Re:Password Authentication - request example
This WebDNA talk-list message is from 1998
It keeps the original formatting.
numero = 17451
interpreted = N
texte = On 5/3/98 4:39 PM, Steve Rosenbaum wrote:>>Jay, do you have this example posted somewhere?>>(Bob from Cybermill posted a neat example on 4/7/98; but I have been unable>to successfully implement it. Among other things, I was unsure if Bob's>checker.txt file is supposed to replace Webcatalog's AuthenticateChecker>file. I am also unclear on Bob's HEADER9 field. )>>Help!I used the header9 nine field because I was having trouble with CartPassword field and I have yet to go back.Really all that happens is a lookup in your [cart] file, to see if the input username matches the data in the user field of any database you choose if not then it returns the [authenticate user].What I do is place the username and password in the cart using the set header context. Then on each subsequent page I do a lookup in the cart and compare the name and pass with the name and pass in the field.This would be the code you include in each page you wish to protect:[include file=checker&groups=YOURGROUP] where checker is the name of your authentication file.Here is the contents of the checker file:[showif NotFound=[lookup db=memusers.db&lookinField=user&value=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&returnField=user¬Found=NotFound]][authenticate Unauthorized User][/showif][showif [url][encrypt][uppercase][orderfile shoppingcarts/[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url]![url][lookup db=../memusers.db&lookinField=user&value=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&returnField=pass¬Found=NotFound][/url]][authenticate Unauthorized User][/showif][search db=../memusers.db&groupsword=ww&wogroupsdatarq=[uppercase][groups][/uppercase]&equserdatarq=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&eqpassdatarq=[url][encrypt][uppercase][orderfile shoppingcarts/[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url]][showif [numFound]=0][authenticate Unauthorized User][/showif][/search]Now you need to get the usersname and password into the cart, You will need to put this info at the start of the page that you come to from your login page. I protect this page as well as set the header on it, but webcat is fast enough to deal with it.Here is how I set that information and the cookie for the user as well as authenticate the same page. [setHeader cart=[cart]]CartPassWord=[password]&CartUserName=[username][/setHeader][setcookie name=MID&value=[username]&expires=Wednesday, 09-DEC-1999 23:00:00 GMT&path=/&domain=www.fishfax.com][include file=checker&groups=YOURGROUP]I am open for more questions if this is still not clear enough.Robert Minor__________________________________________________________CyberMill Website Designers & Publishers8616 Joseph AveSt. Louis, MO 63144voice 314-962-4024email: webmaster@cybermill.comhttp://www.cybermill.com/__________________________________________________________We are not responsible for any misspelling or misinformationplease check with your internet provider for defects.
Associated Messages, from the most recent to the oldest:
On 5/3/98 4:39 PM, Steve Rosenbaum wrote:>>Jay, do you have this example posted somewhere?>>(Bob from Cybermill posted a neat example on 4/7/98; but I have been unable>to successfully implement it. Among other things, I was unsure if Bob's>checker.txt file is supposed to replace Webcatalog's AuthenticateChecker>file. I am also unclear on Bob's HEADER9 field. )>>Help!I used the header9 nine field because I was having trouble with CartPassword field and I have yet to go back.Really all that happens is a lookup in your
[cart] file, to see if the input username matches the data in the user field of any database you choose if not then it returns the [authenticate user].What I do is place the username and password in the cart using the set header context. Then on each subsequent page I do a lookup in the cart and compare the name and pass with the name and pass in the field.This would be the code you include in each page you wish to protect:[include file=checker&groups=YOURGROUP] where checker is the name of your authentication file.Here is the contents of the checker file:[showif NotFound=[lookup db=memusers.db&lookinField=user&value=
[uppercase][orderfile shoppingcarts/
[cart]][CartUserName][/orderfile][/uppercase]&returnField=user¬Found=NotFound]][authenticate Unauthorized User][/showif][showif
[url][encrypt][uppercase][orderfile shoppingcarts/
[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url]!
[url][lookup db=../memusers.db&lookinField=user&value=
[uppercase][orderfile shoppingcarts/
[cart]][CartUserName][/orderfile][/uppercase]&returnField=pass¬Found=NotFound][/url]][authenticate Unauthorized User][/showif][search db=../memusers.db&groupsword=ww&wogroupsdatarq=
[uppercase][groups][/uppercase]&equserdatarq=
[uppercase][orderfile shoppingcarts/
[cart]][CartUserName][/orderfile][/uppercase]&eqpassdatarq=[url]
[encrypt][uppercase][orderfile shoppingcarts/
[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url]][showif [numFound]=0][authenticate Unauthorized User][/showif][/search]Now you need to get the usersname and password into the cart, You will need to put this info at the start of the page that you come to from your login page. I protect this page as well as set the header on it, but webcat is fast enough to deal with it.Here is how I set that information and the cookie for the user as well as authenticate the same page. [setHeader cart=
[cart]]CartPassWord=
[password]&CartUserName=
[username][/setHeader][setcookie name=MID&value=
[username]&expires=Wednesday, 09-DEC-1999 23:00:00 GMT&path=/&domain=www.fishfax.com][include file=checker&groups=YOURGROUP]I am open for more questions if this is still not clear enough.Robert Minor__________________________________________________________CyberMill Website Designers & Publishers8616 Joseph AveSt. Louis, MO 63144voice 314-962-4024email: webmaster@cybermill.comhttp://www.cybermill.com/__________________________________________________________We are not responsible for any misspelling or misinformationplease check with your internet provider for defects.
Bob Minor
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
[Sum] function? (1997)
Re:no [search] with NT (1997)
setting taxable to true (1997)
[SearchString] problem with [search] context (1997)
[WebDNA] An alternative to hosting... (2009)
Show new (2003)
300 ticks (2003)
[SearchString] usage (1997)
SSL and reg web* (1997)
Authorizenet - version 3.1 compliance (2002)
[WebDNA] Friday February 13, 2009 (2009)
Shorthand for command args (1998)
ShowNext Questions (2000)
OT : Site speed feedback (2002)
mail on NT (1998)
RE:It just Does't add up!!! (1997)
Mondo amounts of Mail [long] (1999)
Custom Shipping Charges (1997)
Multiple Merchant Accounts? (1997)
using showpage and showcart commands (1996)