Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 244
  • Last Modified:

Pop Up Message

I want to have a message pop up if someone does not have access to a directory. Then relocate them to the login screen if they do not have a session running or to the main menu if they have a session running.

I am using Dreamweaver MX and Coldfusion MX.  

Thanks.
0
swartout
Asked:
swartout
  • 4
  • 4
  • 3
  • +1
1 Solution
 
substandCommented:
in the application file for the directory do this:

<cfif usercredentials do not match what is needed to view this directory>

You do not have access to this directory.  Please
<cfif isdefined("session.variable_to_see_if_they_have_session")>
<a href="../mainmenu.cfm">go to main menu.</a>
<cfelse>
<a href="../gotologinpage.cfm">log in</a>.
</cfif>
<cfabort>
</cfif>
0
 
Renante EnteraSenior PHP DeveloperCommented:
This is one of my project this time using Session variables. Take this simple example.

In your first file type this code:

<CFAPPLICATION NAME="FORUM" SESSIONTIMEOUT="#CreateTimeSpan(0,0,60,0)#" SESSIONMANAGEMENT="Yes" CLIENTMANAGEMENT="Yes" >
Then save as application.cfm.
Regarding the CreateTimeSpan function it sets when to destroy your session.

For your file in login form have this code:

<form name="form1" method="post" action="validate.cfm">
  <p>username :
    <input type="text" name="username">
  </p>
  <p>password :
    <input type="password" name="password">
  </p>
  <p>
    <input type="submit" name="Submit" value="  OK  ">
  </p>
</form>
Then save as login.cfm.

For your action file validate.cfm

<cfif '#form.username#' eq 'administrator' and '#form.password#' eq 'administrator'>
  <cfset session.valid_account='#form.username#'>
  <cflocation url="index.cfm">
<cfelse>
  <cflocation url="login.cfm">
</cfif>

For your main page index.cfm, you should have this code.
This one will check if the session variable already exists.
<cfif not isDefined('session.valid_account')>
  <cflocation url="login.cfm">
</cfif>
<---- page content ----->

Try to run this code of mine. I hope this will help you.
GOODLUCK...!
0
 
Renante EnteraSenior PHP DeveloperCommented:
Since you want to have a pop message, instead of:

<cfif not isDefined('session.valid_account')>
 <cflocation url="login.cfm">
</cfif>

Try this one:
<cfif not isDefined('session.valid_account')>
 <script language='javascript'>
   alert('Any message that you want to appear before redirecting the user to the login form');
   document.location='login.cfm';
 </script>
</cfif>

You should have this condition in every first line of any directory that you want to be validated...

Best wishes...
0
Meet the Family that is Made for Collaboration

The TeamConnect Family product group as part of the Sennheiser for Business Portfolio comprising high-quality, technically well-conceived meeting solutions for business communication – designed for any meeting room and any meeting situation.

 
swartoutAuthor Commented:
I tried this one,

cfif not isDefined('session.valid_account')>
<script language='javascript'>
  alert('Any message that you want to appear before redirecting the user to the login form');
  document.location='login.cfm';
</script>
</cfif>

It works, however, I want to first check if they have access to the directory, if not, then I want to check if they are currently logged in.  If they are logged in, I want them to be redirected to the main menu.  If they are not logged in, I want them to be redirected to the login screen.  When I put the extra if and else statements in the first script runs, if the case is true or false.  What should I do in this scenario??

Thanks
Cindy
0
 
anandkpCommented:
just to clarify :
You should have this condition in every first line of any directory that you want to be validated...

what does this mean ???

Also : what happens if all the users have their own dir on the server & can access only their dir ... in that case the admininstrator login wont help ... am i correct ?

but i dont know what the exact requirement is - so just want things to be clarified !

K'Rgds
Anand
0
 
swartoutAuthor Commented:
I was going to place this in every Application.cfm file for each of my directories.  That way if they have access to that directory, they should be able to go where they need to.  If they do not have access, then they will go to where I want them to, first determining if they are logged in.

I do not have administrator logins, In my database I have a table that lets me know what directories they have access to.  

I just wanted to pop up a message to let the user know that they do not have access and where I am directing them.  I did not want to redirect them, without letting the user know what was going on.

Thanks
Cindy
0
 
anandkpCommented:
ok i can give u a slightly diff approach

since u have so many directories on ur server - u can have a file called "whohasacess.cfm" in all the directories.
so lets say i ahve these dir on server
a.anandkp [<cfset thesehaveaccess = "anandkp">]
b.swartout [<cfset thesehaveaccess = "swartout">]
c.somedir [<cfset thesehaveaccess = "anandkp,swartout">]

this file [whohasacess.cfm] will have the list of names of users [incase u want mutiple users to access the same dir]
<cfset thesehaveaccess = "anandkp,swartout.....">

so when i login as "username=anandkp" & i try & access "swartout" dir -

use this code in ur validate.cfm
<!--- code for validate.cfm --->

<cfif isDefined('Username')><!--- chk if usr has logged in or not --->

    <!--- send user to login.cfm --->
   
<CFELSE><!--- if logged in --->

    <CFINCLUDE TEMPLATE="/#Dir_User_is_Trying_to_Access#/whohasacess.cfm">
   
    <CFIF listfindnocase(thesehaveaccess,'#username#')><!--- chk if the current user has access to this Dir --->
        <!--- allow the access --->
    <CFELSE>
        <!--- promt him --->
        <!--- redirect the user to main.cfm --->
    </CFIF>

</CFIF>

let me know ...

K'Rgds
Anand
0
 
anandkpCommented:
ok i can give u a slightly diff approach

since u have so many directories on ur server - u can have a file called "whohasacess.cfm" in all the directories.
so lets say i ahve these dir on server
a.anandkp [<cfset thesehaveaccess = "anandkp">]
b.swartout [<cfset thesehaveaccess = "swartout">]
c.somedir [<cfset thesehaveaccess = "anandkp,swartout">]

this file [whohasacess.cfm] will have the list of names of users [incase u want mutiple users to access the same dir]
<cfset thesehaveaccess = "anandkp,swartout.....">

so when i login as "username=anandkp" & i try & access "swartout" dir -

use this code in ur validate.cfm
<!--- code for validate.cfm --->

<cfif isDefined('Username')><!--- chk if usr has logged in or not --->

    <!--- send user to login.cfm --->
   
<CFELSE><!--- if logged in --->

    <CFINCLUDE TEMPLATE="/#Dir_User_is_Trying_to_Access#/whohasacess.cfm">
   
    <CFIF listfindnocase(thesehaveaccess,'#username#')><!--- chk if the current user has access to this Dir --->
        <!--- allow the access --->
    <CFELSE>
        <!--- promt him --->
        <!--- redirect the user to main.cfm --->
    </CFIF>

</CFIF>

let me know ...

K'Rgds
Anand
0
 
swartoutAuthor Commented:
I am not having any problems determining if someone has access.  

My problem is...
1.  If they do not have access, redirect them.. where?
2.  Determine where... Have they logged in??  NO?
3.  Send to log in page
4.  Have they logged in?? yes?  
5.  Send to main menu

What I am trying to catch, are those users that may bookmark a page or figure out my directory structure and bypass my log in screen.

Thanks
Cindy
0
 
anandkpCommented:
jsut chk for this on ur everypage !

<cfif isDefined('HTTP_REFERER') And isDefined('Session.Username')>
    <!--- allow access to the page --->
<CFELSEIF isDefined('HTTP_REFERER') And not isDefined('Session.Username')>
    <!--- take them to login page --->    
    <CFLOCATION URL="#SiteUrl#Login.cfm" ADDTOKEN="No">      
</CFIF>

cos if the referer is defined that measn the user is coming from somelink within the site [chk for the existance of urdomain name inside the referrer]

hope this helps ?

K'Rgds
Anand
0
 
swartoutAuthor Commented:
Thanks for the help.
0
 
Renante EnteraSenior PHP DeveloperCommented:
Thank you for the points swartout.
This is my first expert points that I have received.
I hope that next time you have a problem. I can still have my idea to be shared to you.
0

Featured Post

Enhanced Intelligibility Without Cable Clutter

Challenge: The ESA office in Brussels wanted a reliable audio conference system for video conferences. Their requirement - No participant must be left out from the conference and the audio quality must not be compromised.

  • 4
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now