] >> [redirect your_login_page.html?error=USERNAME_NOTFOUND[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/showif] >> >> [text show=f]AUTHENTICATED_PASSWORD=[lookup >> db=your_login.db&lookinfield=USER_NAME&value=[AUTHENTICATED_USERNAME]&returnfi >> eld=PASS_WORD¬Found=NOT_FOUND][/text] >> [hideif [PASS_WORD]=[AUTHENTICATED_PASSWORD]] >> [redirect your_login_page.html?error=PASSWORD_NOTFOUND[hideif >> [user_name]=]&user_name=[user_name][/hideif]] >> [/hideif] >> --------------------------------- > > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------ http://www.StrongGraphicDesign.com http://www.SearchBoise.com ------------------------------------------------------------ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ "Dan Strong"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Setting up shop (1997) Emailer question (1998) PROBLEM (1997) Getting Crazy (1998) Reminder... (2003) RE: WebCatalog2 for NT Beta Request (1997) Please.. copies of Digest for 7/29 and 7/30? (1997) RE: Questions To Answer (1997) Logging purchases (1997) OT: MacAuthorize (2001) Dreamweaver noedit ??? (2005) OT - FCKeditor (2005) Replace Statement (1997) Different Tax levels (1998) Multiple security dbs (1997) WebCat editing, SiteGuard & SiteEdit (1997) Dual processors? (2000) Navigator 4.01 (1997) multipart (2004) Using [showif] (2000)