Hey peeps,
Not all us yanks are asleep (we just should be). Kay, as far as the
stats are concerned, what if instead of using a session variable to track
the login and stuff you use client vars stored in the DB. Maybe I am
misunderstanding, and it had been a very long and demanding day. But if you
did that you could get all sorts of info. You can make them time out and
everything. You can even make them expire when the user closes the browser
by setting cfid and cf token into memory resident cookies. It's too late
for me to really describe the specifics, but there is a good tutorial called
session management: client vars advanced or some such on Hal's site. Also
if you need to track specifically which pages where hit you could store
those in the DB as client vars and run queries against. Hell you could
right an app that was constantly updating the stats for them if you had the
time.
Again I may also be very tired and not making sense :)
Tim Heald
ACP/CCFD
Application Development
www.schoollink.net
-----Original Message-----
From: Nev [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 3:11 AM
To: [EMAIL PROTECTED]
Subject: RE: breaking out of an FB3-secured app
Hi Kay,
Is this little gem from a fellow fuseboxer of any value?
I don't recall who it came from but maybe it will help?
<cfscript>
self = "index.cfm";
/*Put direct access cfm template names in this list*/
directAccessFiles = "#self#,test.cfm,";
AllowAccess = false;
</cfscript>
<cfloop list="#directAccessFiles#" index="file">
<cfscript>
if (listFindNoCase(cgi.script_name, file, '/'))
AllowAccess = true;
</cfscript>
</cfloop>
<cfif not allowaccess>
<cfinclude template="warning.cfm"><!--- --->
<!--- Run this code, including sending to request.self, or logging
potential hack attempts --->
<!--- <cflocation url="#self#" addtoken="no"> --->
</cfif>
And when exactly is LeeBB heading west? I'll certainly want to be on the
"buy him a beer or two" list for the magic he contributes to the FB
community.
Nev
>>> [EMAIL PROTECTED] 04/24/02 02:53pm >>>
Hi Lee,
Knew I could count on you to help me out! But then I guess it's that
time of the day when our Yank friends are slumbering.
What you're describing is exactly the method we were using before, but
with cfcontent not cfinclude. However, there's a few things I need to
keep in mind. Firstly, apart from changing the links to ".cfm" instead
of ".html", I don't want to require anything else of the content guy.
He's finding it tough, I already made him use relative links instead of
absolute (his norm). Secondly, I have recently found out that these guys
consider their visitor statistics to be vital, particularly exactly
which pages are being requested most often. They are on shared hosting
with LiveStats 5 and I already know from (painful) experience that it
refuses to watch URLs the way it's meant to.
What I was wondering was if there is any other amazing magical way...
like maybe passing the login status to the application.cfm in the
content directory, but in a secure way somehow. I don't know. It's been
a long day, and I'm out of ideas.
Thanks for your help, I owe you a beverage of your choice. By the time
you finally make it out to Perth I'm going to owe you a lot of those :)
K.
-----Original Message-----
From: BORKMAN Lee [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 24 April 2002 2:40 PM
To: '[EMAIL PROTECTED]'
Subject: RE: breaking out of an FB3-secured app
Hi Kay,
If these "static" files are all stand-alone CFM templates, then you can
CFINCLUDE them like any display fuse.
How about a fuseaction called "static.showfile" which takes the filename
as input, and dynamically includes the appropriate static file? Of
course, you'd need to resolve any links within the static content.
Is that the kind of thing you have in mind?
LeeBB
-----Original Message-----
From: Kay Smoljak [mailto:[EMAIL PROTECTED]]
Hi all,
I have an interesting problem - well I think it's interesting anyway. I
have an FB3 app for a subscription-based content site. My app handles
all the subscriptions, payments, logins, logouts, permissions, updating
of details, forgotten passwords etc etc. The protected content, which
someone non-CF handles, is static html. It was going to be stored
outside of the web root, but during testing the performance was quite
bad, so I've decided to make the HTML person name all his files .cfm and
store them in a particular directory within the web root.
What I don't know is how I'm going to have access to these files
controlled by my FB3 app, without requiring them to be in in the FB3
framework. Has anyone done anything like this before? Any ideas?
Thanks in advance,
Kay.
IMPORTANT NOTICE:
This e-mail and any attachment to it is intended only to be read or used
by the named addressee. It is confidential and may contain legally
privileged information. No confidentiality or privilege is waived or
lost by any mistaken transmission to you. If you receive this e-mail in
error, please immediately delete it from your system and notify the
sender. You must not disclose, copy or use any part of this e-mail if
you are not the intended recipient. The RTA is not responsible for any
unauthorised alterations to this e-mail or attachment to
t. --=_134EE4D8.D8B9D694-- ------=_NextPartTM-000-8ec5d607-571b-11d6-953e-0
0105a68c8ef-- ${list_promo} ${list_promo}
==^================================================================
This email was sent to: [email protected]
EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9
Or send an email to: [EMAIL PROTECTED]
T O P I C A -- Register now to manage your mail!
http://www.topica.com/partner/tag02/register
==^================================================================
