Thanks Ben, suprised to get such a quick response on a Saturday evening.. with Trading Spaces being on and all ;)
I'll heed your suggestions :) Candace K. Cottrell, Web Developer The Children's Medical Center One Children's Plaza Dayton, OH 45404 937-641-4293 http://www.childrensdayton.org [EMAIL PROTECTED] >>> [EMAIL PROTECTED] 03/22/03 19:00 PM >>> My guess is that it's the equals signs in your elsif that are causing it. If it were me, I would use the same error message for bad username and bad password. This is a standard security thing. Assume I'm trying to break in. With your system, I try usernames until one works (but says bad password) then try passwords. If you have the same error message, I don't have a way of knowing that the username is good until I hit a valid combination. Just a suggestion, though. :-) -- Ben Doom Programmer & General Lackey Moonbow Software, Inc : -----Original Message----- : From: Candace Cottrell [mailto:[EMAIL PROTECTED] : Sent: Saturday, March 22, 2003 6:45 PM : To: CF-Talk : Subject: Need help with login script... : : : For some reason, I keep getting a syntax error on this login. : : Application.cfm: : : <!--- : Page: Application.cfm : ---> : : <CFAPPLICATION NAME="ResDBApp" : CLIENTMANAGEMENT="Yes" : SESSIONMANAGEMENT="Yes" : SETCLIENTCOOKIES="Yes" : SESSIONTIMEOUT="#CreateTimeSpan(0,1,0,0)#" : APPLICATIONTIMEOUT="#CreateTimeSpan(1,0,0,0)#" : CLIENTSTORAGE="COOKIE"> : : <!--- : Next check to see if the login form has been submitted, : if yes then try to authenticate the user. : ---> : : <CFIF IsDefined("form.username")> : : <cfquery name="getUsers" datasource="resDB"> : Select * from USERS Where : UserID = '#form.UserName#' : </cfquery> : : <cfif getUsers.recordCount EQ 0> : <cfset IsAuthenticated = FALSE> : There is no user by that name.<br> : <a href="mailto:[EMAIL PROTECTED]">Get help</a> : : <cfelseif form.Password = "getUsers.Password" AND form.UserName = : getUsers.UserID> : <cfset IsAuthenticated = TRUE> : <cfelse> : <cfset IsAuthenticated = FALSE> : Sorry, your password does not match.<br> : <a href="mailto:[EMAIL PROTECTED]">Get help</a> : : </cfif> : : </CFIF> : : <cfif IsAuthenticated IS FALSE> : <cflocation url="login.cfm"> : </cfif> : : : Here's my login form. : : : <FORM NAME="loginForm" ACTION="" METHOD="post"> : : <span class="ltBlueHead">UserName:</span> : <INPUT TYPE="text" NAME="username" SIZE="20"> : <br> : <span class="ltBlueHead">Password:</span> : <INPUT TYPE="password" NAME="password" SIZE="20"> : <INPUT TYPE="submit" VALUE="Log in..."> : </FORM> : : : <!--- : If the login form is called then stop processing the page after : the user is presented with the login form. : : ---> : : <CFABORT> : </p> : : </form> : : : And the error: : : Error Occurred While Processing Request : Context validation error for tag cfif. : The start tag must have a matching end tag. An explicit end tag can be : provided by adding </cfif>. If the body of the tag is empty you can use : the shortcut <cfif .../>. : : The Error Occurred in : C:\Inetpub\wwwroot\apps\resDB\admin\Application.cfm: line 38 : : 36 : </cfquery> : 37 : : 38 : <cfif getUsers.recordCount EQ 0> : 39 : <cfset IsAuthenticated = FALSE> : 40 : There is no user by that name.<br> : : : : : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
