我有一个.asp页,该页使用会话变量来显示特定于管理员与非管理员的项目。除以下内容外,此方法在我的网站上各处均可使用:
我有一个表单页面,该页面仅允许SESSION(“ adminrole”)=“ admin”使用表单和记录各部分的各个字段来更新记录。
如果SESSION(“ adminrole”)=“ nonadmin”,则页面上将包含其他VB脚本
这是我在ASP页顶部的示例代码
@IBAction func onSignUp(_ sender: Any) {
print("Sign Up pressed")
isValidUsername(username: usernameTextField.text!)
print("[SIGN UP] - Username: \(usernameVerified)")
isValidEmail(email: emailTextField.text!)
print("[SIGN UP] - Email: \(emailVerified)")
isValidPassword(password: passwordTextField.text!)
print("[SIGN UP] - Password: \(passwordVerified)")
if passwordVerified && emailVerified && usernameVerified {
Auth.auth().createUser(withEmail: emailTextField.text!, password: passwordTextField.text!) { (authResult, error) in
if error != nil {
self.errorLabel.alpha = 1
self.errorLabel.text = error?.localizedDescription
self.shake(viewToShake: self.errorLabel)
return
}
guard let user = authResult?.user else {
return
}
//Successfully Authenticated User
let ref = Database.database().reference(fromURL: "https://heytest.firebaseio.com/")
let usersReference = ref.child("users").child(user.uid)
let values = ["username": self.usernameTextField.text!, "email": self.emailTextField.text!, "games-played": "0"]
usersReference.updateChildValues(values, withCompletionBlock: { (err, ref) in
if err != nil {
print(err!)
return
}
//Successfully registered user's data to database
print("[SIGN UP] - Successfully Signed Up")
self.errorLabel.alpha = 0
self.present((self.storyboard?.instantiateViewController(withIdentifier: "TabBarViewController"))!, animated: false, completion: nil)
})
}
} else {
errorLabel.alpha = 1
shake(viewToShake: errorLabel)
print("Password/Email/Username verification not complete!")
print("[SIGN UP] - Password: \(passwordVerified)")
print("[SIGN UP] - Username: \(usernameVerified)")
print("[SIGN UP] - Email: \(emailVerified)")
}
}
//MARKUP: Validations/Verifications
//Email Verification (Must follow correct email format: example@gmail.com)
func isValidEmail(email: String) {
let emailRegex = "[A-Z0-9a-z._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,4}"
var valid = NSPredicate(format: "SELF MATCHES %@", emailRegex).evaluate(with: email)
if valid {
valid = !email.contains("Invalid email id")
}
if valid == false {
emailLabel.textColor = UIColor.red
emailLabel.text = "EMAIL INVALID"
emailTextField.layer.addBorder(edge: UIRectEdge.bottom, color: UIColor.red, thickness: 1.5)
} else {
emailVerified = true
emailTextField.layer.addBorder(edge: UIRectEdge.bottom, color: UIColor.black, thickness: 1.5)
emailLabel.textColor = UIColor.black
emailLabel.text = "EMAIL"
}
}
//Password Verification (Must be greater than 8 digits
func isValidPassword(password: String) {
let passwordRegex = ".{8,}"
var valid = NSPredicate(format: "SELF MATCHES %@", passwordRegex).evaluate(with: password)
if valid {
valid = !password.contains("Invalid password id")
}
if valid == false {
passwordLabel.textColor = UIColor.red
passwordLabel.text = "PASSWORD MUST BE AT LEAST 8 DIGITS"
passwordTextField.layer.addBorder(edge: UIRectEdge.bottom, color: UIColor.red, thickness: 1.5)
} else {
passwordVerified = true
passwordTextField.layer.addBorder(edge: UIRectEdge.bottom, color: UIColor.black, thickness: 1.5)
passwordLabel.textColor = UIColor.black
passwordLabel.text = "PASSWORD"
}
}
//Username Verification (Must be between 3-15 charaters w/ username not taken)
func isValidUsername(username: String) {
let usernameRegex = ".{3,15}"
var valid = NSPredicate(format: "SELF MATCHES %@", usernameRegex).evaluate(with: username)
if valid {
valid = !username.contains("Invalid username id")
}
if valid == false {
usernameLabel.textColor = UIColor.red
usernameLabel.text = "USERNAME MUST BE 3-15 CHARS"
usernameTextField.layer.addBorder(edge: UIRectEdge.bottom, color: UIColor.red, thickness: 1.5)
} else {
let ref = Database.database().reference(fromURL: "https://heytest.firebaseio.com/")
let usernamesRef = ref.child("users")
usernamesRef.queryOrdered(byChild: "username").queryEqual(toValue: username).observeSingleEvent(of: .value, with: { (snapshot) in
// if there is data in the snapshot reject the registration else allow it
if (snapshot.value! is NSNull) {
self.usernameVerified = true
print("[SIGN UP] - Username: \(self.usernameVerified)")
self.usernameTextField.layer.addBorder(edge: UIRectEdge.bottom, color: UIColor.black, thickness: 1.5)
self.usernameLabel.textColor = UIColor.black
self.usernameLabel.text = "USERNAME"
} else {
self.usernameVerified = false
self.usernameTaken = true
self.usernameLabel.textColor = UIColor.red
self.usernameLabel.text = "USERNAME TAKEN"
self.usernameTextField.layer.addBorder(edge: UIRectEdge.bottom, color: UIColor.red, thickness: 1.5)
}
}) { (error) in
print(error.localizedDescription)
}
}
}
我已验证SESSION(“ adminrole”)是用户在我的位置登录Response.write时所声明的内容,以便我可以直观地看到该用户的会话角色名称。
问题在于,无论是谁登录,都会被包含的包含页面用于NON Admin角色-并且永远不会第一个包含文件
答案 0 :(得分:1)
这里的问题是IIS中的处理顺序。在处理VBScript之前,将执行服务器端包含。使用其他方法在页面中包含首选脚本-
请参阅此链接中的示例: http://www.4guysfromrolla.com/webtech/022504-1.shtml
示例代码:
<%
Dim strInclude
Dim I_want_to_include_file_1
I_want_to_include_file_1 = True
If I_want_to_include_file_1 = True Then
strInclude = getMappedFileAsString("include1.asp")
Else
strInclude = getMappedFileAsString("include2.asp")
End If
Execute strInclude
%>
因为此方法不使用内置的IIS include,所以代码 该页面运行时将运行,但仅包含一个文件。 显示了getMappedFileAsString(filepath)函数的代码 下面。本质上,它将获取指定内容的完整内容 filepath,以字符串形式返回文件的内容。
Function getMappedFileAsString(byVal strFilename)
Const ForReading = 1
Dim fso
Set fso = Server.CreateObject("Scripting.FilesystemObject")
Dim ts
Set ts = fso.OpenTextFile(Server.MapPath(strFilename), ForReading)
getMappedFileAsString = ts.ReadAll
ts.close
Set ts = nothing
Set fso = Nothing
End Function