Author |
Topic |
|
MikeBernardo
Starting Member
Canada
33 Posts |
Posted - 03 July 2001 : 12:56:08
|
Can anyone tell me how I can use Snitz Forums' logon facilities for other pages on my site? I want to protect other pages from being read by unauthenticated users. Isn't it just a matter of including "inc..." asp pages? Or is it a lot more complicated than that?
|
|
Dan Martin
Average Member
USA
528 Posts |
Posted - 03 July 2001 : 15:41:27
|
It's not very hard, but you must have your cookie level set to website, not forum.
It's merely a matter of grabbing cookie data (pretty simple), including the inc_functions.asp, and then passing the cookie data to the ChkUser function. This returns the "level" of the user. 0 = Unauthorized 1 = Author 2 = Normal User 3 = Moderator 4 = Admin
Search for ChkUser in inc_functions. That should clear it up a bit. -Dan
|
|
|
MikeBernardo
Starting Member
Canada
33 Posts |
Posted - 09 July 2001 : 12:51:31
|
I checked the inc_functions.asp page and found the ChkUser function. I guess I'm supposed to call it up from my page. I'm no ASP hard coder. How do I call up the function to check the user's username/password from the page I want. And then how do I grant a user access or prompting for username/password if the check fails? It doesn't look like it's in the inc_functions.asp page. Thanks.
|
|
|
George_Zhu
Starting Member
China
46 Posts |
Posted - 10 July 2001 : 08:59:08
|
If I am not mistaken, you can arrange this in admin area.
[font color=SlateBlue]Learning is all I want[/font] ----------------------- http://www.zhujie.org |
|
|
Dan Martin
Average Member
USA
528 Posts |
Posted - 12 July 2001 : 14:22:24
|
Well, that's an AWFUL broad subject. How do you want to do it?
For starters, any page that requires authentication is going to need includes for /forum/inc_functions.asp and /forum/config.asp
But after that, how you want to implement it is up to you. How do you want to retrieve the username and password? Could be: -Out of the Snitz cookie (cookie level must be set to website) -Out of your own cookie (being logged into Snitz doesn't log you into this application) -Prompt at the beginning of every session, save passwords for duration of the session (no cookies, user gets asked every time he visits for username/password) -Every Visit to a particular page? (
It really depends on which strategy you want. |
|
|
johnacarver
Starting Member
2 Posts |
Posted - 16 July 2001 : 23:21:03
|
I'm interested in this as well. I'd like to set up a password protected website. I'd like to Prompt at the beginning of every session, save passwords for duration of the session (no cookies, user gets asked every time he visits for username/password)
|
|
|
MikeBernardo
Starting Member
Canada
33 Posts |
Posted - 18 July 2001 : 13:50:46
|
Thank you for your responses. So far I have been playing around with the code and it is starting to make some sense. I plan on using cookies as Snitz already does this.
I guess what I'll need to do is to:
1. Include config.asp and inc_functions.asp and copy them to the directory of the pages. ASP doesn't seem to like includes that start with a slash.
2. Call up some kind of function to see if the user is authenticated. From playing around with some files in Snitz from top to bottom, it looks like inc_top.asp is a good candidate for it.
3. Find out what level the user is, and then use "if" statements in my HTML.
For example:
<% if userLevel < 3 then %> Sorry, you cannot view this page. <% else %> Welcome to my top secret website! <% end if %>
Am I on the right track here? Any suggestions, tips, shortcuts?
|
|
|
Dan Martin
Average Member
USA
528 Posts |
Posted - 18 July 2001 : 17:34:27
|
That's the right track....except I would avoid "global if's".
This in my opinion is bad:
if (chk_User(username, password) < 1) then 'Execute some login code else 'put all page code here .... .... end if
I prefer:
If (chk_User(username, password) < 1) then 'Execute some login code Response.End End If
Or replace Response.end with Response.redirect.
Also don't execute the chkUser function within an include. From my experience, variables fall out of scope outside an include. For instance, if you do this inside an include:
userLevel = chk_User(username, password)
And later you rely on userLevel outside the include....it will be null. And since you don't have to Dim in VBScript, you won't even know it.
Edited by - Dan Martin on 18 July 2001 17:35:32 |
|
|
MikeBernardo
Starting Member
Canada
33 Posts |
Posted - 19 July 2001 : 12:45:09
|
Dan,
Thanks for the input. Redirect sounds good. The following if statement you wrote:
"If (chk_User(username, password) < 1) then"
is chk_User(username, password) the actual function to check userlevel?
|
|
|
|
Topic |
|