Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

several questions in one-- ASP generated PDF, Securing site permission

Status
Not open for further replies.
jtgurkin

jtgurkin

Technical User
Sep 16, 2002
47
US
First,
I know that I can use an ASP page to generate a PDF file by writing the raw PDF data with a content type of PDF. I need to know where I can find the syntax of raw PDF data. If someone knows or could point me in the right direction, please help.

Second,
I need to generate some type of User Authentication script that will allow me to restrict access to a site based on the username/password combination the end user uses. I.E. I need to be able to allow some people to add data, others need to add and view data, and some only need to view. I need to be able to use some type of variable that will be passed along from page to page, or encoded on a cookie (which I don't know how to do effectively), to set the user access permisions.

Thanks,
jtgurkin
 
Sort by date Sort by votes
First:
Check the guys at
Second:
Include when creating the cookies the restricted field name on your database
if for example, your cookie looks like this
Response.cookies("user")("login")
Response.cookies("user")("password")
Response.cookies("user")("department")
etc...
Add
Response.cookies("user")("security")

And let's say your security codes are
1 or 10 etc... or whatever

on the pages you need to protect simply add as the first line on the page:

<%
if request.cookies(&quot;user&quot;)(&quot;security&quot;) <> 10 Then
response.redirect &quot;Somewhere_else.asp&quot;
end if
%>

Tho I'm sure there's a better way to tackle this, this is how it works for me...




user.gif

There's never time to do it right, but there's always time to do it over!
 
Upvote 0 Downvote
I recommend not storing user security info in their cookies because it's extremely easy to fake (I literally could just open up the cookie for the site in Notepad and change my (&quot;user&quot;)(&quot;security&quot;) to a different number).

Instead store the information locally in a database and just track the user via the session object (which uses a cookie, but all it contains is the current sessionid which can't be spoofed in a meaningful fashion).

So you'd instead have Session(&quot;login&quot;), Session(&quot;password&quot;), Session(&quot;department&quot;), and Session(&quot;security&quot;), all of which you would create after the user logs in.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Swi
  • Locked
  • Question
PDF Interrogation
Replies
0
Views
353
Swi
Swi
penguinspeaks
  • Locked
  • Question
write HTML code within ASP line
Replies
1
Views
786
xwb
xwb
leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
807
leifoet
leifoet
leifoet
  • Locked
  • Question
Code does not run in Microsoft Edge - it does in Google Chrome
Replies
3
Views
953
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
Return to current location on page after asp processes.
Replies
2
Views
717
penguinspeaks
penguinspeaks

Part and Inventory Search

Sponsor

Back
Top