Log-in and stay logged in!
Hi guys,
I'm a student at university in England, and I'm working on my final year project, an online store in coldfusion.
This is probably gonna sound like a simple problem, but here goes...
I want to be able to allow the user to log in, and stay logged in (maybe with the username displayed at the top, ie. Logged in as ....).
What is the best way to do this? Obviously I don't want to send the user_ID as a URL variable, as that would be unsafe. Is a session cookie the way to go?
How do I store the user_id in a session cookie? Can I just use CFLOGIN and how?
Thanks for your time!
Chris Pont
I'm a student at university in England, and I'm working on my final year project, an online store in coldfusion.
This is probably gonna sound like a simple problem, but here goes...
I want to be able to allow the user to log in, and stay logged in (maybe with the username displayed at the top, ie. Logged in as ....).
What is the best way to do this? Obviously I don't want to send the user_ID as a URL variable, as that would be unsafe. Is a session cookie the way to go?
How do I store the user_id in a session cookie? Can I just use CFLOGIN and how?
Thanks for your time!
Chris Pont
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the code guys!
Just a quick few questions though.
anandkp, if I place the code
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#" DBTYPE="ODBC" USERNAME="#FORM.USER_ID#" PASSWORD="#FORM.PASSWORD#"
SELECT username,userid from Users
where username = '#username#'
</CFQUERY>
If I used a form method=Get on the previous page, would this mean that the username and password are not trassmitted in a way that can be easily accesable?
Also..
Where would I put the <cfapplication
clientmanagement="Yes"
sessionmanagement="Yes"
setclientcookies="Yes"
clientstorage="REGISTRY"
code?
Thanks a lot for your help! This will really get me on my way to a good project!
Just a quick few questions though.
anandkp, if I place the code
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#" DBTYPE="ODBC" USERNAME="#FORM.USER_ID#" PASSWORD="#FORM.PASSWORD#"
SELECT username,userid from Users
where username = '#username#'
</CFQUERY>
If I used a form method=Get on the previous page, would this mean that the username and password are not trassmitted in a way that can be easily accesable?
Also..
Where would I put the <cfapplication
clientmanagement="Yes"
sessionmanagement="Yes"
setclientcookies="Yes"
clientstorage="REGISTRY"
code?
Thanks a lot for your help! This will really get me on my way to a good project!
ASKER
Sorry got that wrong, what i meant for that code was...
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#">
SELECT username,userid from Users
where username = '#Form.username#'
</CFQUERY>
Thanks!
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#">
SELECT username,userid from Users
where username = '#Form.username#'
</CFQUERY>
Thanks!
hi,
ur query in the above comment is right !
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#">
SELECT username,userid from Users
where username = '#Form.username#'
</CFQUERY>
also abt the CFApplication tag - its suppose to be in ur aaplication.cfm file
u cld do those setting via the application tag - OR have them done in ur CFADmin
K'Rgds
Anand
ur query in the above comment is right !
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#">
SELECT username,userid from Users
where username = '#Form.username#'
</CFQUERY>
also abt the CFApplication tag - its suppose to be in ur aaplication.cfm file
u cld do those setting via the application tag - OR have them done in ur CFADmin
K'Rgds
Anand
(1) Add the following to <cfapplication
clientmanagement="Yes"
sessionmanagement="Yes"
setclientcookies="Yes"
clientstorage="REGISTRY"
(2) after verify user/pw at login.cfm
do the following
<CFSET CLIENT.USER_ID = "#FORM.USER_ID#" >
(3) At any page
<CFIF ISDEFINED("CLIENT.USER_ID"
<CFOUTPUT>Logged in as #CLIENT.USER_ID#</CFOUTPUT
</CFIF>