<%
Option Explicit
%>
<%
' Names of roles users may log in as
Const AdvisorRoleName = "Advisor"
Const GuestRoleName = "Guest"
Const TeleconferenceRoleName = "Teleconference"
Const AdminRoleName = "Admin"
' Returns the user name of the current user.
Function GetCurrentUserName( _
)
GetCurrentUserName = Session( "MM_Username" )
End Function
' Returns the role name of the current user.
Function GetCurrentRoleName( _
)
GetCurrentRoleName = Session( "MM_RoleName" )
End Function
' Validates that the current user is logged in and in the correct role. If the user is not logged
' in or not in the correct role, he/she is redirected to a login page.
Sub AuthorizeCurrentUser( _
RoleName, _
LoginPage _
)
Dim MM_grantAccess
Dim MM_qsChar
Dim MM_referrer
' *** Restrict Access To Page: Grant or deny access to this page
MM_grantAccess=false
' If the user is logged in,
If GetCurrentUserName( ) <> "" Then
' and if the user is in the correct role for this page,
If GetCurrentRoleName( ) = RoleName Then
' The user is grnated access
MM_grantAccess = true
End If
End If
' If the user is not allowed to view this page,
If Not MM_grantAccess Then
' Redirect the user to the appropriate login page
MM_qsChar = "?"
If (InStr(1,LoginPage,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
LoginPage = LoginPage & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
Response.Redirect(LoginPage)
End If
End Sub
%>
<%
AuthorizeCurrentUser AdminRoleName, "admin_login.asp"
%>
Welcome to Centurion Counsel, Inc.
