> You could always put in the necessary closing tags before the CFABORT...
The main drawback to doing this approach is that it leads to cluttered code,
especially if there is complex HTML code contained in your page footer.
Also, consider a situation where there needs to be more than one security
check:
<CFIF NOT condition1>
Sorry, you're not authorized for this.
<!-- closing HTML tags here -->
<CFABORT>
<CFELSEIF NOT condition 2>
Sorry, you're only authorized for this on Mondays.
<!-- closing HTML tags here -->
<CFABORT>
<CFELSEIF NOT condition 3>
Sorry, you're only authorized for this on Tuesdays.
<!-- closing HTML tags here -->
<CFABORT>
</CFIF>
This can become quite messy and is hard to maintain with closing tags
scattered all around the page.
Your best bet is to create a standard "not authorized" page and just do a
CFLOCATION to it when needed. I usually add a CFABORT just after the
CFLOCATION in case, for some reason, the browser ignores the client side
redirect. It looks like this:
<CFIF NOT condition1>
<CFLOCATION URL="not_authorized.cfm">
<CFABORT>
<CFELSEIF NOT condition 2>
<CFLOCATION URL="not_authorized.cfm">
<CFABORT>
<CFELSEIF NOT condition 3>
<CFLOCATION URL="not_authorized.cfm">
<CFABORT>
</CFIF>
Regards,
Seth Petry-Johnson
Argo Enterprise and Associates
______________________________________________________________________
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community. http://www.fusionauthority.com/ads.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
