Like I mentioned in a previous post, I am creating a security system that assigns each CF page it's own unique ID. Based on that file's id, it keeps track on who has access to that page. To do this, I was going to put a custom tag at the top of every page that I wanted to be secure and then have the file edit itself and place a random "security ID" at the top of the page. That ID would then be stored in the DB and have a security setting applied to it through my security system.
Now, the problem with me is I'm a forgetful person. So, instead of putting the tag in every single file (which I might forget to do), how about putting the tag in the Application file and then telling the tag to edit the file referenced by the CGI script name variable. I haven't yet tried it, but I'm hoping that variable would be referring to the file being called, not the application.cfm file, even though the tag is being run from the application.cfm file. That way, every single file on my site is guaranteed to be secure. My question is whether or not that will pose any weird quirks. Is there any reason or circumstance where the CGI Script Name variable wouldn't refer to the file that the end-user was requesting? The CGI script name variable comes from the web server, correct, and would *always* be populated with a value of the target file, right? I can't think of anything that would cause a problem, but that doesn't mean that there would be a way around it (hence, my reason for asking the list). Ultimately, I'm trying to figure out which way is more secure (in the application.cfm file, or each file). I hope that's not too confusing what I'm trying to do. If you'd like further explanation, let me know! Thanks, Mike ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:217309 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
