Access Restriction with Classic ASP

0

I'm putting an access restriction clause.

I created a table with the people that can access, my intention is that the ones that can access are directed to the page and those that can not be directed to another

But there is something wrong

usuario = right(Request.servervariables("LOGON_USER"),7)

set RSUSER = conexao.execute("SELECT usuario FROM tabela ")


if usuario = RSUSER("usuario") 
    then response.redirect("../index.asp")
    else 
    response.redirect("acesso_restrito.asp")
}
    
asked by anonymous 06.12.2018 / 18:52

2 answers

1

I believe you should check whether the user is contained in the table or not, rather than just consist of returning the query. I am considering that there is a LOGIN field in the table. If it is another field, just use the in WHERE. Example:

usuario = right(Request.servervariables("LOGON_USER"),7)
set RSUSER = conexao.execute("SELECT TOP 1 1 FROM tabela WHERE login = " & usuario )
'aqui verifico se contém retorno. Se sim, significa que o usuário está na tabela em quetão.
if not RSUSER.EOF then 
    response.redirect("../index.asp")
else 
    response.redirect("acesso_restrito.asp")
end if

conexao.close()
    
06.12.2018 / 19:08
0

I did it! Actually, there was only one loop to go through the entire table records.

    
06.12.2018 / 21:19