This sounds great thanks.
But what do I set in cfapplication to prevent someone from bookmarking
the pages or let's say a search engine picks up a page in my admin
section.
Will the cfaplication check to see that they actually logged in?
-Original Message-
From: CFHelp [mailto:[EMAIL
To: CF-Talk
Subject: RE: Securty
This sounds great thanks.
But what do I set in cfapplication to prevent someone from bookmarking
the pages or let's say a search engine picks up a page in my admin
section.
Will the cfaplication check to see that they actually logged in?
-Original Message
I'd just do it like in Ben's book. in the Application.cfm, check to see if
A Session.Logged exists. If not, then make it and set it to False or 0 (or
however u wnna do it), and close the CFIF tag. Then do another CFIF to
check if Session.Logged is FALSE and if it is, check to see that they
Rick-
Basically we set a client variable with a timestamp when the user logs in,
then each time the user clicks to advance to another screen we reset the
variable which contains the timestamp. Each time the user clicks a button
we check the current timestamp against the time in the client
Rick,
The CFGods wish the admin site be run on a separate intranet server, inside
the firewall with session-based user management. (Okay-- I know this
probably isn'd an option, so read on anyway for the rest...) You can use a
session variable that sets the permission level (from the user record
5 matches
Mail list logo