Hi Don, >I am having a big problem with an old standard login system. This is the >most simple login system I know and have used it for years. > >It consists of: >Login form page >Login action page >Main page >Session variables tracking who is logged in > >The user enters in their login acct, the action page compares it against the >db, then sets some session variables and uses cflocation to forward them to >a new page or back to the login page if they fail. The application page >checks for the session variable to see if they're logged in and uses >cflocation to send them back to the login page if the var doesn't exist.
I am slightly surprised that this has ever worked if I understand it correctly. Session and Client variables normally use cookies to control themselves, if not you have to use CFID and CFToken in your URLs. cflocation has a proviso that if you use it then any cookies set in the page before the cflocation tag will _not_ actually get sent to the browser under normal circumstances. This means that if you have a cflocation in your initial entry then your session may not well be set up properly..... -- Yours, Kym ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists