ASP Login with Referrer???

Ok I have a basic login setup login.asp which redirects users to page.asp

In the page.asp file I have the following setup so that it will redirect users NOT logged in to the login page.

<%
if session("member")=session("") then
response.redirect "login.asp?return=" & _
request.servervariables("script_name") & "?" & _
server.urlencode(request.querystring)
end if
%>

Now at the login page it then looks like this:

login.asp?return=pageasp?del%3Dconfirm%26ID%3D34

Unfortunately all that formatting/encoding messes up my numbers and when the login is complete it only takes me to page.asp?del=confirm

when it really should be : page.asp?del=confirm&ID=34 -------- Why are the = signs getting written as %3D?

I tried removing the server.urlencode part so that it only showed as "request.querystring". When doing this everything displayed ok and the url looked like this: login.asp?return=page.asp?del=confirm&ID=34

However after the login I was still taken to page.asp?del=confirm

Any ideas would be appreciated, thanks.

Where does the ID get added to the querystring? Using the code above, only the current script name is appended.

Also, what's the point of 'if session("member") = session("")'?? Just use the code 'if session("member") = ""'

the ID gets added with the del=confirm&ID=11


I got that part off an asp site, I just copied their whole code for doing a redirect like that.

My original code used to be:

<%
ifsession("member")=session("") then
response.redirect "login.asp"
end if
%>

And it worked fine.

I'm wondering if somehow I can pass the return to url to the login.asp script without posting it like :
login.asp?return=page.asp?del=confirm&ID=34

Any ideas, examples are appreciated. Thanks.

For some reason it drops the &ID=41 and the error on the page is this:



Microsoft OLE DB Provider for ODBC Driverserror '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression 'ID='. /page.asp, line 462

Show us the code that adds the ID to the querystring.
Use instead of what you have. It's inefficient to access system objects when you don't need to.

<%
response.redirect "login.asp?return=" & _
request.servervariables("script_name") & "?" & _
request.querystring
end if
%>

This code snippet was found on a sample here on the DevArticles site.

The ' "?" & _ request.querystring' picks up the string from the requested page:

page.asp?del=confirm&ID=41

It then kicks me over to the login.asp page and looks like this:

login.asp?return=page.asp?del=confirm&ID=34

One the login is complete, unfortunately I am taken to:

page.asp?del=confirm

For some reason like I said, the ID is passed to the login script, and its supposed to redirect me to the full requested url.

Now the kicker is if I request a query like:

page.asp?section=print

It is then passed to : login.asp?return=page.asp?section=print

Once logged in everything is ok and I am taken to the requested page.

It just seems like its dropping the second part of the queries out.

request.servervariables("SCRIPT_NAME") only gets the NAME of the script, not the query string values that follow.

Use request.servervariables("QUERY_STRING") to get the qry string values.

Before you go too much further, I'd recommend at least reading the ASP documentation, and a few beginner tutorials, before posting again.