RE: Session variable

Fri, 25 Jan 2002 08:21:41 -0800 


Yes it is in cfif block. When I tested it with cfoutput it displayed a
value.  The page is below. Look in red at the bottom.


<CFPARAM NAME="form.user" DEFAULT="">
<CFPARAM NAME="form.passwd" DEFAULT="">

<!--- Password passed --->
<CFIF Len(Trim(form.passwd)) GT 0>
    <!--- The user name is blank, see if there is a cookie --->
    <CFIF Len(Trim(form.user)) EQ 0>
        <!--- Set the username to be the cookie value --->
        <CFIF IsDefined("cookie.#request.cookie_name#_login")>
            <CFSET form.user = Evaluate("cookie." & request.cookie_name & "
_login")>
        <CFELSE>
            <CFSET request.message = "Invalid login.">
            <CFEXIT>
        </CFIF>
    </CFIF>

    <!--- See if they are a valid user in the db --->
    <CFTRY>
        <CFQUERY DATASOURCE="#request.DSN#" NAME="GetUser">
         SELECT uid
         FROM itt_users
         WHERE uname = <CFQUERYPARAM VALUE="#form.user#" CFSQLTYPE
="CF_SQL_VARCHAR" MAXLENGTH="20" NULL="No">
        </CFQUERY>
        <CFCATCH TYPE="Any">
            <CFSET request.message = "Invalid login.">
            <CFEXIT>
        </CFCATCH>
    </CFTRY>

    <!--- If they are a valid user --->
     <CFIF GetUser.RecordCount EQ 1>
        <!--- Authenticate them, if it fails, exit --->
        <CFTRY>
          <CFAUTHENTICATE SETCOOKIE="yes" THROWONFAILURE="yes"
SECURITYCONTEXT="RDS_Security" USERNAME="#form.user#" PASSWORD="
#form.passwd#">
            <CFCATCH TYPE="Any">
                <CFSET request.message = "Invalid login.">
                <CFEXIT>
            </CFCATCH>
        </CFTRY>
    <CFELSE>
        <CFSET request.message = "Invalid login.">
        <CFEXIT>
    </CFIF>
    <!--- We made it...we can login now --->
    <CFSET variables.login_success = 1>
<CFELSE>
    <!--- Remove their cookie --->
    <CFIF IsDefined("cookie.#request.cookie_name#_login")>
        <CFCOOKIE NAME="#request.cookie_name#_login" VALUE="" EXPIRES
="NOW">
    </CFIF>
    <CFEXIT>
</CFIF>

<!--- If they are authenticated, set their cookies and stuff --->
<CFIF IsDefined("variables.login_success")>
    <CFCOOKIE NAME="CFID" VALUE="#CFID#" SECURE="Yes">
    <CFCOOKIE NAME="CFTOKEN" VALUE="#CFTOKEN#" SECURE="Yes">
    <CFIF NOT IsDefined("cookie.#request.cookie_name#_login")>
        <CFCOOKIE EXPIRES="15" NAME="#request.cookie_name#_login" VALUE="
#form.user#">
    </CFIF>
    <CFLOCK TIMEOUT="5" THROWONTIMEOUT="Yes" TYPE="EXCLUSIVE" SCOPE
="SESSION">
        <CFSET session.uid = GetUser.uid>
        <CFSET request.uid = session.uid>
    </CFLOCK>
</CFIF>


Henry Dilsky


-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com

-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org

Reply via email to