Here's the basic concept... You have a login page. The user puts their username and password in and it submits to an action page that checks to see if they are a user. You then set a variable (I usually use session variables). Then you check for that session variable on the pages that are protected. Typically, I have everything that they need to log into put in a separate folder. Then I have code in the application.cfm to say that if the path is to the protected folder, check for the variable otherwise redirect to the login page. Any shortcut to the secured data will redirect them to the login page if they are not logged in. As far as locking out... set a variable on each failed login and increment it by one until they hit 3. Once they hit three, check that variable in the login page and redirect them or give them a message that they have been locked out. You can use a cookie to expire in 30 minutes or however you want to do it. This is just the basic idea to get you thinking in the right direction. If you just want someone to do it for you, then just ask and I'll send you the code (and the bill ;-))....
HTH, Steve -----Original Message----- From: FlashGuy [mailto:[EMAIL PROTECTED]] Sent: Friday, December 13, 2002 8:16 AM To: CF-Talk Subject: RE: Login/Password screen That part is no problem. Its what I need to put into the application.cfm to timeout or after 2-3 attempts lock the user out. Also once they log in they might drag a shortcut to their desktop which would bypass my index.cfm in the root that has the authentication code. How can I "force" them to the login screen everytime regardless if they dragged a shortcut? On Fri, 13 Dec 2002 13:10:45 -0000, Craig Dudley wrote: > That's quite simple to code yourself, why don't you give it a try and > post any questions here if you get stuck? > > Just pass a username and password from a from into a query, if a > matching record is found, the queries record count will be 1 and you can > authenticate the user, that's quite simplistic but basically all you > need. > > Have a go, you know you want to ;-) > > -----Original Message----- > From: FlashGuy [mailto:[EMAIL PROTECTED]] > Sent: 13 December 2002 12:43 > To: CF-Talk > Subject: Login/Password screen > > Hi, > > I know there are alot of custom tags out there that will do what I'm > looking for but I want the best one. So this is why I'm asking all of > you hoping you've had > some experience with some of them. I'd like everything stored in a > database. I know some don't do that. Bascially, once the user enters in > their > username/password they are redirected to a URL on the server based on > the authentication. > > I have one called <CF_EzPassword> but was wondering if there are any > better ones? > > Thanks > > > --------------------------------------------------- > Colonel Nathan R. Jessop > Commanding Officer > Marine Ground Forces > Guatanamo Bay, Cuba > --------------------------------------------------- > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com
