Hi,
if you use login with a "role" management, you can place something lieke this
AT THE TOP OF EACH PAGE, which should be protected:
<cfif NOT IsUserInRole("Admin")>
<cfinclude template="NoRightsForThis.cfm">
<cfabort>
</cfif>
Best regards
Knut Bewersdorff
----- Original Message -----
From: J.B. Mentzer
To: cf-newbie
Sent: Friday, March 13, 2009 4:53 AM
Subject: Securing an Admin area?
Hi all,
One of my client sites carries repair parts. I've created an Admin
section, so he can make his own adds, edits and deletions from the catalog.
The database is MySQL, and the the actual queries are in Custom Tags. I
have a login page, but need help with controlling session variables to
enforce use of the login page to access the Admin area.
The login page requires a UserID & PW, which are matched against columns
in a Users table. What type of variable should I set for users with good
credentials? Should I put a test for this variable in the Admin's
Application.cfm?
Thank you!
* JB *
JB Mentzer
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;207172674;29440083;f
Archive:
http://www.houseoffusion.com/groups/cf-newbie/message.cfm/messageid:4444
Subscription: http://www.houseoffusion.com/groups/cf-newbie/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.15
