"Gertjan Klein" <[EMAIL PROTECTED]> schrieb im Newsbeitrag news:[EMAIL PROTECTED] > "Ralf Huwald" <[EMAIL PROTECTED]> wrote: > > >The disadvantage of this solution is, you have to click at the LoginButton. > >In a Submit-Form you just need to press ENTER. So i'd prefer the other > >version (which still is not working). > > Why don't you just simply submit to login.csp? Check the login there > (in OnPreHTTP), and if OK, do either a server-side or a client-side > redirect to main.csp. No need for #server()# either.
Gertjan, You are right, i could check the login in OnPreHTP, but this would give a chance to anybody, to access my site with http://www.somewhere.com/csp/abc/Login.csp?User=aaa&Password=bbb... After enough tries, he may get successful. Maybe i am wrong, but i think this could happen. When there is no OnPreHTTP, where the previously entered fields are validated, this "hack" would be more difficult. That's the reason of the <form ... onsubmit="return #server(..);">. Another advantage is, that the page will not reloaded, when the user entered a wrong password or something else is wrong. By the way, the workaround with the second javascript function is working. There's just one open question: what is the difference between false and %boolean(0)? Ralf > > Gertjan. > > -- > Gertjan Klein
