Dear fellows, I have a problem using cflogin and wish if someone can help clear my blue...
The scenario: I logged in as Admin and have change the admin role from 'user' to 'administrator'; change the old password to new password. After logout (using cflogout) and I try to login again with the old password, it still work (new password can login also), and the system will verify the Admin roles as 'user' although the database has kept the latest changes which is myrole='administrator'. here is the code in Application.cfm file: ------------------------------------------------------ <cfif IsDefined("Form.Logout")> <cflogout> </cfif> <cflogin> <cfif NOT IsDefined("cflogin")> <cfinclude template="loginform.cfm"> <cfabort> <cfelse> <cfif cflogin.name IS "" OR cflogin.password IS ""> <cfoutput> <H2>You must enter text in both the User Name and Password fields</H2> </cfoutput> <cfinclude template="loginform.cfm"> <cfabort> <cfelse> ... run query ... <cfif Query.myrole NEQ ""> <cfloginuser name="#cflogin.name#" Password = "#cflogin.password#" roles="#Query.myrole#"> <cfelse> Error message <cfinclude template="loginform.cfm"> <cfabort> </cfif> </cfif> </cfif> </cflogin> ------------------------------------------------------ Help~! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4