K
Kevin Blount
My current site uses a ASP, database driven, ID based system to allow
people to download files they have the right permissions to, as well as
to send an email to them with necessary support links and passwords and
an email to us with 'who did what and when' info.
a typical link from this system might be
http://www.oursite.com/getfile.asp?id=123
My current task is to allows link directly to the file (for a cleaner
looking link, I suppose) but still drive the emails, etc. My thought
was to use a combo of ASP.NET dlls and IIS6, which for the most parts
works. Esentially I just associate the .exe file extension with
aspnet_isapi.dll and then use web.config and a .net script (index.aspx)
to check permissions etc.
index.aspx does a few things:
1 - checks for existing cookies to see if they are logged into our site
2 - redirects to login page if not
3 - when they are logged in, it checks their user ID against the
database for access to the file
4 - if granted, it sends the emails
5 - it uses FormsAuthentication.RedirectFromLoginPage to give them the
file.
the issue is that the next file they want does NOT do steps 1 thru 4
above, because step 5 sets a cookie, which I have no contorl over, and
that cookies is available for the whole session, so no checks are made,
and no emails are sent.
What I'm looking for it either an alternative to
'FormsAuthentication.RedirectFromLoginPage', which doesn't *redirect*
to the file (as this instigates index.aspx and causes an infinite
loop), or a total new way to link directly to a filename and perform
actions before the file is given to the user.
any ideas??
people to download files they have the right permissions to, as well as
to send an email to them with necessary support links and passwords and
an email to us with 'who did what and when' info.
a typical link from this system might be
http://www.oursite.com/getfile.asp?id=123
My current task is to allows link directly to the file (for a cleaner
looking link, I suppose) but still drive the emails, etc. My thought
was to use a combo of ASP.NET dlls and IIS6, which for the most parts
works. Esentially I just associate the .exe file extension with
aspnet_isapi.dll and then use web.config and a .net script (index.aspx)
to check permissions etc.
index.aspx does a few things:
1 - checks for existing cookies to see if they are logged into our site
2 - redirects to login page if not
3 - when they are logged in, it checks their user ID against the
database for access to the file
4 - if granted, it sends the emails
5 - it uses FormsAuthentication.RedirectFromLoginPage to give them the
file.
the issue is that the next file they want does NOT do steps 1 thru 4
above, because step 5 sets a cookie, which I have no contorl over, and
that cookies is available for the whole session, so no checks are made,
and no emails are sent.
What I'm looking for it either an alternative to
'FormsAuthentication.RedirectFromLoginPage', which doesn't *redirect*
to the file (as this instigates index.aspx and causes an infinite
loop), or a total new way to link directly to a filename and perform
actions before the file is given to the user.
any ideas??