Sessions/securing web site pages with a Login

Question

JC_2000 0 Newbie Poster

17 Years Ago

Hi everyone,

Can anyone tell me how you can stop users from URL Hacking your website with ASP (sessions)?
So for example if you have a password and username form on the front of your website and only want authorised members to gain access to your web site.

So for example just say you had a page e.g: somepage.htm and a user who was not logged in types www.somesite.com/somepage.htm. How can you stop them from getting access to the that page if they are not logged in?

P.S: Do you have any sample code?

Please help,

Jay.

asp

3 Contributors
2 Replies
131 Views
2 Years Discussion Span
Latest Post 15 Years Ago Latest Post by tparke

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

msaqib -3 Junior Poster in Training · Answer 1 · 2006-05-07T02:14:17+00:00

<%
Dim lgn,pas ' Login name & Pasword
lgn=cstr(Request("login"))
pas=cstr(REquest("pass"))
if ((lgn="login") AND (pas="123")) then 
  session("admin") = True
  response.Redirect("somepage.asp")
end if
 
'now if the user have not logged in then 
if NOT(session("admin")) then Response.Redirect("NoAccess.asp")
%>

The simplest code will look like this.

tparke 0 Newbie Poster · Answer 2 · 2008-05-09T18:11:48+00:00

Hi Jay,

Did you manage to solve the URL hacking problem? I have the same situation and would really appreciate it if you could let me know how you got around it.

Thanks,
Tony