Re: Best way to limit access to a specific template from "only" p revious template?

Fri, 18 May 2001 10:05:58 -0700 

Why not store some sort of authorization code as session variable?

Chris
[EMAIL PROTECTED]

----- Original Message -----
From: "Albert Feliu" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Friday, May 18, 2001 6:21 PM
Subject: RE: Best way to limit access to a specific template from "only" p
revious template?


> Be care using CGI variables.
> This method is extremely easy to hack.
>
> Albert.
>
> -----Mensaje original-----
> De: Craig Bowes [mailto:[EMAIL PROTECTED]]
> Enviado el: viernes, 18 de mayo de 2001 18:24
> Para: CF-Talk
> Asunto: RE: Best way to limit access to a specific template from "only"
> previous template?
>
>
> You should be able to use the referrer, right?  #cgi.http_referer#
>
> Something like this maybe:
>
> <CFIF cgi.http_referer does not contain "template1.cfm">
> <H1>Unauthorized host detected! Access denied!</H1>
> <CFABORT SHOWERROR="You are not authorized to use this function!">
> </CFIF>
>
> And yes, the word referer is spelled wrong in the variable:
cgi.http_referer
>
> -Craig
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: Jerre Hale [mailto:[EMAIL PROTECTED]]
> Sent: Friday, May 18, 2001 10:59 AM
> To: CF-Talk
> Subject: Best way to limit access to a specific template from "only"
> previous template?
>
> What is the best way to limit access to a specific template?  Template2
> can only be accessed via template1.  Disallowing user access to
> template2 simply by typing in the specific url for template2.  I see
> where
> <CFABORT> can limit access to a ip addresses as exampled in the manual
> Advanced Application Development, page 520;
>
> <CFIF Left(CGI.RMOTE_ADDR, 11) NEQ "208.193.16.">
> <H1>Unauthorized host detected! Access denied!</H1>
> <CFABORT SHOWERROR="You are not authorized to use this function!">
> </CFIF>
>
> Can I modify the code so that it can limit via the calling template?
>
> Thanks,
>
> Jerre
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Reply via email to