View Full Version : Direct user to correct page upon login...help

01-23-2007, 06:25 PM
I've created a secure login site. Everything works fine except for one thing... the redirect.

I want to redirect users to the correct page they are accessing (say they're just clicking a link they've bookmarked to a particular page in the secure site) rather than forcing them to navigate in from a default "login successful" page.

In each secure page, I have this include file:

if Session("valid") = "" Then
Response.Redirect ("login_new.asp?r=" & Server.URLEncode(Request.ServerVariables("URL") & Request.Querystring))
end if

My login script looks like this:

<form name="login" method="POST" action="verify_new.asp">
<input type="text" name="UserName">
<input type="password" name="Password">
<p><input type="hidden" name="redirect" value="<%=Request.Querystring("r")%>">
<input type="submit" name="Submit" value="Submit">

My verify page looks like this:

dim username, password, sRedirect

sRedirect = Request.Form("redirect")
If sRedirect = "" then
sRedirect = "default.asp"
end if

...(lots of code)...

' if both username and pass are valid, create session ID
if Session("Valid") = Request("username") then
response.redirect sRedirect
end if

If I create a url like this: http://www.mywebsite.com/youarehere.asp, everything functions just fine. However, if I create a url like this: http://www.mywebsite.com/inthisfolder/youarehere.asp the script always returns a page cannot be found error.

I've looked through my code, but I don't see that I've coded a bum link.

The error url returned looks like this: http://www.mywesite.com/login_new.asp?r=%2Ffolder%2Fyouarehere%2Easp

And, it's a simple 404 error.

I suspect it has something to do with how I create the stored url in this line:
Response.Redirect ("login_new.asp?r=" & Server.URLEncode(Request.ServerVariables("URL") & Request.Querystring))

Any thoughts or suggestions?



01-23-2007, 07:49 PM
Okay, I'm dumb, I figured it out.

I just spelled out the full url path to the login_new.asp file.

01-30-2007, 02:15 PM
Just a note;
You need a little validation on your URL.

If Request.ServerVariables("QueryString") <> "" Then
qs = "?" & Request.ServerVariables("QueryString")
End If
url = Request.ServerVariables("URL") & qs