Hi Everybody,
This is my first post. I'm building an application framework using application.cfm
and <cflogin> instead of the "homegrown" framework that would be my other option
according to Ben Forta. However it seems that the only way <cflogin> can be used is
with cookies.. That's fine if J2EE is turned on in the administrator, and the browser
has cookies turned on but what if the cookies are turned off?
Is it possible to use <cflogin> without cookies? Or is it impossible because of the
<cfloginuser> being what controls the login state across pages? Any thoughts on this?
I do know that you can build a login framework that doesn't need cookies, but the
application.cfm <cflogin> is said to work much better with CFC's and it seems to me a
secure method. My working code is:
<cfapplication name="scaffolding04">
<cfset DSN = "">
<!--- Place <cflogin> here --->
<cflogin>
<!--- SECTION 1: If not logged in user, or login form not submitted,
include the login form--->
<cfif NOT isDefined("Form.username")>
<cfinclude template="login.cfm">
<cfabort>
<cfelse>
<!--- SECTION 2:The user has submitted the form, but either the name
or password is blank, so include the form again --->
<cfif Form.username is "" OR Form.password is "">
<cfinclude template="login.cfm">
<h3>You must enter text in both the User ID and Password fields.</h3>
<cfabort>
<cfelse>
<!--- SECTION 3:The user has submitted name and password, check the
database for
match --->
<cfquery name="qValidLogin" datasource="#Variables.DSN#">
SELECT username, password
FROM login
WHERE username = '#Form.username#' AND password =
'#Form.password#'
</cfquery>
<!--- SECTION 4: The user has submitted a valid name and password --->
<cfif qValidLogin.RecordCount>
<!--- Use <cfloginuser> here to identify the user to
ColdFusion --->
<cfloginuser name="#Form.username#" password="#Form.password#"
roles="">
<cfset loggedin="1">
<!--- SECTION 5: User has submitted invalid name and/or password,
so show the form again --->
<cfelse>
<cfinclude template="login/login_form.cfm">
<h3>Your information is not valid. Please try
again.</h3>
<cfabort>
</cfif>
</cfif>
</cfif>
</cflogin>
<!--- End of login code, place </cflogin> here --->
Thanks,
Nick
--
WEBHELIO - Multimedia Solutions
[EMAIL PROTECTED]
Mobile: (816) 352-9049
http://www.webhelio.com
. . . SPINNING THE WEB OF TECHNOLOGY
--
=========================================================
Kansas City ColdFusion User Group's website & listserv is
hosted through the generous support of Clickdoug.com
To send email to the list, email [EMAIL PROTECTED]
To (un)subscribe, email [EMAIL PROTECTED] with your request.
For hosting solutions http://www.clickdoug.com
Featuring Win2003 Enterprise, RedHat Linux, CFMX 6.1.
======================================================
