RE: login application help requested

2000-03-29 Thread Brian Peddle 

You will never get out of that loop.

First time in, 

cfif NOT IsDefined("Session.LoggedIn")
CFSET Session.LoggedIn=False
/cfif

this isnt defined, so you show login page then you submit to page to autheticate, but 
the application.cfm is run before that page as well.

What you could do is include your authentication in the app.cfm

Check there if good they are in if not send back.


-Original Message-
From: Chris Estes [mailto:[EMAIL PROTECTED]]
Sent: Thursday, 30 March 2000 8:24 AM
To: '[EMAIL PROTECTED]'
Subject: login application help requested


I have a home page in which there are links both for public and private
pages. I want users with a password to be able to click on a private page
link, login, then be forwarded directly to that page. It is easy enough to
send them to a specific page, but I can't seem to "forward" them. This code
takes the user back to the login form.

The code I'm using is very simple and basic (which is probably the problem).
I've included it below. If anyone can help, I'd appreciate it. I've wasted
two days of my life working on this.


Application.cfm:
cfapplication name="login" clientmanagement="YES" sessionmanagement="YES"
setclientcookies="Yes"

!--- test for existence of session.logged in ---
cfif NOT IsDefined("Session.LoggedIn")
CFSET Session.LoggedIn=False
/cfif

!--- if logged.in is false, send user to form ---
CFIF Session.LoggedIn EQ FALSE
cfif NOT (CGI.Path_Info EQ "/formpage.cfm") OR NOT (CGI.Path_Info is
"/actionpage.cfm")
!--- send formpage.cfm the path user was trying to get to ---
CFLOCATION
url="http://localhost/isri/login/formpage.cfm?dest=#cgi.path_info#"
addtoken="No"
 /cfif
/cfif

!--- if user has already logged in, let them into page ---
 cfif Session.LoggedIn EQ True
CFLOCATION url="#CGI.Path_info#" addtoken="No"
/cfif



Formpage.cfm:
!--- login form with generic username already submitted via hidden
field ---
form action="actionpage.cfm" method="post"
cfif ISDEFINED ("URL.dest") EQ TRUE
cfoutputinput type="Hidden" value="#URL.dest#"
name="dest"/cfoutput/cfif
input type="hidden" name="name" size="30" maxlength="30" value="u"font
face="Verdana, Arial, Helvetica, sans-serif" size="2"bPassword:
/b/font
input type="password" name="password" size="30" maxlength="30"br
input type="submit" value="Log In" input type="Reset"
/form

Actionpage.cfm:
cfquery datasource="isri" name="auth"
SELECT username, pwd
FROM login
WHERE username = '#Form.name#' AND pwd = '#form.password#'
/cfquery
!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
html
head
titleLog In/title
/head
body
!--- if the query produces a record send user to page they had clicked
on ---
cfif auth.RecordCount IS 1
CFSET Session.LoggedIn = True
 CFLocation url="#dest#" addtoken="No"
 !--- if login is not acceptable ---
cfelse
script language="javascript"
alert("We're sorry, but we were unable to verify either your Name or
Password. Please try again.")
self.location = 'formpage.cfm'
/script
/cfif
/body
/html


Chris Estes
(202) 662-8536
[EMAIL PROTECTED]
http://www.isri.org
http://www.scrap.org


--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=stsbody=sts/cf_talk or send
a message to [EMAIL PROTECTED] with 'unsubscribe' in the
body.

--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: login application help requested

2000-03-29 Thread John Quarto-vonTivadar 

what about something a little easier, given that all times after the first
time will the SESSION.LoggedIn be true:

cfparam name="SESSION.LoggedIn" default="false" type="boolean"
cfif NOT SESSION.LoggedIn
cfset SESSION.LoggedIn = 1
!--- set stuff other stuff ---

/cfif
the binary operation is surely faster than the IsDefined() function, yes? :)

the other comment that it has to be part of an application.cfm is right, or
at least an application.cfm equivalent (such as FuseBox's app_globals.cfm),
and obviously you have to have used the CFAPPLICATION ... tag to allow for
SESSION variables in the first place :)

you could also put any gross application CFSET's within this loop too,
thereby only having to set them once. (most people just put the CFSET's in
the application.cfm with no loop and so they get set and reset and reset
everytime a page is called. For a high volume site obviously this makes a
difference). Even in a non-high volume site it makes some difference. we had
a site where only 1 or 2 people were logged in at once and not a heck of a
lot of DB queries being done. In hitting the pages many times in a row, we
noticed a 3-4% increase in speed by wrapping the 20-25 CFSET's inside such
a loop. Although not scientific, I daresay to guess at least that savings
would occur in a high-traffic site, perhaps substantially higher depending
on what you do (or in this case, don't do) outside the loop.



 You will never get out of that loop.

 First time in,

 cfif NOT IsDefined("Session.LoggedIn")
 CFSET Session.LoggedIn=False
 /cfif

 this isnt defined, so you show login page then you submit to page to
autheticate, but the application.cfm is run before that page as well.

 What you could do is include your authentication in the app.cfm

 Check there if good they are in if not send back.



--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.