zakirdavis
asked on
Why Log In Twice? - <CFApplication> Session ect.
I am using the user authentication found at:
http://tutorial8.easycfm.com/
It seems very helpful. I am wondering why on my page, i type in the correct user and password, it tells me i need to log in, so i type it in again and it works.
I have tried this several times now. I must log in twice. Any suggestions?
<!--- Application.cfm --->
<!--- Create the application --->
<CFAPPLICATION name="verifyLogin" clientmanagement="Yes"
sessionmanagement="Yes"
sessiontimeout="#CreateTim eSpan(0,0, 15,0)#"
applicationtimeout="#Creat eTimeSpan( 0,2,0,0)#" >
<!--- Now define that this user is logged out by default --->
<CFPARAM NAME="session.allowin" DEFAULT="false">
<!--- Now if the variable "session.allowin" does not equal true, send user to the login page --->
<!---
the other thing you must check for is if the page calling this application.cfm is the "login.cfm" page
and the "Login_process.cfm" page since the Application.cfm is always called, if this is not checked
the application will simply Loop over and over. To check that, you do the following call
--->
<CFIF session.allowin neq "true">
<CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
<CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
<CFELSE>
<!--- this user is not logged in, alert user and redirect to the login.cfm page --->
<SCRIPT>
alert("You must login to access this area!");
self.location="login.cfm";
</SCRIPT>
</CFIF>
</CFIF>
<!--- Look for log-out function --->
<CFIF isDefined('url.logout')>
<CFSET session.allowin = 'false'>
</CFIF>
<!--- routine to clear session when browser closes --->
<CFIF IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN" )>
<CFSET Variables.cfid_local = Cookie.CFID>
<CFSET Variables.cftoken_local = Cookie.CFTOKEN>
<CFCOOKIE name="CFID" value="#Variables.cfid_loc al#">
<CFCOOKIE name="CFTOKEN" value="#Variables.cftoken_ local#">
</CFIF>
<!--- Authenticate.cfm --->
<CFSET location="cp.cfm">
<CFINCLUDE TEMPLATE="adminheader.cfm" >
<!--- Get all records from the database that match this users credentials --->
<CFQUERY name="verify" datasource="investment">
SELECT username, password
FROM admin
WHERE username = '#username#'
AND
password = '#password#'
</CFQUERY>
<CFIF verify.RecordCount>
<!--- This user has logged in correctly, change the value of the session.allowin value --->
<CFSET session.allowin = "True">
<!--- Now welcome user and redirect to "members_only.cfm" --->
<SCRIPT>
self.location="<CFOUTPUT># location#< /cfoutput> ";
</SCRIPT>
<CFELSE>
<!--- this user did not log in correctly, alert and redirect to the login page --->
<SCRIPT>
alert("Your credentials could not be verified, please try again!!!");
self.location="Javascript: history.go (-1)";
</SCRIPT>
</CFIF>
<CFINCLUDE TEMPLATE="adminfooter.cfm" >
My login page is nothing but a simple form. I am wondering if this is the reason.
It seems like this application protects everything in the directory which contains the application.cfm file, and being my authentication.cfm page displays my header (which is in the application.cfm directory) before the processing, this is what is making the error. I removed my header and footer from authentication.cfm and tried that, it did not work either. I would like to know what is the problem. Thanks.
http://tutorial8.easycfm.com/
It seems very helpful. I am wondering why on my page, i type in the correct user and password, it tells me i need to log in, so i type it in again and it works.
I have tried this several times now. I must log in twice. Any suggestions?
<!--- Application.cfm --->
<!--- Create the application --->
<CFAPPLICATION name="verifyLogin" clientmanagement="Yes"
sessionmanagement="Yes"
sessiontimeout="#CreateTim
applicationtimeout="#Creat
<!--- Now define that this user is logged out by default --->
<CFPARAM NAME="session.allowin" DEFAULT="false">
<!--- Now if the variable "session.allowin" does not equal true, send user to the login page --->
<!---
the other thing you must check for is if the page calling this application.cfm is the "login.cfm" page
and the "Login_process.cfm" page since the Application.cfm is always called, if this is not checked
the application will simply Loop over and over. To check that, you do the following call
--->
<CFIF session.allowin neq "true">
<CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
<CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
<CFELSE>
<!--- this user is not logged in, alert user and redirect to the login.cfm page --->
<SCRIPT>
alert("You must login to access this area!");
self.location="login.cfm";
</SCRIPT>
</CFIF>
</CFIF>
<!--- Look for log-out function --->
<CFIF isDefined('url.logout')>
<CFSET session.allowin = 'false'>
</CFIF>
<!--- routine to clear session when browser closes --->
<CFIF IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN"
<CFSET Variables.cfid_local = Cookie.CFID>
<CFSET Variables.cftoken_local = Cookie.CFTOKEN>
<CFCOOKIE name="CFID" value="#Variables.cfid_loc
<CFCOOKIE name="CFTOKEN" value="#Variables.cftoken_
</CFIF>
<!--- Authenticate.cfm --->
<CFSET location="cp.cfm">
<CFINCLUDE TEMPLATE="adminheader.cfm"
<!--- Get all records from the database that match this users credentials --->
<CFQUERY name="verify" datasource="investment">
SELECT username, password
FROM admin
WHERE username = '#username#'
AND
password = '#password#'
</CFQUERY>
<CFIF verify.RecordCount>
<!--- This user has logged in correctly, change the value of the session.allowin value --->
<CFSET session.allowin = "True">
<!--- Now welcome user and redirect to "members_only.cfm" --->
<SCRIPT>
self.location="<CFOUTPUT>#
</SCRIPT>
<CFELSE>
<!--- this user did not log in correctly, alert and redirect to the login page --->
<SCRIPT>
alert("Your credentials could not be verified, please try again!!!");
self.location="Javascript:
</SCRIPT>
</CFIF>
<CFINCLUDE TEMPLATE="adminfooter.cfm"
My login page is nothing but a simple form. I am wondering if this is the reason.
It seems like this application protects everything in the directory which contains the application.cfm file, and being my authentication.cfm page displays my header (which is in the application.cfm directory) before the processing, this is what is making the error. I removed my header and footer from authentication.cfm and tried that, it did not work either. I would like to know what is the problem. Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Please excuse me.
The page where in my original posti stated login_process.cfm, the page is actually called
authenticate.cfm
The page where in my original posti stated login_process.cfm, the page is actually called
authenticate.cfm
ASKER
I found the problem.
In application.cfm
<CFIF session.allowin neq "true">
<CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
<CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
<CFELSE>
<!--- this user is not logged in, alert user and redirect to the login.cfm page --->
<SCRIPT>
alert("You must login to access this area!");
self.location="login.cfm";
</SCRIPT>
</CFIF>
</CFIF>
3rd line in the block "EQ "login.cfm">" that page does not even exist. The name of the page should be authenticate.cfm. I minor error in my page in renaming the files and ect. I appreciate the help.
In application.cfm
<CFIF session.allowin neq "true">
<CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
<CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
<CFELSE>
<!--- this user is not logged in, alert user and redirect to the login.cfm page --->
<SCRIPT>
alert("You must login to access this area!");
self.location="login.cfm";
</SCRIPT>
</CFIF>
</CFIF>
3rd line in the block "EQ "login.cfm">" that page does not even exist. The name of the page should be authenticate.cfm. I minor error in my page in renaming the files and ect. I appreciate the help.
OOPS !
that wld have real tough for us to figure out :)
gr8 going !
Cheers
Anand
that wld have real tough for us to figure out :)
gr8 going !
Cheers
Anand
Good !
I am happy that you have resolved your problem.
I don't even what really causes the problem.
Regards!
eNTRANCE2002 :-)
I am happy that you have resolved your problem.
I don't even what really causes the problem.
Regards!
eNTRANCE2002 :-)
ASKER
I will check out the feedback when i get home around 18:00HR