Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 231
  • Last Modified:

How to prevent user go back to the login page

Hi, if I use Coldfuion to design a interface to ask the user to login, after the user login, how to prevent the user to go back to the login page and try again?

Thanks
0
xiaobing
Asked:
xiaobing
1 Solution
 
jonnygo55Commented:
on your login page...put the something like the following...

<cfif session.userloggedIn eq true>
     <cflocation url="login.cfm">
</cfif>

whatever you use to track whether the user is logged in you check on the login page...and redirect them accordingly...
0
 
slatifCommented:
Yes either define a session variable on server to see if that specific user is already signed in or use database table to store entries for users already logged in.
0
 
Renante EnteraCommented:
Yah! jonnygo55 is right.

Be sure that you have created a .cfm file "application.cfm".

Then the content of "application.cfm" must have this following :

<cfapplication name="anyname" sessionmanagement="yes" sessiontimeout="#CreateTimeSpan(0,0,30,0)#>

Then on every top line of each .cfm file, have this code :

<cfif not IsDefined('session.userloggedIn')>
  <cflocation url="login.cfm">
</cfif>

This will check if a user logs in.  When user attempts to go a specified address, he will be redirected to the login page once he has not yet logged in successfully.

Goodluck!
eNTRANCE2002 :-)
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
anandkpCommented:
Hi,

I dont see a reason to avoid the user going back to the login page ... it shldnt bother u ...
if hes already logged in & wants to login with another name - let him do it ... i dont think that shld cause a problem for ur site.

as long as hes a member & hes logging in ... u shld be happy !

K'Rgds
Anand

PS : Entrance - why does he have to code it on top of each line ... cant he include a common file on everypage
also the settings of CFApplication tag can also be managed from CFADMIN ... right ???

My choice wld be to use cookies & not sessions ... but it depends - what u wanna use :)
0
 
MauseCommented:
eNTRANCE2002 is right

you can also put

<cfif not IsDefined('session.userloggedIn')>
  <cflocation url="login.cfm">
</cfif>

in application.cfm but then you need something extra because you don't want to redirected the user if he is on the login.cfm page. so it will ben something like this:

<cfif not IsDefined('session.userloggedIn') AND listlast(cgi.SCRIPT_NAME, '/') is not 'login.cfm'>
  <cflocation url="login.cfm">
</cfif>


Mause
And now you don't have to put anything on top of every .cfm page
0
 
mrichmonCommented:
It is a good thing to put in the Application.cfm file.  (be sure that your Application.cfm file starts with a capital A)

And not only that but you can extend it further to force login for certain directories or certain sites...  Like this :

<cfif FindNoCase("Secure", CGI.SCRIPT_NAME) NEQ 0><!--- Customer is in the secure directory so must log in --->
      <cfif NOT IsDefined("Session.CustomerIsLoggedIn")>
            <cfinclude template="Secure/CustomerLogin.cfm">
            <cfabort>
      </cfif>
</cfif>

That way the user is always forced to the login page/request access page if they are not logged in.  Then you can forward them to wherever they were going by this :

<!--- User is logged in so send them to page they came from --->
<cfif CGI.QUERY_STRING NEQ ""><!--- Preserve URL variables if they existed --->
      <cflocation addtoken="no" url="#CGI.SCRIPT_NAME#?#CGI.QUERY_STRING#">
<cfelse><!--- No URL variables so send to clean URL --->
      <cflocation addtoken="no" url="#CGI.SCRIPT_NAME#">
</cfif>

That way the URL always shows where the person was trying to get to instead of showing the login page in the URL.  Also it preserves and URL variables that the user had when they were forced to login.

0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now