Solved

Why Log In Twice? - <CFApplication> Session ect.

Posted on 2003-12-03
7
512 Views
Last Modified: 2013-12-24
I am using the user authentication found at:
http://tutorial8.easycfm.com/

It seems very helpful. I am wondering why on my page, i type in the correct user and password, it tells me i need to log in, so i type it in again and it works.

I have tried this several times now. I must log in twice. Any suggestions?

<!--- Application.cfm --->

<!--- Create the application --->
<CFAPPLICATION name="verifyLogin" clientmanagement="Yes"
                    sessionmanagement="Yes"
                    sessiontimeout="#CreateTimeSpan(0,0,15,0)#"
                    applicationtimeout="#CreateTimeSpan(0,2,0,0)#">
<!--- Now define that this user is logged out by default --->
<CFPARAM NAME="session.allowin" DEFAULT="false">
<!--- Now if the variable "session.allowin" does not equal true, send user to the login page --->
<!---
        the other thing you must check for is if the page calling this application.cfm is the "login.cfm" page
        and the "Login_process.cfm" page since the Application.cfm is always called, if this is not checked
        the application will simply Loop over and over. To check that, you do the following call

--->
<CFIF session.allowin neq "true">
  <CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
    <CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
    <CFELSE>
    <!--- this user is not logged in, alert user and redirect to the login.cfm page --->
    <SCRIPT>
              alert("You must login to access this area!");
              self.location="login.cfm";
      </SCRIPT>
  </CFIF>
</CFIF>
<!--- Look for log-out function --->
<CFIF isDefined('url.logout')>
  <CFSET session.allowin = 'false'>
</CFIF>
<!--- routine to clear session when browser closes --->
<CFIF IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
  <CFSET Variables.cfid_local = Cookie.CFID>
  <CFSET Variables.cftoken_local = Cookie.CFTOKEN>
  <CFCOOKIE name="CFID" value="#Variables.cfid_local#">
  <CFCOOKIE name="CFTOKEN" value="#Variables.cftoken_local#">
</CFIF>


<!--- Authenticate.cfm --->
<CFSET location="cp.cfm">
<CFINCLUDE TEMPLATE="adminheader.cfm">
  <!--- Get all records from the database that match this users credentials --->
  <CFQUERY name="verify" datasource="investment">
  SELECT username, password
  FROM admin
  WHERE username = '#username#'
  AND
  password = '#password#'
  </CFQUERY>
  <CFIF verify.RecordCount>
    <!--- This user has logged in correctly, change the value of the session.allowin value --->
    <CFSET session.allowin = "True">
    <!--- Now welcome user and redirect to "members_only.cfm" --->
    <SCRIPT>
         self.location="<CFOUTPUT>#location#</cfoutput>";
    </SCRIPT>
    <CFELSE>
    <!--- this user did not log in correctly, alert and redirect to the login page --->
    <SCRIPT>
        alert("Your credentials could not be verified, please try again!!!");
        self.location="Javascript:history.go(-1)";
    </SCRIPT>
  </CFIF>
  <CFINCLUDE TEMPLATE="adminfooter.cfm">

My login page is nothing but a simple form. I am wondering if this is the reason.

It seems like this application protects everything in the directory which contains the application.cfm file, and being my authentication.cfm page displays my header (which is in the application.cfm directory) before the processing, this is what is making the error. I removed my header and footer from authentication.cfm and tried that, it did not work either. I would like to know what is the problem. Thanks.
0
Comment
Question by:zakirdavis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 14

Accepted Solution

by:
Renante Entera earned 275 total points
ID: 9865109
Try removing your line :

   self.location="login.cfm"

On this line :

<CFIF session.allowin neq "true">
  <CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
    <CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
    <CFELSE>
    <!--- this user is not logged in, alert user and redirect to the login.cfm page --->
    <SCRIPT>
              alert("You must login to access this area!");
              self.location="login.cfm";
      </SCRIPT>
  </CFIF>
</CFIF>

Goodluck!
eNTRANCE2002 :-)
0
 
LVL 17

Assisted Solution

by:anandkp
anandkp earned 225 total points
ID: 9865219
Hi ... i guess ur code looks fine - thou a bit confusing where u are checking for the session value & redirecting the user to login.cfm

I was just thinking that the place from where ur accessing the server - may be having checks on session & avoiding it. [sessions may be blocked on ur server]

chk the setting in CFADMIN - & make sure the session timeout is set to 15 min [as required] ... as if the CFAdmin has a setting set to 0 ... it overrides teh setting in ur Application.cfm file.

chk the above & confirm !

PS : in ur code - ur setting the value of <CFSET session.allowin = "True"> in authenticate.cfm
dont u think when u execute ur code - before authenticate.cfm being called - application.cfm will execute & take u back to login page.
according to me - the code for authenticating the user & taking him inside or back to login.cfm shld be on application.cfm file itself ... just a thought !

K'Rgds
Anand
0
 

Author Comment

by:zakirdavis
ID: 9867440
Sorry. Today is 12.03.03 @ 10.56EST

I will check out the feedback when i get home around 18:00HR
0
Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

 

Author Comment

by:zakirdavis
ID: 9869234
Please excuse me.

The page where in my original posti stated login_process.cfm, the page is actually called

authenticate.cfm


0
 

Author Comment

by:zakirdavis
ID: 9871841
I found the problem.

In application.cfm

<CFIF session.allowin neq "true">
  <CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
    <CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
    <CFELSE>
    <!--- this user is not logged in, alert user and redirect to the login.cfm page --->
    <SCRIPT>
              alert("You must login to access this area!");
              self.location="login.cfm";
      </SCRIPT>
  </CFIF>
</CFIF>


3rd line in the block "EQ "login.cfm">" that page does not even exist. The name of the page should be authenticate.cfm. I minor error in my page in renaming the files and ect. I appreciate the help.
0
 
LVL 17

Expert Comment

by:anandkp
ID: 9872264
OOPS !

that wld have real tough for us to figure out :)

gr8 going !

Cheers
Anand

0
 
LVL 14

Expert Comment

by:Renante Entera
ID: 9872300
Good !

I am happy that you have resolved your problem.

I don't even what really causes the problem.

Regards!
eNTRANCE2002 :-)
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
What You Need to Know when Searching for a Webhost Provider
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Suggested Courses

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question