Forums
This topic is locked
How do I redirect on login? Help!
Posted 04 Oct 2001 17:38:35
1
has voted
04 Oct 2001 17:38:35 Zain Magsi posted:
I am using the following code on my login page. However I want to direct people to specific pages depending on their usernames. So suppose I have three people:
tom - (username)tomcat
bob - (username)bobcat
jim - (username)jimmy
How do I modify the following code:
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL"
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
MM_valUsername=CStr(Request.Form("username"
)If MM_valUsername <> "" Then
MM_fldUserAuthorization="rights"
MM_redirectLoginSuccess="newsadmin.asp"
MM_redirectLoginFailed="tryagain.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connTEMSnews_STRING
MM_rsUser.Source = "SELECT username, password"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM admin WHERE username='" & MM_valUsername &"' AND password='" & CStr(Request.Form("password"
) & "'"MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username"
= MM_valUsernameIf (MM_fldUserAuthorization <> ""
ThenSession("MM_UserAuthorization"
= CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)Else
Session("MM_UserAuthorization"
= ""End If
if CStr(Request.QueryString("accessdenied"
) <> "" And false ThenMM_redirectLoginSuccess = Request.QueryString("accessdenied"
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
Thanks,
Zain
Zain Magsi
Replies
Replied 05 Oct 2001 17:33:50
05 Oct 2001 17:33:50 Jeff Hansen replied:
Try this tutorial
www.hiran.desilva.com/ultradev/
the best thing to do is to make an ACCESS_LEVEL column in your database and the login will then check that to determine who gets pushed where.
The thinking is somewhat backward, but here it how it goes. Say you have 3 groups of users - users, powerusers, and admins. You would assign access_level of 5 to users, 3 to powerusers, and 1 to admins. The login page will first attempt to direct to the USER page, on that page you will code that if that user does not have access_level of 5, (as the default user would) then to redirect them to the POWERUSER page, which in turn will allow those in with ass_level of 3, or redirect them to ADMIN page - which looks for level 1. or denies access to a failed login page. The above tutorial explains how to set this up.
Jeff
www.hiran.desilva.com/ultradev/
the best thing to do is to make an ACCESS_LEVEL column in your database and the login will then check that to determine who gets pushed where.
The thinking is somewhat backward, but here it how it goes. Say you have 3 groups of users - users, powerusers, and admins. You would assign access_level of 5 to users, 3 to powerusers, and 1 to admins. The login page will first attempt to direct to the USER page, on that page you will code that if that user does not have access_level of 5, (as the default user would) then to redirect them to the POWERUSER page, which in turn will allow those in with ass_level of 3, or redirect them to ADMIN page - which looks for level 1. or denies access to a failed login page. The above tutorial explains how to set this up.
Jeff