history -1

Re: history -1

Jeff wrote:[color=blue]
> I need to make a response.redire ct that will take the user back 2
> pages after they login.
>
> How can i implement this into response.redire ct ?
>[/color]
It can't be done without saving the pages in a hidden field. The server
knows nothing about the client history.

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Re: history -1

So there is no way to have on the login page somewhere that says like

past = history.go(-2)

then have <% response.redire ct "&past&"%>

or, could i have the login page, after a good login, go to a page that just
has the history.go(-3)






"Bob Barrows [MVP]" <reb01501@NOyah oo.SPAMcom> wrote in message
news:%23pmXQd0e GHA.3488@TK2MSF TNGP02.phx.gbl. ..[color=blue]
> Jeff wrote:[color=green]
>> I need to make a response.redire ct that will take the user back 2
>> pages after they login.
>>
>> How can i implement this into response.redire ct ?
>>[/color]
> It can't be done without saving the pages in a hidden field. The server
> knows nothing about the client history.
>
> --
> Microsoft MVP - ASP/ASP.NET
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>[/color]

Re: history -1

Has to be a client side redirect
At the end of your routine create a javascript function to handle this
<%
If code works then
%>
<script>
{
window.history. go(-2);
}
</script>
<%
else
end if
%>





"Jeff" <gig_bam@adelph ia.net> wrote in message
news:S8ednRAMsI MGWPDZnZ2dnUVZ_ vOdnZ2d@adelphi a.com...[color=blue]
> I need to make a response.redire ct that will take the user back 2 pages
> after they login.
>
> How can i implement this into response.redire ct ?
>
> Thanks
>
>[/color]

Re: history -1

Jeff wrote:[color=blue]
> So there is no way to have on the login page somewhere that says like
>
> past = history.go(-2)[/color]


If this is supposed to be server-side code, then no. The server knows
nothing about the client history.
See a client-side newsgroup such as m.p.scripting.j script for help with
populating a hidden field on a form with the items in history (perhaps in an
xml string, but not required).

Server-side code can read the contents of the hidden field and do what needs
to be done.

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Re: history -1

Jeff wrote:[color=blue]
> So there is no way to have on the login page somewhere that says like
>
> past = history.go(-2)
>
> then have <% response.redire ct "&past&"%>
>
> or, could i have the login page, after a good login, go to a page
> that just has the history.go(-3)[/color]

I take it back. There is a way to do it in server-side code: write a
client-side script block to the Response. Air code:

<%
If successfulLogin then
response.write "<script type=""text/javascript"">
response.write "history.go (-2);</script>
end if
%>

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Re: history -1

Thanks bob. This is working.. sortof. Here is the delema.

I have a report page with this at the top

if session("logged in")<>1 then response.redire ct "login.asp"

the login script sets the session to 1 if they are logged in, and lets them
view this page. if it isn't 1, then it sends them to the login page.

the problem is this, when it goes back 2 in history, it skips over that
report page, and goes to the page that I clicked report on. if i set it
to -1, it goes back to the login page. so it is missing the page that
redirected it to begin with.

am i doing something wrong?

"Bob Barrows [MVP]" <reb01501@NOyah oo.SPAMcom> wrote in message
news:%23K8lS30e GHA.4948@TK2MSF TNGP04.phx.gbl. ..[color=blue]
> Jeff wrote:[color=green]
>> So there is no way to have on the login page somewhere that says like
>>
>> past = history.go(-2)
>>
>> then have <% response.redire ct "&past&"%>
>>
>> or, could i have the login page, after a good login, go to a page
>> that just has the history.go(-3)[/color]
>
> I take it back. There is a way to do it in server-side code: write a
> client-side script block to the Response. Air code:
>
> <%
> If successfulLogin then
> response.write "<script type=""text/javascript"">
> response.write "history.go (-2);</script>
> end if
> %>
>
> --
> Microsoft MVP - ASP/ASP.NET
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>[/color]

Re: history -1

If Session("logged in")<>1 Then
Session("redire ct") = Request.ServerV ariables("SCRIP T_NAME")
Response.Redire ct "login.asp"
End If

Then in the login page, on successful log in:

If Session("redire ct")<>"" Then
redirectpage = Session("redire ct")
Session("redire ct")=""
Response.Redire ct redirectpage
End If

--
Mike Brind

Jeff wrote:[color=blue]
> Thanks bob. This is working.. sortof. Here is the delema.
>
> I have a report page with this at the top
>
> if session("logged in")<>1 then response.redire ct "login.asp"
>
> the login script sets the session to 1 if they are logged in, and lets them
> view this page. if it isn't 1, then it sends them to the login page.
>
> the problem is this, when it goes back 2 in history, it skips over that
> report page, and goes to the page that I clicked report on. if i set it
> to -1, it goes back to the login page. so it is missing the page that
> redirected it to begin with.
>
> am i doing something wrong?
>
> "Bob Barrows [MVP]" <reb01501@NOyah oo.SPAMcom> wrote in message
> news:%23K8lS30e GHA.4948@TK2MSF TNGP04.phx.gbl. ..[color=green]
> > Jeff wrote:[color=darkred]
> >> So there is no way to have on the login page somewhere that says like
> >>
> >> past = history.go(-2)
> >>
> >> then have <% response.redire ct "&past&"%>
> >>
> >> or, could i have the login page, after a good login, go to a page
> >> that just has the history.go(-3)[/color]
> >
> > I take it back. There is a way to do it in server-side code: write a
> > client-side script block to the Response. Air code:
> >
> > <%
> > If successfulLogin then
> > response.write "<script type=""text/javascript"">
> > response.write "history.go (-2);</script>
> > end if
> > %>
> >
> > --
> > Microsoft MVP - ASP/ASP.NET
> > Please reply to the newsgroup. This email account is my spam trap so I
> > don't check it very often. If you must reply off-line, then remove the
> > "NO SPAM"
> >[/color][/color]

Re: history -1

Jeff wrote:[color=blue]
> Thanks bob. This is working.. sortof. Here is the delema.
>
> I have a report page with this at the top
>
> if session("logged in")<>1 then response.redire ct "login.asp"
>
> the login script sets the session to 1 if they are logged in, and
> lets them view this page. if it isn't 1, then it sends them to the
> login page.
> the problem is this, when it goes back 2 in history, it skips over
> that report page, and goes to the page that I clicked report on. if i
> set it to -1, it goes back to the login page. so it is missing the page
> that
> redirected it to begin with.
>
> am i doing something wrong?
>[/color]
No, that's the problem with using History, which can cause pages to be
retrieved from the browser cacne rather than being re-requested from the
server.

You need to rethink what you are doing. At the very least, store the name of
the page you need to go back to in a session variable. Consider using
Server.Transfer instead of Response.Redire ct to prevent pages from being
retrieved from the browser cache.

if session("logged in")<>1 then
session("PageWh ereAuthFailed") = "me.asp"
response.redire ct "login.asp"
end if

in login.asp:
if SuccessfulLogin then
session("logged in")=1
pageForm = session("PageWh ereAuthFailed")
session("PageWh ereAuthFailed") = ""
if len(pageFrom)>0 then
Server.Transfer (pageFrom)
else
'do the default action
end if
end if

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Re: history -1

Jeff wrote on 19 mei 2006 in microsoft.publi c.inetserver.as p.general:
[color=blue]
> hanks bob. This is working.. sortof. Here is the delema.
>
> I have a report page with this at the top
>
> if session("logged in")<>1 then response.redire ct "login.asp"
>
> the login script sets the session to 1 if they are logged in, and lets
> them view this page. if it isn't 1, then it sends them to the login
> page.
>
> the problem is this, when it goes back 2 in history, it skips over
> that report page, and goes to the page that I clicked report on. if i
> set it to -1, it goes back to the login page. so it is missing the
> page that redirected it to begin with.
>
> am i doing something wrong?
>[/color]

I prefer serverside session memory over clienside history:

if session("logged in") <> 1 then
session("origin ") = request.serverv ariables("URL")
response.redire ct "login.asp"
end if

And a successful login will do:

response.redire ct session("origin ")

===========

Another way is to build the login code
as an include to every page top:


========= login.include.a sp =============
<%
if request.form("p assword") <> "" then
do your autentication things
and set session("logged in") to 1 if ok.
end if

if session("logged in") <> 1 then
%>
<html>
<form method=post>
do the login html form things
....
</html>
<%
response.end
end if
%>


--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)

Re: history -1

I tried both of your ways, and they both work perfectly.
I prefer Mike's way, simply because I wouldn't have to change the
session("PageWh ereAuthFailed") on each page that is protected.

You guys are truley the best at what you do, and you help and advice is
always appreciated.

Thanks
Jeff


"Jeff" <gig_bam@adelph ia.net> wrote in message
news:ZtSdnUAzEY SfRfDZnZ2dnUVZ_ t2dnZ2d@adelphi a.com...[color=blue]
> Thanks bob. This is working.. sortof. Here is the delema.
>
> I have a report page with this at the top
>
> if session("logged in")<>1 then response.redire ct "login.asp"
>
> the login script sets the session to 1 if they are logged in, and lets
> them view this page. if it isn't 1, then it sends them to the login page.
>
> the problem is this, when it goes back 2 in history, it skips over that
> report page, and goes to the page that I clicked report on. if i set it
> to -1, it goes back to the login page. so it is missing the page that
> redirected it to begin with.
>
> am i doing something wrong?
>
> "Bob Barrows [MVP]" <reb01501@NOyah oo.SPAMcom> wrote in message
> news:%23K8lS30e GHA.4948@TK2MSF TNGP04.phx.gbl. ..[color=green]
>> Jeff wrote:[color=darkred]
>>> So there is no way to have on the login page somewhere that says like
>>>
>>> past = history.go(-2)
>>>
>>> then have <% response.redire ct "&past&"%>
>>>
>>> or, could i have the login page, after a good login, go to a page
>>> that just has the history.go(-3)[/color]
>>
>> I take it back. There is a way to do it in server-side code: write a
>> client-side script block to the Response. Air code:
>>
>> <%
>> If successfulLogin then
>> response.write "<script type=""text/javascript"">
>> response.write "history.go (-2);</script>
>> end if
>> %>
>>
>> --
>> Microsoft MVP - ASP/ASP.NET
>> Please reply to the newsgroup. This email account is my spam trap so I
>> don't check it very often. If you must reply off-line, then remove the
>> "NO SPAM"
>>[/color]
>
>[/color]

Re: history -1

Jeff wrote:[color=blue]
> I tried both of your ways, and they both work perfectly.
> I prefer Mike's way, simply because I wouldn't have to
> change the session("PageWh ereAuthFailed") on each page
> that is protected.[/color]

That technique should work fine unless/until you extend your login to span
multiple applications, technologies, servers or domains.

We built an enterprise-wide session architecture that allows ASP, JSP and
ASP.NET to share sessions (authentication as well as variables). We
authenticate under SSL against an NDS tree[1], and the individual
applications are a mix of SSL and non-SSL, depending on their sensitivity.
As you can imagine, this means the session information is kept in a
database, rather than on the web servers.

The ASP implementation is unsurprisingly the least elegant of the bunch, as
well as the most perturbable. We have distilled it to a Server.Execute( )
call for each protected page. If/when you extend your login and can't figure
out how to proceed, post back here and I can probably offer some suggestions
based on lessons learned.



[1] This could just as easily be against AD.

--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.

Re: history -1

I will do that. Thanks so much for the help.
Jeff


"Dave Anderson" <GTSPXOESSGOQ@s pammotel.com> wrote in message
news:eeWX8e4eGH A.1856@TK2MSFTN GP03.phx.gbl...[color=blue]
> Jeff wrote:[color=green]
>> I tried both of your ways, and they both work perfectly.
>> I prefer Mike's way, simply because I wouldn't have to
>> change the session("PageWh ereAuthFailed") on each page
>> that is protected.[/color]
>
> That technique should work fine unless/until you extend your login to span
> multiple applications, technologies, servers or domains.
>
> We built an enterprise-wide session architecture that allows ASP, JSP and
> ASP.NET to share sessions (authentication as well as variables). We
> authenticate under SSL against an NDS tree[1], and the individual
> applications are a mix of SSL and non-SSL, depending on their sensitivity.
> As you can imagine, this means the session information is kept in a
> database, rather than on the web servers.
>
> The ASP implementation is unsurprisingly the least elegant of the bunch,
> as well as the most perturbable. We have distilled it to a
> Server.Execute( ) call for each protected page. If/when you extend your
> login and can't figure out how to proceed, post back here and I can
> probably offer some suggestions based on lessons learned.
>
>
>
> [1] This could just as easily be against AD.
>
> --
> Dave Anderson
>
> Unsolicited commercial email will be read at a cost of $500 per message.
> Use of this email address implies consent to these terms.
>[/color]