dynamitedj
New Member
Ok...I am trying to do forms authentication on a site but i want different sets of users to be able to get to different directories.<BR><BR>The usernames and passwords are stored in a database along with an accesslevel.<BR><BR>How can i do forma authentication to be able to let the users will an accesslevel of 2 to access the level2 folder but not the people with an accesslevel of 1?<BR><BR>I am able to set up the basic forms auth but i don't know how to tell if the user is trying to access the level1 folder of the level2 folder<BR><BR>Any Ideas?<BR>ok do this. When the user is requested for his username/pass when he logs in have a hidden form feild that pulls the access level variable from the database and have it stored in the users session. Then at the top of each page include this code:<BR><!-- #include FILE="lock.inc" --><BR>then in the lock.inc file include this code:<BR><%<BR>Response.Buffer = True<BR>Response.Expires = -1000<BR>If Session(SiteID + "Authentication") = False Then<BR> Response.Redirect "accessdenied.asp"<BR>End If<BR>%><BR>note this last bit of code was written in classic ASP so you may need to change it a litte in terms of the Session(SiteID + Authentication) method but it should work, also i do have code that i know works ro do exactly what u r doing but its used with an XML file but if u could change it then it would work fine please email me at [email protected] if u want this code.I was able to figure it out<BR><BR>you can set up roles for each user...<BR><BR>there is an artical on 4guys