Hi! I've been reading the posts on session management, and sadly, I am still utterly confused. What compounds my confusion is the fact that I am using session management in conjunction with an Oracle stored procedure. I must admit, I'm over my head here--BIG time. Scenario: I have several screens that only authorized evaluators should be able to access. All of these evaluator screens are in a folder called "eval". Similarly, I have a set of screens that only an assigned administrator should be able to access. Those screens are kept in a folder called "admin". Right now I am focusing only on the evaluator pages. I have created login.cfm and login_action.cfm. The action page supplies two input parameters to the stored procedure (userid and password, from the form). It outputs either a session id or an error: "Bad User ID or Password". I know that I will need to use an include template on any of the pages that are to be protected by this password. This is where I get lost. What exactly do I put in this page? How do I get the sessionid from the login_action.cfm page to this include page? I know I'll need the application.cfm file, but I'm not sure what else to put in it other than the cfapplication tag and its attributes. Here's what I was given by the dba: ------------------------------------------ "In Summary here are the Functions/Procedures We have to date. PROC: APP_SECURITY.Create_Session( in_usr , in_pwd , sesid ) Input: in_usr, in_pwd (varchar2) Output: sesid (varchar2) Returns (Output): SesID OR 'Bad User ID or Password' (OK, I GOT THIS PART TO WORK OKAY...login.cfm IS ACTUALLY RETURNING A SESSION ID) (THIS STUFF IS ALL GREEK TO ME...I know that these are all functions, but what the heck do I do with them? FUNC: APP_SECURITY.Renew_session ( sesid, in_pwd) Input: sesid, in_pwd (varchar2) Returns: BOOLEAN TRUE OR FALSE FUNC: DB_APP_STD.chk_ses ( sesid, valid_hrs) Input: sesid (varchar2) valid_hrs (number) <Optional, default is 3 hours> Returns: Varchar2 'UserID' OR NULL Try SELECT DB_APP_STD.chk_Sess (sesid, 3) from at_users where userid = 'whateverid' FUNC: DB_APP_STD.cnv_bl ( chk_val) Input: chk_val (BOOLEAN) Returns: Varchar2 'TRUE' OR 'FALSE' Examples: To Check Session: select db_app_std.check_session ( 'SesID') from dual; Select will return a varchar2 'UserID' OR Null To Renew Session: select db_app_std.cnv_bl(app_security.renew_session ( 'SesID','UsrPwd')) from dual; Select will return a varchar2 'TRUE'/'FALSE' " ---------------------------------------------------- I am so lost. What do I put where, and what gets passed to what to make sure the user is logged in? <sigh> I am feeling like such a dork. I know that the dba literally spelled everything right out for me, but I need some more help with this one. Any stored proc/session management gurus out there that care to take some time out to hand-hold a newbie programmer? Thanks in advance! Terri ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.