An XSSI Library Article

Simple Authorization
Developed by Michael Daines

I wrote this simple authorization "script" for a game I was doing. It takes input from a form in the QUERY_STRING of an URL. Obviously, you'd just have two fields named, say, "user" and "pass". The form action would be a file with some name like "auth.html". The commands should be included in the portion of the file.

As you can see, if the QUERY_STRING variable includes the right username, a meta tag is printed that directs to browser to the right page- or in this case, the right directory.

This simple security system doesn't work on all browsers, just those supporting the HTTP-EQUIV META tag. If you'd like your code to be super-compatible, just print a link for users to follow.

Michael Daines

<!--#if expr="$QUERY_STRING = 'user=guest&pass=guest'" -->
<META HTTP-EQUIV="Refresh" CONTENT="1; URL=level1ofsecurity/index.html">
<!--#elif expr="$QUERY_STRING = 'user=some_user&pass=123'" -->
<META HTTP-EQUIV="Refresh" CONTENT="1; URL=level2ofsecurity/index.html">
<!--#else -->
<META HTTP-EQUIV="Refresh" CONTENT="1; URL=loginpage.html">
<!--#endif --> 

XSSI Library:
http://www.ordersomewherechaos.com/rosso/xssi/