[thelist] ASP, HTTP_REFERRER, Session questions

Anthony Baratta Anthony at Baratta.com
Fri Sep 21 00:39:30 CDT 2001

First off you shouldn't have to worry about spiders. How can they get to 
your subscriber content if they can't login. (Plus the way I recommend to 
grab that data is not affect by referers.) Second, I'm not sure what you 
mean by "QueryString and all" since you mention they will be getting to the 
login page by clicking a link on the page. Also how big will your 
querystring be?

There are a few ways to tackle this:

One is to generate a login page when someone attempts to access "member 
only" content via a function call. This allows you to deal with the login 
"from within the called page" and gives you IMHO more flexibility than the 
redirect (option two) since you don't have to pass session variables or 
querystrings around.

Two is to redirect to a login script, but if you want to "get back" you 
need to pass enough informaiton to the login script to help it redirect 
back to the "calling" page. You can stuff this information into a Session 
Object for later retrieval using the Request.ServerVariables("SCRIPT_NAME") 
and Request.ServerVariables("QUERY_STRING") [which is my preferred method 
if I can't do option one] or by stuffing this information into a 
QueryString and handing it off to the login script.

Three is stuff all the information into a form and post to the login 
script. This is a little cleaner from a URL perspective but still not as 
clean as option one, IMHO.

Anthony Baratta
Keyboard Jockeys

"Conformity is the refuge of the unimaginative."

More information about the thelist mailing list