Hello all. I'm working on a site right now that requires a user to log in. When a user requests a page, it checks to see if they're logged in. If they're not logged in, the page the user tried to access is stored in a Session variable (RequestedPage) using Request.ServerVariables("SCRIPT_NAME") and the user is redirected to the login page. Once they log in, they are redirected back to the requested page using Response.Redirect(Session("RequestedPage")).

That usually works fine, but on some occasions the user will request a page that contains data in a querystring, but the session variable doesn't contain that info.

For example, if the user requests:
http://servername/funpage.asp
The session variable holds:
funpage.asp

But, if the user requests:
http://servername/funpage.asp?variable=1
The session variable still holds:
funpage.asp

Is there a better command/group of commands for me to use to retrieve the entire URL of the requested page? I was told in a course to use the SCRIPT_NAME server variable, but don't really understand why and don't know what a better choice would be.

Thanks in advance,
TBor

Hi,
understand what you are trying to do. Not 100% sure but i think its got to go with the limitations of ServerVariables("SCRIPT_NAME"), basically it will not and never contain the querystring. You will have to figure out another way to do the same thing.
Let me help you with that. You basically hard code it, on every page you will have some form of if statement,

if loggedInAs = "" then
resposne.redirect "login.asp?pagename="&pagename&""
else
'display the contents of the secured page.
end if

So if you have this code then just before i would do something like this:

pagename = "securepage1.asp"


On your login page when you have confirmed that the user has loggin in have:


pagename = request.quesrystring("pagename")
'then have
response.redirect ""&pagename&""


Hope this helps

That's pretty much what I'm doing now, if I understand correctly. The difference is that I'm storing the requested page in a session variable rather than passing it to my login page in the querystring.

The problem I'm having is storing the requested page's URL in the session variable if the requested page has a querystring of its own.

For instance, if a user tries to go to the page "pagename.asp?variable=1" and isn't logged in, I want to stored "pagename.asp?variable=1" in a session variable and forward them to the login screen. However, using Request.ServerVariables("SCRIPT_NAME") only returns "pagename.asp", and I lose the querystring.

I sure hope there's some way of doing this, because it's pretty important to what I'm trying to do with my site. Basically, I want to be able to be able to send someone an email link to a specific form, with the form ID in the querystring. I've got a page "viewform.asp" that looks for a variable "FormID" in the querystring. Viewform.asp retrieves the data for the form specified by FormID from a database and fills the form in. If there's no FormID specified, there's nothing to display.

Therefore, if I sent someone a link to "viewform.asp?FormID=10" and they clicked it, most likely they'd be starting a new session and would be redirected to the login screen. But, once they've logged in they would be redirected to "viewform.asp", which without a FormID specified would be blank to them (or, in my case, tell them to specify a FormID).

Any other ideas, or am I misunderstanding things?
TBor

Thanks Dave. I guess I was typing so long you got in with the answer ahead of me submitting mine. This works great!

Just for the record, in case anyone else runs into the same issue, I had to use this format to get the link right:

Session("RequestedPage") = Request.ServerVariables("SCRIPT_NAME") & "?" & Request.ServerVariables("QUERY_STRING")

Thanks again!
TBor

My two cents. If you would like to be lazy, you can make a function like this and include this on each page and call it before you do any other scripting:

Sub CheckLogin()
Dim sRedirectBackTo

Session("RequestedPage") = ""
If Len(sessionLoginvar)) = 0 Then
sRedirectBackTo = Request.ServerVariables("SCRIPT_NAME")
If Len(Request.ServerVariables("QUERYSTRING")) > 0 Then
sRedirectBackTo = sRedirectBackTo & "?" & _
Request.Servervariables("QUERYSTRING")
End if
Session("RequestedPage") = sRedirectBackTo
Response.Redirect("login.asp")
End If
End Sub


And Call this function in each page:
CheckLogin

Hope this helps..

-Rogier Doekes