Snitz Forums 2000 - Using Login / Authentication throughout Web Site

Snitz Forums 2000

Username:	Password:
Save Password
Forgot your Password?

All Forums

Help Groups for Snitz Forums 2000 Users

Help: General / Classic ASP versions(v3.4.XX)

Using Login / Authentication throughout Web Site

New Topic

Topic Locked

Printer Friendly

Author

Topic

blay
Starting Member

6 Posts

Posted - 07 June 2004 : 12:45:56

Rather than re-create the wheel, I want to use the logins created in Snitz Forums on other pages in my web site. I need a little nudge in the right direction to figure out which 'includes' and code to stick on my pages to check for login. Here are the particulars:

1. Check if logged in.
2. If not, redirect to login page. Send user back to original page once logged in (or once user is registered and logged in). Because http_referer could be some other web site by the time a new user is approved, must use a query string, I'm assuming.
3. If logged in, I can take it from here... :)

-B

Jezmeister
Senior Member

United Kingdom
1141 Posts

Posted - 07 June 2004 : 14:52:59

http://forum.snitz.com/forum/topic.asp?TOPIC_ID=33125 - the universal login mod does that.

blay
Starting Member

6 Posts

Posted - 07 June 2004 : 16:13:08

Thanks Jez! I'll try it out.

-B

blay
Starting Member

6 Posts

Posted - 07 June 2004 : 19:19:38

This mod is a bit much for what I needed. I do not need the login dialog itself to be loaded. I simply want to check IsUserLoggedOn? If not, then push the user to the logon page. If so, then pull only the basic profile info (such as email address). I could directly connect to the database myself and do this, but I want the logon session to be accessible from any page. So how to access this session? I guess that's the real question. I'm not sure how the cookie is being written.

I guess I just need to figure out the format of the cookie and I'll write the code (in .NET 1.1). Can somone help me on the cookie?

-B

Edited by - blay on 07 June 2004 20:11:43

OneWayMule
Dev. Team Member & Support Moderator

Austria
4969 Posts

Posted - 07 June 2004 : 20:36:01

Take a look at the code in this post.
You also might want to do a search, there are quite a few topics about your question.

My MODs:
Birthdays - Custom Policy - F.A.Q. Administration - Forum Rules - Guestbook
Links Manager - MyOwnGoogle - Profile Views - Search Log - WebSearch

Useful stuff:
Forum and MOD Installation - MOD Installation Guide - Snitz v3.4.05 Readme - Free ASP Hosts - Support Snitz

blay
Starting Member

6 Posts

Posted - 07 June 2004 : 23:16:02

Exactly what I needed. Works great. Thanks!

-B

blay
Starting Member

6 Posts

Posted - 08 June 2004 : 03:10:21

As I said previously, once I figured out the cookie, I would post the .NET code here. The following code is VB.NET (ASP.NET) and uses a web forms page (i.e. mypage.aspx).

The main piece to pay attention to, that I had trouble finding, is how to simply access a single cookie. Every example shows how to load all cookies into a collection, but I didn't want to parse every single one with the chance of having duplicate keys.

In the code below, I simply check if the Snitz cookie is there by looking for the default id of "Snitz00User", then I pull the name (M_Name) of the user from the cookie and look up the user in the database to retrieve the email address. I do not utilize the password at all. I assume that if the cookie is there and a username is in it, then the user is logged on.


1.        Dim LoggedIn As Boolean
2.        Dim strMemberName As String, strMemberPword As String
3.        Dim strMemberEmail As String
4.        Dim strSQLQuery As String
5.        Dim sqlDR As SqlDataReader
6.        Dim myCookie As HttpCookie = Request.Cookies("Snitz00User")
7.        If Not myCookie Is Nothing Then
8.            strMemberName = myCookie.Values("Name")
9.            'strMemberPword = myCookie.Values("Pword")
10.            strSQLQuery = "SELECT M_EMAIL FROM FORUM_MEMBERS " & _
11.                          "WHERE M_NAME = '" & strMemberName & "'"
12.            Dim DBCon As New SqlConnection(SQL Connection String Goes Here)
13.            Dim sqlCmd As New SqlCommand(strSQLQuery, DBCon)
14.            DBCon.Open()
15.            sqlDR = sqlCmd.ExecuteReader()
16.            If sqlDR.HasRows Then
17.                LoggedIn = True
18.                While sqlDR.Read
19.                    'Get the email address from column 0 (the only column that will be returned
20.                    ' by the SQL query) and put it in a .NET Web Form Text Box
21.                    email.Text = sqlDR.GetString(0)
22.                End While
23.            End If
24.            ' close the reader and the connection
25.            sqlDR.Close()
26.            DBCon.Close()
27.        Else
28.            LoggedIn = False 
29.        End If

Hope this helps someone. :)

-B

Edited by - blay on 08 June 2004 11:30:19

JPry565
Starting Member

18 Posts

Posted - 12 June 2004 : 09:28:49

Hey if you are going to use a web server, never have simple file sharing enabled, of course this is easier but i have experienced that hackers find it easier too because everybody has the same rights. An IIS enabled box has more of a chance of being hacked because of more open ports, e.g. 21 80 32. And so on.

laser
Advanced Member

Australia
3859 Posts

Posted - 12 June 2004 : 09:48:25

Yep, great idea ... close port 21 and 80

lvhaag
Starting Member

6 Posts

Posted - 20 July 2004 : 14:39:18

Will this work for regular ASP pages?

Topic

New Topic

Topic Locked

Printer Friendly

Jump To:

Snitz Forums 2000

This page was generated in 1.6 seconds.