Insert a bit of code on each html file that is output
Insert a bit of code on each html file that is output
Hi,
I'd like to make my knowledgebase (made with Flare) secure. to do so, I'd like to insert a session check into each page. I've already created a login page that creates the session.
Any easy way to insert this bit of code into each page that Flare outputs, or would I have to copy and paste it into each html file?
Cheers!
I'd like to make my knowledgebase (made with Flare) secure. to do so, I'd like to insert a session check into each page. I've already created a login page that creates the session.
Any easy way to insert this bit of code into each page that Flare outputs, or would I have to copy and paste it into each html file?
Cheers!
-
- Senior Propellus Maximus
- Posts: 4293
- Joined: Thu Feb 02, 2006 9:29 am
- Location: The Electric City
Re: Insert a bit of code on each html file that is output
I assume you use server sessions and for that use some sort of server side scripting. I haven't tried it recently, but the first Flare versions maliciously destroyed any PHP code that I put in. It is worth a try to see what happens with the current version and if it would work to add the code to a master page. Otherwise you'd need to add the code to the compiled output and that gets very tedious since you'd need to redo it all again after the next compile.
Keep in mind that you approach really only requires that a user has successfully logged in. There is nothing that stops a user from copying the entire knowledge base and doing who knows what with it. So, to "make my knowledgebase (made with Flare) secure" can mean different things. A simple login with the checking code on each page is not much more than crowd control.
Keep in mind that you approach really only requires that a user has successfully logged in. There is nothing that stops a user from copying the entire knowledge base and doing who knows what with it. So, to "make my knowledgebase (made with Flare) secure" can mean different things. A simple login with the checking code on each page is not much more than crowd control.
New Book: Creating user-friendly Online Help
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Re: Insert a bit of code on each html file that is output
You should be able to add it to the default.htm file since that's the frameset that calls all the other topic files, but the default.htm (and default_CSH.htm if you're using CSH) are generated each time you do a build, so you'd have to make the modification after every build (or change it in the Flare program folder to have it affect all projects, but you probably don't want to do that). It'll probably be easier to just make a copy of the modified default.htm and default_CSH.htm files and recopy them back into the output folder after every build.danielrae wrote:Any easy way to insert this bit of code into each page that Flare outputs, or would I have to copy and paste it into each html file?
You'd need to test that thoroughly, though, especially to make sure that advanced features like the search, index, popup windows, etc., don't have a problem with the secure access code in the frameset file.
If it doesn't work in the frameset file, then you could (theoretically) put the code in a masterpage file and have that masterpage applied to all topics. Again, test it, because the masterpage only applies to topics and not to the other features (TOC, index, glossary, etc.).
Lisa
Eagles may soar, but weasels aren't sucked into jet engines.
Warning! Loose nut behind the keyboard.
-
- Senior Propellus Maximus
- Posts: 4293
- Joined: Thu Feb 02, 2006 9:29 am
- Location: The Electric City
Re: Insert a bit of code on each html file that is output
You need to add it to all topics since it is possible to access the topic HTML files directly. It may that the other frames won't load due to the code included, but that may be less of an issue for someone who wants to circumvent the login. The other way around seems to be less of a problem, because none of the content can be accessed even if one clicks on a topic link in the ToC.
New Book: Creating user-friendly Online Help
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Re: Insert a bit of code on each html file that is output
Thanks for the responses.
I will report back once I've had time to "play"
I will report back once I've had time to "play"
Re: Insert a bit of code on each html file that is output
OK, I tried adding my code:
<%If Session("Secure") <> "true" Then
Response.Write("<h1>Not Authorised</h1>")
Response.End
End If
%>
to the default.htm page, but it breaks the page. So if you log in, and have a session, the page still doesn't display. Must not work with framesets...
Looks like I'll have to investigate the MasterPage function more.
If I do make a "MasterPage", would I still have to go and manually insert the code into existing htm pages?
<%If Session("Secure") <> "true" Then
Response.Write("<h1>Not Authorised</h1>")
Response.End
End If
%>
to the default.htm page, but it breaks the page. So if you log in, and have a session, the page still doesn't display. Must not work with framesets...
Looks like I'll have to investigate the MasterPage function more.
If I do make a "MasterPage", would I still have to go and manually insert the code into existing htm pages?
-
- Senior Propellus Maximus
- Posts: 4293
- Joined: Thu Feb 02, 2006 9:29 am
- Location: The Electric City
Re: Insert a bit of code on each html file that is output
The idea of adding it to the Master Page is that Flare stuffs the code into every topic that uses that Master Page. That is how all the proxies get into topics and that is also one reason why building output takes some time, since all this stuff needs to be added in dynamically.
New Book: Creating user-friendly Online Help
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Re: Insert a bit of code on each html file that is output
OK I'll give that a shot and report back!
I think this would be a good way to add a bit of copyright text at the bottom of each page too.
I think this would be a good way to add a bit of copyright text at the bottom of each page too.
-
- Senior Propellus Maximus
- Posts: 4293
- Joined: Thu Feb 02, 2006 9:29 am
- Location: The Electric City
Re: Insert a bit of code on each html file that is output
Correct, that IS the way to do it.
New Book: Creating user-friendly Online Help
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Re: Insert a bit of code on each html file that is output
When I'm looking to edit the masterpage, and doing so in the internal text editor... the code is XML.
Adding the code I want to add (which is some ASP) doesn't work.
Anyone got a solution?
Code I want to enter:
<%If Session("Secure") <> "true" Then
Response.Write("<h1>Not Authorised</h1>")
Response.End
End If
%>
Adding the code I want to add (which is some ASP) doesn't work.
Anyone got a solution?
Code I want to enter:
<%If Session("Secure") <> "true" Then
Response.Write("<h1>Not Authorised</h1>")
Response.End
End If
%>
-
- Senior Propellus Maximus
- Posts: 4293
- Joined: Thu Feb 02, 2006 9:29 am
- Location: The Electric City
Re: Insert a bit of code on each html file that is output
I think Flare has a special function that allows for entering scripts to pages. Last time I checked (which is a long time ago) it offered support for ECMAScript. It may be that any server side script (such as PHP or, dare I mention it, ASP) is ignored as the same source can be used to create CHMs or DotNetHelp, which cannot do server side scripting.
I asked MadCap several times to allow for adding server side scripting and ignore those portions when generating non-WebHelp output or have a way to explicitly enable it to be included in a target. With that possibilities are endless and WebHelp could be made dynamic. One could even embed web applications inside the help.
I asked MadCap several times to allow for adding server side scripting and ignore those portions when generating non-WebHelp output or have a way to explicitly enable it to be included in a target. With that possibilities are endless and WebHelp could be made dynamic. One could even embed web applications inside the help.
New Book: Creating user-friendly Online Help
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Re: Insert a bit of code on each html file that is output
So it seems I'm out of luck here then. I can force users to log into the knowledgebase on the web, but if they know the URLs, they can bypass the login process.
Speaking to my developer colleague, he thinks that the pages would have to be saved as ASP pages anyway to allow us to use the ASP secure session code.
Thanks for your help efforts Ramon, much appreciated.
Speaking to my developer colleague, he thinks that the pages would have to be saved as ASP pages anyway to allow us to use the ASP secure session code.
Thanks for your help efforts Ramon, much appreciated.
-
- Senior Propellus Maximus
- Posts: 4293
- Joined: Thu Feb 02, 2006 9:29 am
- Location: The Electric City
Re: Insert a bit of code on each html file that is output
That is why one shouldn't use ASP, but server side scripting languages that give you full control and also do not force you to use just one type of web server. Regardless of that, IIS should allow to have all .htm and .html pages pulled through the ASP interpreter. If it is anything like the PHP interpreter then the performance hit can be ignored unless you get thousands of hits per second.
The only other option I can think about would be to attach to a common element in the header of the generated topic files and then run a batch application that replaces the remaining header portion and includes the script. That is an extra step and requires some programming, but other than pasting the script in by hand I don't see any other option.
The only other option I can think about would be to attach to a common element in the header of the generated topic files and then run a batch application that replaces the remaining header portion and includes the script. That is an extra step and requires some programming, but other than pasting the script in by hand I don't see any other option.
New Book: Creating user-friendly Online Help
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U
Paperback http://www.amazon.com/dp/1449952038/ or https://www.createspace.com/3416509
eBook http://www.amazon.com/dp/B005XB9E3U