Hello,
We have a security system built in application.cfm, which disallow users to
access our site without providing valid username and password.
ie. when a user put URL on the location bar, if he has not logged in, he
would be redirected to the login page first before seeing the actual page.
But we just have a security problem with the system: There is a directory
for users to upload files. If the file is not in CFM format, it seems like
that the application.cfm cannot do security check. Therefore, if the person
knows the URL, he could see the page without logging into the system.
Could anybody help?
thanks in advance,
Hueymeei
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
