jon spivey - logon page still not working


G

Guest

Here is the code that the microsoft template had for the logon page: I tried putting in your code but either did it wrong, or something else is wrong...thanks so much in advance
Meliss

<% @language="vbscript" %><!--#include virtual="/logon/_private/logon.inc"--><
' Was this page posted to
If UCase(Request.ServerVariables("HTTP_METHOD")) = "POST" The
' If so, check the username/password that was entered
If ComparePassword(Request("UID"),Request("PWD")) The
' If comparison was good, store the user name..
Session("UID") = Request("UID"
' ...and redirect back to the original page
Response.Redirect Session("REFERRER"
End I
End I
%><html><head><title>Logon Page</title><style
body { font-family: arial, helvetica
table { background-color: #cccccc; font-size: 9pt; padding: 3px
td { color: #000000; background-color: #cccccc; border-width: 0px
th { color: #ffffff; background-color: #0000cc; border-width: 0px
</style></head><body bgcolor="#000000" text="#ffffff"><h3 align="center"> </h3><div align="center"><center><form action="<%=LOGON_PAGE%>" method="POST"><table border="2" cellpadding="2" cellspacing="2"><tr><th colspan="4" align="left">Enter User Name and Password</th></tr><tr><td> </td><td colspan="2" align="left">Please type your user name and password.</td><td> </td></tr><tr><td> </td><td align="left">Site</td><td align="left"><%=Request.ServerVariables("SERVER_NAME")%> </td><td> </td></tr><tr><td> </td><td align="left">User Name</td><td align="left"><input name="UID" type="text" size="20"></td><td> </td></tr><tr><td> </td><td align="left">Password</td><td align="left"><input name="PWD" type="password" size="20"></td><td> </td></tr><tr><td> </td><td colspan="2" align="center"><input type="submit" value="LOGON"></td><td> </td></tr></table></form></center></div></body></html>
 
Ad

Advertisements

M

MD Websunlimited

Melissa,

What is wrong is that this relies upon there being a referring page that goes to the logon page. You can not go directly to the
logon page.


--
Mike -- FrontPage MVP '97-'02
http://www.websunlimited.com
Need to protect your web pages Page Protector Pro
http://www.websunlimited.com/order/Product/PagePro/pagepro.htm
FrontPage Add-ins Since '97 2003 / 2002 / 2000 Compatible


melissa said:
Here is the code that the microsoft template had for the logon page: I tried putting in your code but either did it wrong, or
something else is wrong...thanks so much in advance!
Melissa


<% @language="vbscript" %><!--#include virtual="/logon/_private/logon.inc"--><%
' Was this page posted to?
If UCase(Request.ServerVariables("HTTP_METHOD")) = "POST" Then
' If so, check the username/password that was entered.
If ComparePassword(Request("UID"),Request("PWD")) Then
' If comparison was good, store the user name...
Session("UID") = Request("UID")
' ...and redirect back to the original page.
Response.Redirect Session("REFERRER")
End If
End If
%><html><head><title>Logon Page</title><style>
body { font-family: arial, helvetica }
table { background-color: #cccccc; font-size: 9pt; padding: 3px }
td { color: #000000; background-color: #cccccc; border-width: 0px }
th { color: #ffffff; background-color: #0000cc; border-width: 0px }
</style></head><body bgcolor="#000000" text="#ffffff"><h3 align="center"> </h3><div align="center"><center><form
action="<%=LOGON_PAGE%>" method="POST"><table border="2" cellpadding="2" cellspacing="2"><tr><th colspan="4" align="left">Enter User
Name and Password</th></tr><tr><td> </td><td colspan="2" align="left">Please type your user name and
password.</td><td> </td></tr><tr><td> </td><td align="left">Site</td><td
align="left"><%=Request.ServerVariables("SERVER_NAME")%> </td><td> </td></tr><tr><td> </td><td align="left">User
Name</td><td align="left"><input name="UID" type="text" size="20"></td><td> </td></tr><tr><td> </td><td
align="left">Password</td><td align="left"><input name="PWD" type="password"
size="20"></td><td> </td></tr><tr><td> </td><td colspan="2" align="center"><input type="submit"
value="LOGON"></td><td> </td></tr></table></form></center></div></body></html>
 
J

Jon Spivey

True - we can't see where Session("REFERRER") is being set though.

I'd lose the session var stick the referer into a hidden field and then
either direct to it or direct to a default page if it's empty.

Melissa,
change this
If ComparePassword(Request("UID"),Request("PWD")) Then
' If comparison was good, store the user name...
Session("UID") = Request("UID")
' ...and redirect back to the original page.
Response.Redirect Session("REFERRER")
End If
to
If ComparePassword(Request("UID"),Request("PWD")) Then
' If comparison was good, store the user name...
Session("UID") = Request("UID")
if request("ref") <> "" then
response.redirect request("ref")
else
response.redirect "default.asp"
end if
End If
and
<input name="UID" type="text" size="20">
to
<input name="UID" type="text" size="20">
<input type="hidden" name="ref"
value="<%=request.servervariables("http_referrer")%>">

If you're really stuck with this you can email me the code offlist.

--
Cheers,
Jon
Microsoft MVP - FP

MD said:
Melissa,

What is wrong is that this relies upon there being a referring page
that goes to the logon page. You can not go directly to the logon
page.




something else is wrong...thanks so much in advance!
action="<%=LOGON_PAGE%>" method="POST"><table border="2"
cellpadding="2" cellspacing="2"><tr><th colspan="4"
align="left">Enter User Name and
Password</th></tr><tr><td> </td><td colspan="2"
align="left">Please type your user name and
password.</td><td> </td></tr><tr><td> </td><td
align="left">Site</td><td
align="left"> said:
align="left">User Name</td><td align="left"><input name="UID"
type="text" size="20"></td><td> </td></tr><tr><td> </td><td
align="left">Password</td><td align="left"><input name="PWD"
type="password"
size="20"></td><td> </td></tr><tr><td> </td><td colspan="2"
align="center"><input type="submit"
value="LOGON"></td><td> </td></tr></table></form></center></div></body>
</html>
 
Ad

Advertisements

M

Mark Fitzpatrick

Also, change the login.inc to a login.asp file. That way if anyone tries to
view the page that includes the login code, it won't be displayed in the
browser, it will be executed by the server and not shown. That way someone
can't try to view the code then figure out a way to bypass it.


Hope this helps,
Mark Fitzpatrick
Microsoft MVP - FrontPage

melissa said:
Here is the code that the microsoft template had for the logon page: I
tried putting in your code but either did it wrong, or something else is
wrong...thanks so much in advance!
Melissa


<% @language="vbscript" %><!--#include virtual="/logon/_private/logon.inc"--><%
' Was this page posted to?
If UCase(Request.ServerVariables("HTTP_METHOD")) = "POST" Then
' If so, check the username/password that was entered.
If ComparePassword(Request("UID"),Request("PWD")) Then
' If comparison was good, store the user name...
Session("UID") = Request("UID")
' ...and redirect back to the original page.
Response.Redirect Session("REFERRER")
End If
End If
%><html><head><title>Logon Page</title><style>
body { font-family: arial, helvetica }
table { background-color: #cccccc; font-size: 9pt; padding: 3px }
td { color: #000000; background-color: #cccccc; border-width: 0px }
th { color: #ffffff; background-color: #0000cc; border-width: 0px }
</style></head><body bgcolor="#000000" text="#ffffff"><h3
align="center"> </h3><div align="center"><center><form
action="<%=LOGON_PAGE%>" method="POST"><table border="2" cellpadding="2"
cellspacing="2"><tr><th colspan="4" align="left">Enter User Name and
Password</th></tr><tr><td> </td><td colspan="2" align="left">Please
type your user name and
password.</td><td> </td></tr><tr><td> </td><td
align="left">Site</td><td
align="left"><%=Request.ServerVariables("SERVER_NAME")%> </td><td>&#xa0
;</td></tr><tr><td> </td><td align="left">User Name</td><td
align="left"><input name="UID" type="text"
size="20"></td><td> </td></tr><tr><td> </td><td
align="left">Password</td><td align="left"><input name="PWD" type="password"
size="20"></td><td> </td></tr><tr><td> </td><td colspan="2"
align="center"><input type="submit"
value="LOGON"></td><td> </td></tr></table></form></center></div></body>
</html>
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top