Not sure why you are setting cookies for the CFID and CFTOKEN!? They are automatically set through the CFAPPLICATION setting.
Otherwise, I don't see anything else wrong.... I wouldn't set the cookies for CFID and CFToken..... hth -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, January 25, 2002 10:35 AM To: [EMAIL PROTECTED] Subject: RE: Session variable Yes it is in cfif block. When I tested it with cfoutput it displayed a value. The page is below. Look in red at the bottom. <CFPARAM NAME="form.user" DEFAULT=""> <CFPARAM NAME="form.passwd" DEFAULT=""> <!--- Password passed ---> <CFIF Len(Trim(form.passwd)) GT 0> <!--- The user name is blank, see if there is a cookie ---> <CFIF Len(Trim(form.user)) EQ 0> <!--- Set the username to be the cookie value ---> <CFIF IsDefined("cookie.#request.cookie_name#_login")> <CFSET form.user = Evaluate("cookie." & request.cookie_name & " _login")> <CFELSE> <CFSET request.message = "Invalid login."> <CFEXIT> </CFIF> </CFIF> <!--- See if they are a valid user in the db ---> <CFTRY> <CFQUERY DATASOURCE="#request.DSN#" NAME="GetUser"> SELECT uid FROM itt_users WHERE uname = <CFQUERYPARAM VALUE="#form.user#" CFSQLTYPE ="CF_SQL_VARCHAR" MAXLENGTH="20" NULL="No"> </CFQUERY> <CFCATCH TYPE="Any"> <CFSET request.message = "Invalid login."> <CFEXIT> </CFCATCH> </CFTRY> <!--- If they are a valid user ---> <CFIF GetUser.RecordCount EQ 1> <!--- Authenticate them, if it fails, exit ---> <CFTRY> <CFAUTHENTICATE SETCOOKIE="yes" THROWONFAILURE="yes" SECURITYCONTEXT="RDS_Security" USERNAME="#form.user#" PASSWORD=" #form.passwd#"> <CFCATCH TYPE="Any"> <CFSET request.message = "Invalid login."> <CFEXIT> </CFCATCH> </CFTRY> <CFELSE> <CFSET request.message = "Invalid login."> <CFEXIT> </CFIF> <!--- We made it...we can login now ---> <CFSET variables.login_success = 1> <CFELSE> <!--- Remove their cookie ---> <CFIF IsDefined("cookie.#request.cookie_name#_login")> <CFCOOKIE NAME="#request.cookie_name#_login" VALUE="" EXPIRES ="NOW"> </CFIF> <CFEXIT> </CFIF> <!--- If they are authenticated, set their cookies and stuff ---> <CFIF IsDefined("variables.login_success")> <CFCOOKIE NAME="CFID" VALUE="#CFID#" SECURE="Yes"> <CFCOOKIE NAME="CFTOKEN" VALUE="#CFTOKEN#" SECURE="Yes"> <CFIF NOT IsDefined("cookie.#request.cookie_name#_login")> <CFCOOKIE EXPIRES="15" NAME="#request.cookie_name#_login" VALUE=" #form.user#"> </CFIF> <CFLOCK TIMEOUT="5" THROWONTIMEOUT="Yes" TYPE="EXCLUSIVE" SCOPE ="SESSION"> <CFSET session.uid = GetUser.uid> <CFSET request.uid = session.uid> </CFLOCK> </CFIF> Henry Dilsky ------------------------------------------------------------------------- This email server is running an evaluation copy of the MailShield anti- spam software. Please contact your email administrator if you have any questions about this message. MailShield product info: www.mailshield.com ----------------------------------------------- To post, send email to [EMAIL PROTECTED] To subscribe / unsubscribe: http://www.dfwcfug.org ------------------------------------------------------------------------- This email server is running an evaluation copy of the MailShield anti- spam software. Please contact your email administrator if you have any questions about this message. MailShield product info: www.mailshield.com ----------------------------------------------- To post, send email to [EMAIL PROTECTED] To subscribe / unsubscribe: http://www.dfwcfug.org
