I am using the user authentication found at:
It seems very helpful. I am wondering why on my page, i type in the correct user and password, it tells me i need to log in, so i type it in again and it works.
I have tried this several times now. I must log in twice. Any suggestions?
<!--- Application.cfm --->
<!--- Create the application --->
<CFAPPLICATION name="verifyLogin" clientmanagement="Yes"
<!--- Now define that this user is logged out by default --->
<CFPARAM NAME="session.allowin" DEFAULT="false">
<!--- Now if the variable "session.allowin" does not equal true, send user to the login page --->
the other thing you must check for is if the page calling this application.cfm is the "login.cfm" page
and the "Login_process.cfm" page since the Application.cfm is always called, if this is not checked
the application will simply Loop over and over. To check that, you do the following call
<CFIF session.allowin neq "true">
<CFIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
<CFELSEIF ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
<!--- this user is not logged in, alert user and redirect to the login.cfm page --->
alert("You must login to access this area!");
<!--- Look for log-out function --->
<CFSET session.allowin = 'false'>
<!--- routine to clear session when browser closes --->
<CFIF IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN"
<CFSET Variables.cfid_local = Cookie.CFID>
<CFSET Variables.cftoken_local = Cookie.CFTOKEN>
<CFCOOKIE name="CFID" value="#Variables.cfid_loc
<CFCOOKIE name="CFTOKEN" value="#Variables.cftoken_
<!--- Authenticate.cfm --->
<!--- Get all records from the database that match this users credentials --->
<CFQUERY name="verify" datasource="investment">
SELECT username, password
WHERE username = '#username#'
password = '#password#'
<!--- This user has logged in correctly, change the value of the session.allowin value --->
<CFSET session.allowin = "True">
<!--- Now welcome user and redirect to "members_only.cfm" --->
<!--- this user did not log in correctly, alert and redirect to the login page --->
alert("Your credentials could not be verified, please try again!!!");
My login page is nothing but a simple form. I am wondering if this is the reason.
It seems like this application protects everything in the directory which contains the application.cfm file, and being my authentication.cfm page displays my header (which is in the application.cfm directory) before the processing, this is what is making the error. I removed my header and footer from authentication.cfm and tried that, it did not work either. I would like to know what is the problem. Thanks.