private bool CheckAuthentication()
{
// WARNING : DO NOT simply return "true". By doing so, you are allowing
// "anyone" to upload and list the files in your server. You must implement
// some kind of session validation here. Even something very simple as...
//
//return HttpContext.Current.User.Identity.IsAuthenticated;
//return ( Session[ "IsAuthorized" ] != null && (bool)Session[ "IsAuthorized" ] == true );
//if (Session["IsAuthorized"] != null && (bool)Session["IsAuthorized"] == true)
// return true;
//else
// return false;
// ... where Session[ "IsAuthorized" ] is set to "true" as soon as the
// user logs in your system.
return true;
}
Tue, 02/19/2008 - 12:43
#1
