Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/O Code)
 Avoid re-entering username at admin login?		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

gelliott
Junior Member

USA
268 Posts
Posted - 15 May 2003 :  13:02:55  Show Profile
I was thinking about modifying my forum to save me re-entering my admin member name at each of the Admin-level logins. If I am already logged in as an admin to the main forum, the admin login ought to fill-in my username for me and only prompt me for my password. I am proposing the below changes - does anyone see a security flaw in my approach? Is there a reason why this hasn't already been done? Thanks in advance for your comments...

Prior to Line 102 in admin_login.asp:

UserNameValue = ""
if (mlev <> 0) then
   if strAuthType = "nt" then
      UserNameValue = Session(strCookieURL & "username")
   else 
      if strAuthType = "db" then 
         UserNameValue = ChkString(strDBNTUserName, "display")
      end if 
   end if 
end if

Add the red code to the middle of Line 113:

... <input type=""text"" name=""Name"" value=""" & UserNameValue & """ style=""width:150px;""> ...
* The optimist says the cup is half full. The pessimist says it's half empty. But the engineer knows the truth - the cup's design is incorrectly sized.

gelliott
Junior Member

USA
268 Posts
Posted - 22 May 2003 :  13:05:32  Show Profile
In the absence of any feedback, I've proceeded with this change. It's quite handy, and does not interfere with the password validation, so it should not be a security risk. The above code was for Snitz v3.4.03, for anyone who tries this modification later.
* The optimist says the cup is half full. The pessimist says it's half empty. But the engineer knows the truth - the cup's design is incorrectly sized.
Go to Top of Page

OneWayMule
Dev. Team Member & Support Moderator

Austria
4969 Posts
Posted - 22 May 2003 :  13:22:18  Show Profile  Visit OneWayMule's Homepage  Send OneWayMule an ICQ Message
gelliott, I use this code and really like it.

But I've made the following modification:

UserNameValue = ""
if (mlev = 4) then
   if strAuthType = "nt" then
      UserNameValue = Session(strCookieURL & "username")
   else 
      if strAuthType = "db" then 
         UserNameValue = ChkString(strDBNTUserName, "display")
      end if 
   end if 
end if


And I've done the modifications in admin_login_short.asp too.
My MODs:
Birthdays - Custom Policy - F.A.Q. Administration - Forum Rules - Guestbook
Links Manager - MyOwnGoogle - Profile Views - Search Log - WebSearch

Useful stuff:
Forum and MOD Installation - MOD Installation Guide - Snitz v3.4.05 Readme - Free ASP Hosts - Support Snitz
Go to Top of Page

gelliott
Junior Member

USA
268 Posts
Posted - 22 May 2003 :  15:58:06  Show Profile
OneWay - thanks for the feedback, I did the _short file as well. Yeah, I thought about restricting it with mlev but was too lazy to since I knew the passwords for mlev<4 wouldn't gain access. But I'll make that change to my code this evening - it conveys the intent within the code a little better, anyway, for whoever comes along behind me.

Thanks!
* The optimist says the cup is half full. The pessimist says it's half empty. But the engineer knows the truth - the cup's design is incorrectly sized.
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.35 seconds. Powered By: Snitz Forums 2000 Version 3.4.07