| Groups | Blog | Home |
inetserver asp general : history -1
If Session("loggedin")<>1 Then
Session("redirect") = Request.ServerVariables("SCRIPT_NAME") Response.Redirect "login.asp" End If Then in the login page, on successful log in: If Session("redirect")<>"" Then redirectpage = Session("redirect") Session("redirect")="" Response.Redirect redirectpage End If -- Mike Brind [quoted text, click to view] Jeff wrote:
> Thanks bob. This is working.. sortof. Here is the delema. > > I have a report page with this at the top > > if session("loggedin")<>1 then response.redirect "login.asp" > > the login script sets the session to 1 if they are logged in, and lets them > view this page. if it isn't 1, then it sends them to the login page. > > the problem is this, when it goes back 2 in history, it skips over that > report page, and goes to the page that I clicked report on. if i set it > to -1, it goes back to the login page. so it is missing the page that > redirected it to begin with. > > am i doing something wrong? > > "Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message > news:%23K8lS30eGHA.4948@TK2MSFTNGP04.phx.gbl... > > Jeff wrote: > >> So there is no way to have on the login page somewhere that says like > >> > >> past = history.go(-2) > >> > >> then have <% response.redirect "&past&"%> > >> > >> or, could i have the login page, after a good login, go to a page > >> that just has the history.go(-3) > > > > I take it back. There is a way to do it in server-side code: write a > > client-side script block to the Response. Air code: > > > > <% > > If successfulLogin then > > response.write "<script type=""text/javascript""> > > response.write "history.go(-2);</script> > > end if > > %> > > > > -- > > Microsoft MVP - ASP/ASP.NET > > Please reply to the newsgroup. This email account is my spam trap so I > > don't check it very often. If you must reply off-line, then remove the > > "NO SPAM" > >
Has to be a client side redirect
At the end of your routine create a javascript function to handle this <% If code works then %> <script> { window.history.go(-2); } </script> <% else end if %> [quoted text, click to view] "Jeff" <gig_bam@adelphia.net> wrote in message news:S8ednRAMsIMGWPDZnZ2dnUVZ_vOdnZ2d@adelphia.com... > I need to make a response.redirect that will take the user back 2 pages > after they login. > > How can i implement this into response.redirect ? > > Thanks > >
I need to make a response.redirect that will take the user back 2 pages
after they login. How can i implement this into response.redirect ? Thanks
[quoted text, click to view]
Jeff wrote: It can't be done without saving the pages in a hidden field. The server > I need to make a response.redirect that will take the user back 2 > pages after they login. > > How can i implement this into response.redirect ? > knows nothing about the client history. -- Microsoft MVP - ASP/ASP.NET Please reply to the newsgroup. This email account is my spam trap so I don't check it very often. If you must reply off-line, then remove the "NO SPAM"
So there is no way to have on the login page somewhere that says like
past = history.go(-2) then have <% response.redirect "&past&"%> or, could i have the login page, after a good login, go to a page that just has the history.go(-3) [quoted text, click to view] "Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message news:%23pmXQd0eGHA.3488@TK2MSFTNGP02.phx.gbl... > Jeff wrote: >> I need to make a response.redirect that will take the user back 2 >> pages after they login. >> >> How can i implement this into response.redirect ? >> > It can't be done without saving the pages in a hidden field. The server > knows nothing about the client history. > > -- > Microsoft MVP - ASP/ASP.NET > Please reply to the newsgroup. This email account is my spam trap so I > don't check it very often. If you must reply off-line, then remove the > "NO SPAM" >
[quoted text, click to view]
Jeff wrote: > So there is no way to have on the login page somewhere that says like > > past = history.go(-2) If this is supposed to be server-side code, then no. The server knows nothing about the client history. See a client-side newsgroup such as m.p.scripting.jscript for help with populating a hidden field on a form with the items in history (perhaps in an xml string, but not required). Server-side code can read the contents of the hidden field and do what needs to be done. -- Microsoft MVP - ASP/ASP.NET Please reply to the newsgroup. This email account is my spam trap so I don't check it very often. If you must reply off-line, then remove the "NO SPAM"
[quoted text, click to view]
Jeff wrote: > So there is no way to have on the login page somewhere that says like > > past = history.go(-2) > > then have <% response.redirect "&past&"%> > > or, could i have the login page, after a good login, go to a page > that just has the history.go(-3) I take it back. There is a way to do it in server-side code: write a client-side script block to the Response. Air code: <% If successfulLogin then response.write "<script type=""text/javascript""> response.write "history.go(-2);</script> end if %> -- Microsoft MVP - ASP/ASP.NET Please reply to the newsgroup. This email account is my spam trap so I don't check it very often. If you must reply off-line, then remove the "NO SPAM"
Thanks bob. This is working.. sortof. Here is the delema.
I have a report page with this at the top if session("loggedin")<>1 then response.redirect "login.asp" the login script sets the session to 1 if they are logged in, and lets them view this page. if it isn't 1, then it sends them to the login page. the problem is this, when it goes back 2 in history, it skips over that report page, and goes to the page that I clicked report on. if i set it to -1, it goes back to the login page. so it is missing the page that redirected it to begin with. am i doing something wrong? [quoted text, click to view] "Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message news:%23K8lS30eGHA.4948@TK2MSFTNGP04.phx.gbl... > Jeff wrote: >> So there is no way to have on the login page somewhere that says like >> >> past = history.go(-2) >> >> then have <% response.redirect "&past&"%> >> >> or, could i have the login page, after a good login, go to a page >> that just has the history.go(-3) > > I take it back. There is a way to do it in server-side code: write a > client-side script block to the Response. Air code: > > <% > If successfulLogin then > response.write "<script type=""text/javascript""> > response.write "history.go(-2);</script> > end if > %> > > -- > Microsoft MVP - ASP/ASP.NET > Please reply to the newsgroup. This email account is my spam trap so I > don't check it very often. If you must reply off-line, then remove the > "NO SPAM" >
[quoted text, click to view]
Jeff wrote: No, that's the problem with using History, which can cause pages to be > Thanks bob. This is working.. sortof. Here is the delema. > > I have a report page with this at the top > > if session("loggedin")<>1 then response.redirect "login.asp" > > the login script sets the session to 1 if they are logged in, and > lets them view this page. if it isn't 1, then it sends them to the > login page. > the problem is this, when it goes back 2 in history, it skips over > that report page, and goes to the page that I clicked report on. if i > set it to -1, it goes back to the login page. so it is missing the page > that > redirected it to begin with. > > am i doing something wrong? > retrieved from the browser cacne rather than being re-requested from the server. You need to rethink what you are doing. At the very least, store the name of the page you need to go back to in a session variable. Consider using Server.Transfer instead of Response.Redirect to prevent pages from being retrieved from the browser cache. if session("loggedin")<>1 then session("PageWhereAuthFailed") = "me.asp" response.redirect "login.asp" end if in login.asp: if SuccessfulLogin then session("loggedin")=1 pageForm = session("PageWhereAuthFailed") session("PageWhereAuthFailed") = "" if len(pageFrom)>0 then Server.Transfer(pageFrom) else 'do the default action end if end if -- Microsoft MVP - ASP/ASP.NET Please reply to the newsgroup. This email account is my spam trap so I don't check it very often. If you must reply off-line, then remove the "NO SPAM"
I tried both of your ways, and they both work perfectly.
I prefer Mike's way, simply because I wouldn't have to change the session("PageWhereAuthFailed") on each page that is protected. You guys are truley the best at what you do, and you help and advice is always appreciated. Thanks Jeff [quoted text, click to view] "Jeff" <gig_bam@adelphia.net> wrote in message news:ZtSdnUAzEYSfRfDZnZ2dnUVZ_t2dnZ2d@adelphia.com... > Thanks bob. This is working.. sortof. Here is the delema. > > I have a report page with this at the top > > if session("loggedin")<>1 then response.redirect "login.asp" > > the login script sets the session to 1 if they are logged in, and lets > them view this page. if it isn't 1, then it sends them to the login page. > > the problem is this, when it goes back 2 in history, it skips over that > report page, and goes to the page that I clicked report on. if i set it > to -1, it goes back to the login page. so it is missing the page that > redirected it to begin with. > > am i doing something wrong? > > "Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message > news:%23K8lS30eGHA.4948@TK2MSFTNGP04.phx.gbl... >> Jeff wrote: >>> So there is no way to have on the login page somewhere that says like >>> >>> past = history.go(-2) >>> >>> then have <% response.redirect "&past&"%> >>> >>> or, could i have the login page, after a good login, go to a page >>> that just has the history.go(-3) >> >> I take it back. There is a way to do it in server-side code: write a >> client-side script block to the Response. Air code: >> >> <% >> If successfulLogin then >> response.write "<script type=""text/javascript""> >> response.write "history.go(-2);</script> >> end if >> %> >> >> -- >> Microsoft MVP - ASP/ASP.NET >> Please reply to the newsgroup. This email account is my spam trap so I >> don't check it very often. If you must reply off-line, then remove the >> "NO SPAM" >> > >
Jeff wrote on 19 mei 2006 in microsoft.public.inetserver.asp.general:
[quoted text, click to view] > hanks bob. This is working.. sortof. Here is the delema. > > I have a report page with this at the top > > if session("loggedin")<>1 then response.redirect "login.asp" > > the login script sets the session to 1 if they are logged in, and lets > them view this page. if it isn't 1, then it sends them to the login > page. > > the problem is this, when it goes back 2 in history, it skips over > that report page, and goes to the page that I clicked report on. if i > set it to -1, it goes back to the login page. so it is missing the > page that redirected it to begin with. > > am i doing something wrong? > I prefer serverside session memory over clienside history: if session("loggedin") <> 1 then session("origin") = request.servervariables("URL") response.redirect "login.asp" end if And a successful login will do: response.redirect session("origin") =========== Another way is to build the login code as an include to every page top: ========= login.include.asp ============= <% if request.form("password") <> "" then do your autentication things and set session("loggedin") to 1 if ok. end if if session("loggedin") <> 1 then %> <html> <form method=post> do the login html form things .... </html> <% response.end end if %> -- Evertjan. The Netherlands.
[quoted text, click to view]
Jeff wrote: > I tried both of your ways, and they both work perfectly. > I prefer Mike's way, simply because I wouldn't have to > change the session("PageWhereAuthFailed") on each page > that is protected. That technique should work fine unless/until you extend your login to span multiple applications, technologies, servers or domains. We built an enterprise-wide session architecture that allows ASP, JSP and ASP.NET to share sessions (authentication as well as variables). We authenticate under SSL against an NDS tree[1], and the individual applications are a mix of SSL and non-SSL, depending on their sensitivity. As you can imagine, this means the session information is kept in a database, rather than on the web servers. The ASP implementation is unsurprisingly the least elegant of the bunch, as well as the most perturbable. We have distilled it to a Server.Execute() call for each protected page. If/when you extend your login and can't figure out how to proceed, post back here and I can probably offer some suggestions based on lessons learned. [1] This could just as easily be against AD. -- Dave Anderson Unsolicited commercial email will be read at a cost of $500 per message. Use of this email address implies consent to these terms.
I will do that. Thanks so much for the help.
Jeff [quoted text, click to view] "Dave Anderson" <GTSPXOESSGOQ@spammotel.com> wrote in message news:eeWX8e4eGHA.1856@TK2MSFTNGP03.phx.gbl... > Jeff wrote: >> I tried both of your ways, and they both work perfectly. >> I prefer Mike's way, simply because I wouldn't have to >> change the session("PageWhereAuthFailed") on each page >> that is protected. > > That technique should work fine unless/until you extend your login to span > multiple applications, technologies, servers or domains. > > We built an enterprise-wide session architecture that allows ASP, JSP and > ASP.NET to share sessions (authentication as well as variables). We > authenticate under SSL against an NDS tree[1], and the individual > applications are a mix of SSL and non-SSL, depending on their sensitivity. > As you can imagine, this means the session information is kept in a > database, rather than on the web servers. > > The ASP implementation is unsurprisingly the least elegant of the bunch, > as well as the most perturbable. We have distilled it to a > Server.Execute() call for each protected page. If/when you extend your > login and can't figure out how to proceed, post back here and I can > probably offer some suggestions based on lessons learned. > > > > [1] This could just as easily be against AD. > > -- > Dave Anderson > > Unsolicited commercial email will be read at a cost of $500 per message. > Use of this email address implies consent to these terms. >
Don't see what you're looking for? Try a search.
|
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
| home · blog · groups | Questions? Comments? Contact the dn |