Login Script based on Email, IP and sql server backend

Discussion in 'ASP General' started by Guest, Jul 26, 2004.

  1. Guest

    Guest Guest

    My questions concerns building a login system based on checking for the
    existence of the user's email address only....

    1. Is it ok for me to use IP address to allow user to bypass all login and
    registration systems if IP is present in database? I wish to save the user
    time....if the IP is not present I will present the LOGIN email screen....

    2. I am consideirng using Session variable on each page I wanted I
    protected...I think I know how to do this but I am not sure on whether I
    should be using the global.asa to handle loggin in or logging out or whether
    I should so all the code on the secure page itself.

    3. I wish to use a sql server backend to house my tables: tblProspect,
    tblProspectPageSelections......is it okay to use the following branching
    code to switch between my test and production server with regards the
    physical database path as I have multiple sites on our remote server which
    need to feed off the same database....I am thinking about something like
    this:

    If InStr(Request.ServerVariables("SERVER_NAME"), "publicserver.com") > 0
    Then
    ' Set Public Server Paths
    Else
    ' Set Private Server Paths
    End If

    Can this work?

    Many thanks
    Jason
     
    Guest, Jul 26, 2004
    #1
    1. Advertising

  2. Guest

    Guest Guest

    Thank, Curt, this is something I had not considered...I guess I could use
    internal IP to help employees bypass login screens....I will revert to
    'email' check for outsiders...




    "Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
    news:...
    > If this is internal, I suppose....but
    > 1) are you using DHCP for addresses? this means they may change.
    > 2) if this is external then it wont work. May places use a masked IP, in
    > other words an entire company of people may show as a single IP to the
    > outside world.
    >
    > --
    > Curt Christianson
    > Owner/Lead Developer, DF-Software
    > Site: http://www.Darkfalz.com
    > Blog: http://blog.Darkfalz.com
    >
    >
    > <> wrote in message
    > news:e$...
    > > My questions concerns building a login system based on checking for the
    > > existence of the user's email address only....
    > >
    > > 1. Is it ok for me to use IP address to allow user to bypass all login

    and
    > > registration systems if IP is present in database? I wish to save the

    user
    > > time....if the IP is not present I will present the LOGIN email

    screen....
    > >
    > > 2. I am consideirng using Session variable on each page I wanted I
    > > protected...I think I know how to do this but I am not sure on whether I
    > > should be using the global.asa to handle loggin in or logging out or

    > whether
    > > I should so all the code on the secure page itself.
    > >
    > > 3. I wish to use a sql server backend to house my tables: tblProspect,
    > > tblProspectPageSelections......is it okay to use the following branching
    > > code to switch between my test and production server with regards the
    > > physical database path as I have multiple sites on our remote server

    which
    > > need to feed off the same database....I am thinking about something like
    > > this:
    > >
    > > If InStr(Request.ServerVariables("SERVER_NAME"), "publicserver.com") > 0
    > > Then
    > > ' Set Public Server Paths
    > > Else
    > > ' Set Private Server Paths
    > > End If
    > >
    > > Can this work?
    > >
    > > Many thanks
    > > Jason
    > >
    > >

    >
    >
     
    Guest, Jul 27, 2004
    #2
    1. Advertising

  3. Guest

    Guest Guest

    Curt, I am returning to this theme after reading this article:

    http://www.15seconds.com/issue/981104.htm
    An IP address-based schema presented here assumes the IP address for a given
    machine remains constant. For most networks it is constant. For a few
    networks IP addressing is dynamic where the address will change for a
    machine with each start up, and sometimes even during operation. The
    security schema presented won't work if the IP address changes while the
    user machine is on; however, this is rare (i.e., I think AOL proxy servers
    do this for dial-in clients).

    '---

    I was wondering what your thoughts on this solution.

    Many thanks

    Jason





    "Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
    news:...
    > If this is internal, I suppose....but
    > 1) are you using DHCP for addresses? this means they may change.
    > 2) if this is external then it wont work. May places use a masked IP, in
    > other words an entire company of people may show as a single IP to the
    > outside world.
    >
    > --
    > Curt Christianson
    > Owner/Lead Developer, DF-Software
    > Site: http://www.Darkfalz.com
    > Blog: http://blog.Darkfalz.com
    >
    >
    > <> wrote in message
    > news:e$...
    > > My questions concerns building a login system based on checking for the
    > > existence of the user's email address only....
    > >
    > > 1. Is it ok for me to use IP address to allow user to bypass all login

    and
    > > registration systems if IP is present in database? I wish to save the

    user
    > > time....if the IP is not present I will present the LOGIN email

    screen....
    > >
    > > 2. I am consideirng using Session variable on each page I wanted I
    > > protected...I think I know how to do this but I am not sure on whether I
    > > should be using the global.asa to handle loggin in or logging out or

    > whether
    > > I should so all the code on the secure page itself.
    > >
    > > 3. I wish to use a sql server backend to house my tables: tblProspect,
    > > tblProspectPageSelections......is it okay to use the following branching
    > > code to switch between my test and production server with regards the
    > > physical database path as I have multiple sites on our remote server

    which
    > > need to feed off the same database....I am thinking about something like
    > > this:
    > >
    > > If InStr(Request.ServerVariables("SERVER_NAME"), "publicserver.com") > 0
    > > Then
    > > ' Set Public Server Paths
    > > Else
    > > ' Set Private Server Paths
    > > End If
    > >
    > > Can this work?
    > >
    > > Many thanks
    > > Jason
    > >
    > >

    >
    >
     
    Guest, Jul 30, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark
    Replies:
    9
    Views:
    5,137
  2. Dan Walls
    Replies:
    6
    Views:
    847
    Rajesh.V
    Oct 22, 2003
  3. =?Utf-8?B?TWlrZQ==?=

    Access vs. SQL backend?

    =?Utf-8?B?TWlrZQ==?=, Apr 29, 2004, in forum: ASP .Net
    Replies:
    3
    Views:
    518
    =?Utf-8?B?TWlrZQ==?=
    Apr 29, 2004
  4. Ted
    Replies:
    1
    Views:
    445
  5. Eric

    SQL Server BackEND Populates Datagrid with HTML Snipets

    Eric, Apr 2, 2004, in forum: ASP .Net Datagrid Control
    Replies:
    2
    Views:
    146
Loading...

Share This Page