Yes, I agree. For pages like this I actually use an ASP IF statement that covers almost the whole page. Assuming VBScript in the ASP ...
<% If the user is not allowed here then >% display a big error message in red and give them a back button <% else %> the actual page <& endif %> That way, the generated browser code doesn't include anything that could be "useful" to them. Dave S ----- Original Message ----- From: Mills, Andy R. (Regency) To: '[email protected]' Sent: Tuesday, September 27, 2005 2:53 AM Subject: RE: [ASP] Admin Help The way I would do this is: Store their "access" rights in a Session variable. Have the links only to the pages their rights allow: and on each page, check their rights to verify they are allowed to access that page. You can also wrap buttons / SQL statements using this Session variable. There might be other, better ways in which to handle this and maybe others could help more, but this is my approach to the problem. HTH Andy _____ From: [email protected] [mailto:[EMAIL PROTECTED] Sent: Monday, September 26, 2005 9:27 AM To: [email protected] Subject: [ASP] Admin Help I start working first time on the administration side. I make a small project with 5 forms: addrecords.asp, updatesold record.asp, deleterecords.asp, displayrecords.asp and a main page from where user input their id number and password. What i want when user is a operator it only access addrecrods.asp file. For this purpose i use a condition in which it checks if the user is data entry operator it allows only addrecords.asp file. Problem is that if he go to address bar and type the other files they all will display too as i dont want to allow these files to that user. I need help what kind of changes i do in my program so that once user enters as a data entry it only add records and when user enter with administrator it access all the files in my program. Any help very appreciate. Thanks, __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com <http://mail.yahoo.com> --------------------------------------------------------------------- Home : http://groups.yahoo.com/group/active-server-pages <http://groups.yahoo.com/group/active-server-pages> --------------------------------------------------------------------- Post : [email protected] Subscribe : [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] --------------------------------------------------------------------- SPONSORED LINKS Active server page web hosting Active server page hosting Active <http://groups.yahoo.com/gads?t=ms&k=Active+server+pages&w1=Active+server+pa ge+web+hosting&w2=Active+server+page+hosting&w3=Active+server+pages&w4=Activ e+server+page+asp&w5=Active+server+page+training&c=5&s=154&.sig=Kj3e9va1GFeg NEHBqu3hhQ> server pages Active <http://groups.yahoo.com/gads?t=ms&k=Active+server+page+asp&w1=Active+server +page+web+hosting&w2=Active+server+page+hosting&w3=Active+server+pages&w4=Ac tive+server+page+asp&w5=Active+server+page+training&c=5&s=154&.sig=sisnEv3qt IshP-5LXqIFSQ> server page asp Active server page training _____ YAHOO! GROUPS LINKS * Visit your group "active-server-pages <http://groups.yahoo.com/group/active-server-pages> " on the web. * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> * Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service <http://docs.yahoo.com/info/terms/> . _____ [Non-text portions of this message have been removed] --------------------------------------------------------------------- Home : http://groups.yahoo.com/group/active-server-pages --------------------------------------------------------------------- Post : [email protected] Subscribe : [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] --------------------------------------------------------------------- ------------------------------------------------------------------------------ YAHOO! GROUPS LINKS a.. Visit your group "active-server-pages" on the web. b.. To unsubscribe from this group, send an email to: [EMAIL PROTECTED] c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. ------------------------------------------------------------------------------ [Non-text portions of this message have been removed] ------------------------ Yahoo! Groups Sponsor --------------------~--> Fair play? Video games influencing politics. Click and talk back! http://us.click.yahoo.com/T8sf5C/tzNLAA/TtwFAA/17folB/TM --------------------------------------------------------------------~-> --------------------------------------------------------------------- Home : http://groups.yahoo.com/group/active-server-pages --------------------------------------------------------------------- Post : [email protected] Subscribe : [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] --------------------------------------------------------------------- Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/active-server-pages/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
