Results 1 to 8 of 8

Thread: Possible to bypass .ASP pages?

  1. #1
    Junior Member
    Join Date
    Feb 2003
    Posts
    4

    Possible to bypass .ASP pages?

    I know how they work, they want to make you redirect somewhere else. But is it possible to bypass them? Thanks!

  2. #2
    Redirection isn't all that .ASP pages do, not by far...

    Can you explain your question a little better? Are you trying to by-pass a .ASP login page or something? What is the situation? Warning though, if it is for malicious purposes, you'll find no help here...
    - Maverick

  3. #3
    Junior Member
    Join Date
    Feb 2003
    Posts
    4
    It is not intended for "bad" purposes. I'm wondering i set up a log-in page with a .asp ending and all, can people bypass it...

  4. #4
    Senior Member
    Join Date
    Nov 2002
    Posts
    174
    What are you trying to accomplish though? Are you trying to make sure they go THROUGH your page and that they cannot directly load the page you forward them to?

    We need specifics in order to help out. Vague questions get vague answers. Please elaborate and we'll be happy to help out.
    Mike Reilly
    bluebeard96@yahoo.com

  5. #5
    No, ASP is server side... Unless you really **** up your code it will not be forwarded to the browser. But I reccomend using php if it is available.... With PHP its much easier IMHO
    PHP Code:
    <?
    $pass = $_POST['pass'];
    if($pass == "foo"){
    print('bar')
    } else {
    ?>
    form with a field named pass here
    <? } ?>

  6. #6
    Junior Member
    Join Date
    Feb 2003
    Posts
    4
    I hvae my ASP login page, but if the person knows the direct addy of the page can they get to it?

  7. #7
    Senior Member
    Join Date
    Mar 2002
    Posts
    502
    That depends. You will have to use sessions. This envolves creating cookie functions and saving sessions in a database. You can try to use PHP's internal session functions, but I prefer to create my own ones. Anyways, dont know If ASP also has their own session functions, but I think they do.

    In any case, sessions are required to create a secure shell without using .htaccess and .htpasswd files, in the case of scripting here.

    >>>>> EDIT

    Check out this site. Lotsa tuts on ASP sessions:
    http://www.aspin.com/home/tutorial/objects/session/
    Bleh.

  8. #8
    Junior Member
    Join Date
    Feb 2003
    Posts
    4
    Thanks!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •