Added: April/10/2004 at 12:33pm | IP Logged

Redirecting is not something ASPProtect does because you can
do that sort of thing using simple ASP redirects.

In all of these examples you are going to want to protect the pages you send these users to accordingly.
So that if they know the url they just cant go their directly without loging in.

Redirecting example..
This page will redirect admins or level 4 users to a certain page  and anyone else to
another page.
 
 
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
If Session("Admin") = "True" or Session("Access_Level") = "4"  Then
    Response.Redirect("sompage.asp")
Else
    Response.Redirect("someotherpage.asp")
End If
%>

Redirecting example..
This page will redirect level 1 users to a certain page. level 2 users to certain page, and anyone else to
another page.
 
 
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
If Session("Access_Level") = "1"  Then
    Response.Redirect("level1.asp")
ElseIf Session("Access_Level") = "2" Then
    Response.Redirect("level2.asp")
Else
    Response.Redirect("allothers.asp")
End If
%>

Redirecting example..
This page will redirect user "PistolPete" to a certain page.

 
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
If Session("Username") = "PistolPete" Then
    Response.Redirect("somedirectory/somepage.asp")
End If
%>

 
then just make sure the page you send the user to to also checks to see if the user is the right user.... to make sure others users can't access each others pages
 
<%
If Session("Username") <> "PistolPete" Then
    Response.Write("You do not have access to this page.")
    Response.End
End If
%>

etc etc etc.... these code snippets should point you in the right direction...

Added: November/15/2004 at 12:00pm | IP Logged

that wont work the way you did it because groups are not stored like like.

groups are stored "*1*"
or "*1*,*9,*"

so if you test for them you must do so using the InStr function of vbscript

example:

If InStr(Session("Groups"),"*1*") Then
    ' do whatever
End If

also.. as for the session variable
it should be    Session("Groups")

And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved

Session("Groups") = CmdCheckUser("Groups")

If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value

Added: August/16/2005 at 1:38pm | IP Logged

I am attempting to have the page dedirect from the group, as some of my users are part of different and multiple groups (they are not structured in access levels, b/c they cannot be part of multiple levels(?)).  So I think I need to redirect by group.  I am having trouble having this work correctly.

-j

Added: August/16/2005 at 3:51pm | IP Logged

The login page sends the user to redirect.asp (which is as follows)

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
If InStr(Session("Groups"),"*1*") Then
    Response.Redirect("gp01.asp")
End If
%>

<%
If InStr(Session("Groups"),"*2*") Then
    Response.Redirect("gp02.asp")
End If
%>

I am not being redirected to gp02.asp if I am a member of group2.  Also, we wish users who are part of group 2 and 3 to go to a different page (ie. gp2-3.asp)

Thanks in advance.

Added: August/16/2005 at 5:30pm | IP Logged

The file check_user_inc.asp as the lines: (which include Session("groups")

 Here we set some valus about the user into session variables
   Session("PasswordAccess") = "Yes"
   Session("Access_Level") = CmdCheckUser("Access_Level")
   Session("Admin") = CmdCheckUser("Admin")
   Session("Active") = CmdCheckUser("Active")
   Session("Expiration_Date") = Expiration_Date
   Session("User_ID") = CmdCheckUser("User_ID")
   Session("Groups") = CmdCheckUser("Groups")
   Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
   Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
   Session("Username") = CmdCheckUser("Username")

Added: August/16/2005 at 5:53pm | IP Logged

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
    Response.Write(Session("Groups"))
%>

Added: August/16/2005 at 6:32pm | IP Logged

I am brought to a logon page in which I cannot access the page.  This must be due to the check_user_inc.asp include.  Without the include I get a blank page.

Added: August/16/2005 at 6:44pm | IP Logged

that really does not make any sense...

I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...

redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works

let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.

but then maybe your using 7.. I do not know

this should all work the same either way

Added: August/16/2005 at 7:37pm | IP Logged

maybe this is the issue...

do you realize that the descriptive name you give a group is not always going to be the same ID in the database ? The two are not related.

Perhaps what you named Group 1 is really group ID 3

You can tell for sure by generating protection code for group 1 and see what ID it tells you to use..



You also need to remember that you are testing this with different users and it is really easy to get confused so you need specifically log off using the log off page to ensure session info from the previous login doesn't show up and cause confusion when you log in with a different user... etc etc

in addition to logging off that way you may also want clear the session and application info via the code at the bottom of my article
http://www.powerasp.com/content/new/displaying-session-and-a pplication-variables.asp

and do that in between any user you log in as

Added: August/16/2005 at 7:46pm | IP Logged

The protection code for my group3 is:

<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * GP03 * ) -->
<% GROUPACCESS = "3" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!-- End ASPProtect Code -->

btw - sorry but I am using v7
and thanks for the assistance

Added: August/16/2005 at 7:53pm | IP Logged

this could go on forever...

if you want PM "private message" me info to log into your site.. show me the pages we are dealing with...

and I will take a look at it all...

CJW

Added: August/16/2005 at 9:45pm | IP Logged

ok... lets forget about all this redirecting business for a minute

when I go to "GP01.asp" directly via your web site I get a big nasty error that says this

Microsoft VBScript compilation error '800a0411'

Name redefined

/protect/config_inc.asp, line 15

Dim  Address_Required,CDONTS_Installed,City_Required,Registration _Type,VerifyURL,Log_Off_Page
----^ 

then when I look at what you did in that file I see why

you have this code which is totally wrong because you cannot include the password protection file twice

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<% GROUPACCESS = "*1*" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

it should be

<%@ LANGUAGE="VBSCRIPT" %>

<% GROUPACCESS = "*1*" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

and that is probably the root of this entire problem.. the redirection was working...
but you were sending them to invalid pages with errors

all those pages are wrong...

if you dont see the real error above see this

http://support.cjwsoft.com/code/moreinfo11-1.htm

if you look over the aspprotect 7 installation instructions that is the very 1st thing I tell people to do

hopefully this is the info you need to continue and get some work done

Added: August/16/2005 at 10:06pm | IP Logged

when you get back to work.. your   "redirect.asp" needs the password include file at the top of it.. or that wont work either..

and of course those pages you send people to all need to be repaired

Added: August/17/2005 at 2:33pm | IP Logged

  Much thanks, the duplicate incl's I spaced on and should have caught.  The hidden form variable was a key issue.  Thanks for the syntax and the help.  Now I get this page together. j  As a note - I got faster results by dropping my timeout to 3 minutes temporarily while progging and cleared browser cache between tests.  Thanks again.