?
Solved

Log-in and stay logged in!

Posted on 2003-03-11
5
Medium Priority
?
223 Views
Last Modified: 2013-12-24
Hi guys,

I'm a student at university in England, and I'm working on my final year project, an online store in coldfusion.

This is probably gonna sound like a simple problem, but here goes...

I want to be able to allow the user to log in, and stay logged in (maybe with the username displayed at the top, ie. Logged in as ....).

What is the best way to do this? Obviously I don't want to send the user_ID as a URL variable, as that would be unsafe. Is a session cookie the way to go?

How do I store the user_id in a session cookie? Can I just use CFLOGIN and how?

Thanks for your time!

Chris Pont
0
Comment
Question by:chrispont
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 17

Accepted Solution

by:
anandkp earned 300 total points
ID: 8117020
Hi Chris,

Ur right - the cookie/session is the best way to go ...

its very simple & easy to implement as well

follow the steps below & iam sure - it shld see u thru [hopefuly ... :)]

Since its a online store- i am sure .. u already have a DB table for the users & are storing the user detials there ...

when the user logs in ... validate the users & after validating create a cookie as :

<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#" DBTYPE="ODBC" USERNAME="#CARO_USERNAME#" PASSWORD="#CARO_PASSWORD#">
     SELECT      username,userid from Users
     where  username = '#username#'
</CFQUERY>
               
<CFCOOKIE NAME="CK_USER" VALUE="#Get_userdetails.USERNAME#~#Get_userdetails.USERID#">
<!--- u can use the "expires" property incase u want the cookie to reside on a user machine for "x" days ! --->
<!--- in this case - i havent given the expires property - so it will be browser based cookier - alive till the browser remains open --->


<!--- ========================================================================================================== --->

<!--- now once the user is logged in - read the cookie on ne-page as : --->
<CFOUTPUT>
    <CFIF ISDEFINED('COOKIE.CK_USER')>
        hello #LISTGETAT(COOKIE.CK_USER,1,"~")#
    <CFELSE>
        hello Guest    
    </CFIF>
</CFOUTPUT>

try this & let me know

if u wanna use sessions u cld also use that [let me know incase u want a eg of that as well] ... but i prefer cookie over sessions ...

K'Rgds
Anand
0
 
LVL 9

Expert Comment

by:HamdyHassan
ID: 8119047

(1) Add the following to <cfapplication
               clientmanagement="Yes"
               sessionmanagement="Yes"
               setclientcookies="Yes"
            clientstorage="REGISTRY"

(2) after verify user/pw at login.cfm
    do the following
    <CFSET CLIENT.USER_ID = "#FORM.USER_ID#" >

(3) At any page
     <CFIF ISDEFINED("CLIENT.USER_ID")>
        <CFOUTPUT>Logged in as #CLIENT.USER_ID#</CFOUTPUT>
     </CFIF>
0
 

Author Comment

by:chrispont
ID: 8120324
Thanks for the code guys!
Just a quick few questions though.

anandkp, if I place the code
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#" DBTYPE="ODBC" USERNAME="#FORM.USER_ID#" PASSWORD="#FORM.PASSWORD#">
    SELECT      username,userid from Users
    where  username = '#username#'
</CFQUERY>

If I used a form method=Get on the previous page, would this mean that the username and password are not trassmitted in a way that can be easily accesable?

Also..

Where would I put the <cfapplication
              clientmanagement="Yes"
              sessionmanagement="Yes"
              setclientcookies="Yes"
           clientstorage="REGISTRY"

code?

Thanks a lot for your help! This will really get me on my way to a good project!
0
 

Author Comment

by:chrispont
ID: 8120428
Sorry got that wrong, what i meant for that code was...

<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#">
   SELECT      username,userid from Users
   where  username = '#Form.username#'
</CFQUERY>

Thanks!
0
 
LVL 17

Expert Comment

by:anandkp
ID: 8125518
hi,

ur query in the above comment is right !
<CFQUERY NAME="Get_userdetails" DATASOURCE="#DSN#">
  SELECT username,userid from Users
  where  username = '#Form.username#'
</CFQUERY>

also abt the CFApplication tag - its suppose to be in ur aaplication.cfm file

u cld do those setting via the application tag - OR have them done in ur CFADmin

K'Rgds
Anand
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
Lease-to-own eliminates the expenditure of hardware replacement and allows you to pay off the server over time. Usually, this is much cheaper than leasing servers. Think of lease-to-own as credit without interest.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question