meenu
|
| Posted: 05/04/2002, 5:26 AM |
|
Sir,
I am developing an application in which I want to access a particular page (single page)
to a perticular user_level (say 6,7,8 etc). At present if I use the custom security
and authenticate a page to user_level say 5, then the user is also access the page which
is available to the user_level 1,2,3 and 4 .
I want user can access only its page say authenticate level 5.
How can I do in CC.
|
|
|
 |
Ken Hardwick
|
| Posted: 05/04/2002, 8:26 AM |
|
You didn't indicate program language you use..but here is suggestion for ASP
I have not actually tried the following so do not hold me to this...but I think
the following should work..
1) If all your web pages will use same concept..ie..all pages for a specific
security level...then add the following to your global functions..
' Verify user's security level and redirect to login page if needed
'-------------------------------
function CheckSecurity(iLevel)
if Session("UserID") = "" then
cn.Close
Set cn = Nothing
response.redirect("Default.asp?QueryString=" & toURL(request.serverVariables("QUERY_STRING")) & "&ret_page=" & toURL(request.serverVariables("SCRIPT_NAME")))
else
if CLng(Session("UserRights")) = CLng(iLevel) then
cn.Close
Set cn = Nothing
response.redirect("Default.asp?QueryString=" & toURL(request.serverVariables("QUERY_STRING")) & "&ret_page=" & toURL(request.serverVariables("SCRIPT_NAME")))
end if
End if
end function
2)If you want to do this only on certain pages, then rename this..like
and then on those specific pages...then in page/custom security add..
CheckSecurityEQUAL()
' Verify user's security level and redirect to login page if needed
'-------------------------------
function CheckSecurityEQUAL(iLevel)
if Session("UserID") = "" then
cn.Close
Set cn = Nothing
response.redirect("Default.asp?QueryString=" & toURL(request.serverVariables("QUERY_STRING")) & "&ret_page=" & toURL(request.serverVariables("SCRIPT_NAME")))
else
if CLng(Session("UserRights")) < CLng(iLevel) then
cn.Close
Set cn = Nothing
response.redirect("Default.asp?QueryString=" & toURL(request.serverVariables("QUERY_STRING")) & "&ret_page=" & toURL(request.serverVariables("SCRIPT_NAME")))
end if
End if
end function
|
|
|
|
Meenu
|
| Posted: 05/09/2002, 5:10 AM |
|
Thanks dear Ken,
I tried this but sorry, It wont work.
If I login as a user who have a user_level say 2, the user is able to access the pages whose authenticate Level is 1 and 2 both. It I logged-in as a user_level say 4, I am able to access the all pages for the user_level 1,2,3 and 4.
I want if I logged as a user_level say 4, then I can access only the pages whose authenticate user_level is 4 ONLY not others pages.
Please help me
meenu
|
|
|
|
alex
|
| Posted: 05/09/2002, 10:50 PM |
|
Dear Ken,
Please give the solution urgently. I also need this. Only the user_level pages is accessed
to the user not all the pages that authenticate level is low then the user_level.
Alex
|
|
|
|
|
