Url validation - Dev Shed

Dev Shed Forums Sponsor:

November 25th, 2003, 04:25 PM

icecubes7

Contributing User

Join Date: Oct 2003

Posts: 33

Time spent in forums: < 1 sec
Reputation Power: 6

Url validation

I have two pages, one called "test1" and another called "test2"

Is there any way I can check that a person has come from test1 when they go to the url "test2"?

Or would it be easier to create a session on test1 and then check for that session on the test2?

If the latter, then can someone point me in the direction of a tutorial suitable for this?

Thanks,

Mike

November 25th, 2003, 04:46 PM

jstrohofer

Contributing User

Join Date: Oct 2003

Location: Cincinnati, OH USA

Posts: 111

Time spent in forums: 1 m 3 sec
Reputation Power: 6

You could check the HTTP_REFERER Server Variable to see if it is the page test1.

November 25th, 2003, 05:09 PM

icecubes7

Contributing User

Join Date: Oct 2003

Posts: 33

Time spent in forums: < 1 sec
Reputation Power: 6

should of said but I am really new to asp, could you give me an example?

November 26th, 2003, 09:06 AM

jstrohofer

Contributing User

Join Date: Oct 2003

Location: Cincinnati, OH USA

Posts: 111

Time spent in forums: 1 m 3 sec
Reputation Power: 6

If Request.ServerVariables("HTTP_REFERER") = "http://www.yourdomain.com/test1.asp" then
...do whatever here
End If

Of course, replacing 'www.yourdomain.com' with your actual domain name.

November 26th, 2003, 12:08 PM

icecubes7

Contributing User

Join Date: Oct 2003

Posts: 33

Time spent in forums: < 1 sec
Reputation Power: 6

hey thanks man!

November 26th, 2003, 12:11 PM

jstrohofer

Contributing User

Join Date: Oct 2003

Location: Cincinnati, OH USA

Posts: 111

Time spent in forums: 1 m 3 sec
Reputation Power: 6

wo-man! =)

November 26th, 2003, 01:33 PM

icecubes7

Contributing User

Join Date: Oct 2003

Posts: 33

Time spent in forums: < 1 sec
Reputation Power: 6

When I use this bit of code

"Request.ServerVariables("HTTP_REFERER") = page2"

I get this error...

"Microsoft VBScript runtime error '800a01b6'

Object doesn't support this property or method: 'Request.ServerVariables'

/mikesasp/test2.asp, line 4"

Any ideas?

November 26th, 2003, 02:33 PM

jstrohofer

Contributing User

Join Date: Oct 2003

Location: Cincinnati, OH USA

Posts: 111

Time spent in forums: 1 m 3 sec
Reputation Power: 6

Can you post a bit more of your code, or attach the ASP page so I can see exactly what the problem is?

November 26th, 2003, 05:11 PM

icecubes7

Contributing User

Join Date: Oct 2003

Posts: 33

Time spent in forums: < 1 sec
Reputation Power: 6

ok (but I really don't need a lecture on security, lol. And bear in mind that this is a barebone script at the mo. no features or actualy content.....)

The login (login.asp):

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<form name="form1" method="post" action="test7.asp">
        <p>What is ur name? 
          <input name="user" type="text" id="user">
          What is ur pass? 
          <input name="pass" type="password" id="pass">
        </p>
        <p>
          <input type="submit" name="Submit" value="Submit">
        </p>
      </form>
</body>
</html>

The processor (test7.asp):

Code:

<% 

username = request.form("user")
password = request.form("pass")

Dim user(6)
user(1) = "admin"
user(2) = "Pierce"
user(3) = "random1"
user(4) = "random2"
user(5) = "random3"
user(6) = "random4"

If username= user(1) or username= user(2) or username= user(3) or username= user(4) or username= user(5) or username= user(6) Then

If (username= user(1) and password = "pass") or  (username= user(2) and password = "baby") or  (username= user(3) and password = "random") or  (username= user(4) and password = "random") or  (username= user(5) and password = "random") or  (username= user(6) and password = "random")Then

response.write ("Welcome admin!")

%>
<script type="text/javascript">

 top.location.href="test2.asp"

</script>
<%
Else 

response.write ("Go away commoner!")

End If

Else 

response.write ("Go away commoner!")

End If 

%>

The admin area (test2.asp):

[code]

<%
If Request.ServerVariables(HTTP_REFERER) = "http://www.xxxx.com/mikesasp/test7.asp" Then

response.write ("welcome person")

Else

response.write ("errrr....ur not suppost to be here!")

End If

%>

#10

November 27th, 2003, 11:03 AM

unclefu

Contributing User

Join Date: Nov 2003

Posts: 120

Time spent in forums: 30 m 57 sec
Reputation Power: 6

couple suggestions

you've already got an array for usernames, you could do one of two things

1) have a multi-dimensional array

Code:

user(0,0) = "username"
user(0,1) = "password"
user(1,0) = "username2"
user(1,1) = "password2"
'etc..

'to compare the username

for i = lbound(user) to ubound(user)
   if (username = user(i,0) AND password = user(i,1)) then
         response.write "Welcome Admin"
         response.redirect("test2.asp")
    end if
next

2) just have a second array for passwords

Code:

pass(0) = "password"
pass(1) = "password2"

for i = lbound(user) to ubound(user)
     if (username = user(i) AND password = pass(i)) then
           response.write "Welcome Admin"
           response.redirect("test2.asp")
     end if
next

anyways, as to the possible problem...
it may be because you do not have any double-quotes around HTTP_REFERER

Thread Tools	Search this Thread
Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread: