Solved

Please Help on logic - Login

Posted on 2004-08-02
5
390 Views
Last Modified: 2013-12-24
Hello,

Please what is the best and simplest way?

1.  I would like my application to be available only to those people who has password.  (Administrator and User).  So my application will open on a Login page.
2.  I would like to have separate rights and authorization to the administrators.  When they click the "Administrator" in the navigation, this is what should happen:

User: Sorry, you are not authorized page
Administrator:  Welcome, Database Maintenance Administration Page.

I really need this right away.  Please i appreciate direct and easy to follow answers.  

Please I hope you understand.  Thank you.

3.  I also want to be able to add Users
4.  I want to have users use and "initial login" so they can create their username and password"

Thanks so much

0
Comment
Question by:mdbbound
5 Comments
 
LVL 17

Accepted Solution

by:
anandkp earned 250 total points
ID: 11701755
lots of things there - lets take one at a time ... so its easy to understand & implement.

1. i guess the first question is pretty much answered by urself - once u have the login page - we can decide who gets thru & who dosent. [use Hash for encrypting passwords - its simple to understand & easy to implement as well]

2. this wld depend on how u have ur DB structured.

Tbl_UserType
UserTypeID       UserType
1                      Administrator
2                      User
.
..

Tbl_User
UserID             UserTypeID           UserName            Password
1                     1                         mdbbound            mdb
2                     1                         anandkp               anandkp
3                     2                         xyz                      xyz
.
..

with this as the table structure - it becomes very easy to authenticate - whos got what rights & u cld accordingly open up the menu/links for him.


3. once logged in & u know the usertype - <CFIF compare(usertype,2) EQ 0>Administrator - can add users - show him the menu to add users<cfelse> a normal user - can just browse & edit his login details - but cannot add</cfif>

the adminstrator wld then add the users [simple add/update/delete module - which lets him add logins to the Tbl_User]


4. If Logeed in member is USER - then he can just go in & update his password [i suggest not to allow them to alter usernames - as they gotta be unique - but if u want u cld go for it - thou that wld increase the checks & complexity of this module - but its for u to decide :)]

hope this gets u started & incase u need more help - i am sure experts here will see u thru ...

K'Rgds
Anand
0
 
LVL 9

Assisted Solution

by:Jerry_Pang
Jerry_Pang earned 50 total points
ID: 11702663
Tutorials for you.. =)
Creating a user authentication (Login) area
http://tutorial8.easycfm.com/

User Authenication - ADMIN area
http://tutorial227.easycfm.com/


the other easiest way is to use htaccess
0
 
LVL 1

Assisted Solution

by:JUSTICE
JUSTICE earned 200 total points
ID: 11706300
Well, I wrote a template that I just include in the top of every page, or just stick in the application.cfm file.  This login system authenticates to our iSeries AS400, but you could replace that code with a simple query if you wanted too.  I have changed my domain info here, and my page outputs a JS navigaton bar at the top based on which reports they have access too (you could trim that part off tho), but maybe this will help you get your own login system defined. :)  (its big, so bear with me)

Begin login.cfm page code
********************************************************************
<!-----------------------------------------------------------------------------
NAME: AS400 Auth and Menu System
WRITTEN BY: Chris Peterson
DATE: July 15, 2004

DESCRIPTION:
This tag will authenticate to an AS400.  If an
error is thrown, the authentication will be denied.

Displays a DHTML menu at the top of the screen based off a REPORTLIST SQL table

Include this file at the top of any page you need to be secured by a 400 login
------------------------------------------------------------------------------>
<!--- If url.logout is defined, then log the user out --->
<CFIF isDefined("url.logout")>
    <CFLOGOUT>
</CFIF>
<!---// Begin out CFLOGIN block here.  If the user is logged in already, this code
            will be completely ignored //--->
<CFLOGIN>
            <!--- If user has not been to the login form yet, display the login form --->
            <CFIF NOT (IsDefined("Form.Username") AND IsDefined("FORM.secret"))>
                              <SCRIPT>
                              <!--
                              function sf(){document.login.username.focus();}
                              // -->
                              </SCRIPT>
                              <BODY bgcolor="#888888" onLoad="sf()">
                              <BR><BR><BR>
                              <CFOUTPUT>
                                    <CFFORM action="https://#CGI.SERVER_NAME##CGI.PATH_INFO#" method="post" name="login">
                                          <TABLE width="60%" align="center" height="50%" bgcolor="##EEEEEE">
                                                <TR>
                                                      <TD colspan="2" align="center"><H1><IMG src="https://mydomain.com/login/images/GTSSmall.gif">Secure System Login</H1></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2" align="center"><I>Please login with your AS400 username and password</I></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2"><HR></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2">&nbsp;</TD>
                                                </TR>
                                                <TR>
                                                      <TD width="50%"><P align="center"><B>Please enter your<BR>user name here</B></P></TD>
                                                      <TD width="50%"><CFINPUT name="username" type="text" size="20" maxlength="20" validate="regular_expression" pattern="^[A-Za-z0-9]*$" message="Your username cannot contain anything besides numbers or letters.  Please re-enter your user-name."></TD>
                                                </TR>
                                                <TR>
                                                      <TD width="50%"><P align="center"><B>Please enter your password</B></P></TD>
                                                      <TD width="50%"><INPUT name="secret" type="password" size="20" maxlength="20"></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2">&nbsp;</TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2"><HR></TD>
                                                </TR>
                                                <TR>
                                                      <TD align="center" width="50%"><INPUT name="Reset" type="reset" value="Clear Fields" onClick="sf()"></TD>
                                                      <TD align="center" width="50%"><INPUT name="login_user" type="submit" value="Submit"></TD>
                                                </TR>
                                          </TABLE>
                                    </CFFORM>
                              </CFOUTPUT>
                        </BODY>
                  <CFABORT>
            <!--- Check the passed username and password here against the AS400 --->
            <CFELSE>
                        <!---// Validate that the incoming form variables were passed from a page on secure.gaineycorp.com //--->
                        <CFIF LEFT(CGI.HTTP_REFERER, 30) NEQ 'https://mydomain.com/'>
                              You are posting form variables from a page other than mydomain.com.  Request denied.<BR>
                              You will be redirected to the login page in 10 seconds.
                                    
                              <CFLOCATION url="https://mydomain.com/index.cfm" addtoken="no">
                        </CFIF>
            
                        <!---// Validate incoming username against a regular expression //--->
                        <CFIF NOT ReFind("^[A-Za-z0-9]*$", Form.username)>
                              Your username contained illegal characters, please use this login form to sign in.
                              You will be redirected to the login page in 10 seconds.
                                    
                              <CFLOCATION url="https://mydomain.com/index.cfm" addtoken="no">
                        </CFIF>
                        
                        <!--- Exclude users so as not to lock out the AS400 --->
                        <CFIF UCASE(TRIM(Form.Username)) eq 'QSECOFR' OR UCASE(TRIM(Form.Username)) eq 'SECOFR'>
                              You cannot log in using that account.  Please see the system administrator.
                              You will be redirected to the login page in 10 seconds.
                                    
                              <CFLOCATION url="https://mydomain.com/index.cfm" addtoken="no">
                        </CFIF>
                        
                        <!---// Check the number of locked accounts coming from 1 IP address, ban IP after 3 locked accounts  //--->
                        <CFQUERY name="CheckLocks" datasource="Reports">
                        SELECT
                              COUNT(BadLogins) as Num
                        FROM
                              Users
                        WHERE
                              Lockip = '#CGI.REMOTE_ADDR#'
                        </CFQUERY>
                        
                        <CFIF CheckLocks.Num GTE 2>
                              <CENTER><B><I><P class="largetext">You have attempted too many logins from your IP address, and your computer is locked out of this system.  Please see Chris Peterson to un-lock yourself.</P></I></B></CENTER>
                              <!--- Generate auto-email to notify sysadmin of security problem --->
                                    <CFMAIL to="emailaddr@gts.gaineycorp.com" from="Secure Server<emailaddr@gts.gaineycorp.com>" subject="Web Access Denied">
                                                 <CFMAILPARAM name="Content-Type" value="multipart/alternative">
                                                 <CFMAILPARAM name="Content-Transfer-Encoding" value="7bit">
                                                 <CFMAILPARAM name="Content-Type" value="text/html; charset=us-ascii">
                                                 <CFMAILPARAM name="MIME-Version" value="1.0">
                                                 <CFMAILPARAM name="Content-Transfer-Encoding" value="7bit">
                        
                                                <CFPROCESSINGDIRECTIVE SUPPRESSWHITESPACE="Yes">
                                                      The secure.gaineycorp.com site had an attempt at access from <CFOUTPUT>#CGI.REMOTE_ADDR#</CFOUTPUT>.
                                                      The IP address was locked.
                                                </cfprocessingdirective>
                                    </CFMAIL>
                              <CFABORT>
                        </CFIF>
                        
                        <!---// Try block to create a SQL record for new logins //--->
                        <CFTRY>
                              <CFQUERY name="NewLogin" datasource="Reports">
                              INSERT INTO
                                    Users(
                                          Username,
                                          Badlogins,
                                          Theme)
                                    VALUES(
                                          '#Left(UCASE(TRIM(Form.Username)), 10)#',
                                          0,
                                          'default.css')
                              </CFQUERY>
                              <CFCATCH type="any">
                                    <!--- Do nothing if we get errors --->
                              </CFCATCH>
                        </CFTRY>
                        
                        
                        <!---// Check the users number of failed logins here  //--->
                        <CFQUERY name="CheckUser" datasource="Reports">
                        SELECT
                              BadLogins
                        FROM
                              Users
                        WHERE
                              Username = '#UCASE(TRIM(Form.Username))#'
                        </CFQUERY>
                        
                        <!---// Validate if 2 or more bad logins already //--->
                        <CFIF CheckUser.Badlogins GTE 2>
                              <!--- Write a lock record too our SQL table --->
                              <CFQUERY name="WriteLock" datasource="Reports">
                              UPDATE
                                    Users
                              SET
                                    LockDate = Getdate(),
                                    LockIP = '#CGI.REMOTE_ADDR#'
                              WHERE
                                    Username = '#Left(UCASE(TRIM(Form.Username)), 10)#'
                              </CFQUERY>
                              <SCRIPT>
                              <!--
                              function sf(){document.login.username.focus();}
                              // -->
                              </SCRIPT>
                              <BODY bgcolor="#888888" onLoad="sf()">
                              <BR><BR><BR>
                              <CFOUTPUT>
                                    <CFFORM action="https://#CGI.SERVER_NAME##CGI.PATH_INFO#" method="post" name="login">
                                          <TABLE width="60%" align="center" height="50%" bgcolor="##EEEEEE">
                                                <TR>
                                                      <TD colspan="2" align="center"><H1><IMG src="https://mydomain.com/login/images/GTSSmall.gif">Secure System Login</H1></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2" align="center"><P><I><FONT color="##FF0000">You have failed to login 2 times, and your account has been disabled.  Contact your rep at ext. 265 to re-enable your account.</FONT></I></P></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2"><HR></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2">&nbsp;</TD>
                                                </TR>
                                                <TR>
                                                      <TD width="50%"><P align="center"><B>Please enter your<BR>user name here</B></P></TD>
                                                      <TD width="50%"><CFINPUT name="username" type="text" size="20" maxlength="20" validate="regular_expression" pattern="^[A-Za-z0-9]*$" message="Your username cannot contain anything besides numbers or letters.  Please re-enter your user-name."></TD>
                                                </TR>
                                                <TR>
                                                      <TD width="50%"><P align="center"><B>Please enter your password</B></P></TD>
                                                      <TD width="50%"><INPUT name="secret" type="password" size="20" maxlength="20"></TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2">&nbsp;</TD>
                                                </TR>
                                                <TR>
                                                      <TD colspan="2"><HR></TD>
                                                </TR>
                                                <TR>
                                                      <TD align="center" width="50%"><INPUT name="Reset" type="reset" value="Clear Fields" onClick="sf()"></TD>
                                                      <TD align="center" width="50%"><INPUT name="login_user" type="submit" value="Submit"></TD>
                                                </TR>
                                          </TABLE>
                                    </CFFORM>
                              </CFOUTPUT>
                        </BODY>
                              <CFABORT>
                        </CFIF>
                        
                        
                        <!---// set local variables //--->
                        <CFPARAM name="Validate" default="default" type="any">
                        <!---// set default attributes //--->
                        <CFPARAM name="form.username" default="">
                        <CFPARAM name="form.secret" default="">
                        <CFPARAM name="form.AS400" default="{iseries IP here}">
                        <!---// [begin] login action //--->
                        <CFTRY>
                              <!--- create the iSeries/AS400 object --->
                              <CFOBJECT action="create" type="java" class="com.ibm.as400.access.AS400" name="iseries">
                              <!--- call the Java contructors --->
                              <CFSET iseries.init(form.AS400, Left(Trim(UCase(form.username)), 10), Left(Trim(form.secret), 10))>
                              <!--- call the Java class --->
                              <CFSET Validate = (iSeries.ValidateSignon())>
                              <!--- disconnect --->
                              <CFSET iseries.disconnectService(iseries.command)>
                              
                              <CFCATCH type="any">
                                    <!--- Bad login passed, go back to our login page again --->
                                          <!---// Write a bad login record to SQL //--->
                                          <CFQUERY name="BadLogin" datasource="Reports">
                                          UPDATE
                                                Users
                                          SET
                                                Badlogins = Badlogins + 1
                                          WHERE
                                                Username = '#Left(UCASE(TRIM(Form.Username)), 10)#'
                                          </CFQUERY>
                                          <SCRIPT>
                                          <!--
                                          function sf(){document.login.username.focus();}
                                          // -->
                                          </SCRIPT>
                                          <BODY bgcolor="#888888" onLoad="sf()">
                                          <BR><BR><BR>
                                          <CFOUTPUT>
                                                <CFFORM action="https://#CGI.SERVER_NAME##CGI.PATH_INFO#" method="post" name="login">
                                                      <TABLE width="60%" align="center" height="50%" bgcolor="##EEEEEE">
                                                            <TR>
                                                                  <TD colspan="2" align="center"><H1><IMG src="https://mydomain.com/login/images/GTSSmall.gif">Secure System Login</H1></TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD colspan="2" align="center"><P><I><FONT color="##FF0000">Incorrect login information.  You have 1 more attempt to log in before your account is disabled!</FONT></I></P></TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD colspan="2"><HR></TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD colspan="2">&nbsp;</TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD width="50%"><P align="center"><B>Please enter your<BR>user name here</B></P></TD>
                                                                  <TD width="50%"><CFINPUT name="username" type="text" size="20" maxlength="20" validate="regular_expression" pattern="^[A-Za-z0-9]*$" message="Your username cannot contain anything besides numbers or letters.  Please re-enter your user-name."></TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD width="50%"><P align="center"><B>Please enter your password</B></P></TD>
                                                                  <TD width="50%"><INPUT name="secret" type="password" size="20" maxlength="20"></TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD colspan="2">&nbsp;</TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD colspan="2"><HR></TD>
                                                            </TR>
                                                            <TR>
                                                                  <TD align="center" width="50%"><INPUT name="Reset" type="reset" value="Clear Fields" onClick="sf()"></TD>
                                                                  <TD align="center" width="50%"><INPUT name="login_user" type="submit" value="Submit"></TD>
                                                            </TR>
                                                      </TABLE>
                                                </CFFORM>
                                          </CFOUTPUT>
                                    </BODY>
                                    <CFABORT>
                              </CFCATCH>
                        </CFTRY>
                        <!---// If my login is sucessful, then log our user in after getting
                                    their roles from SQL and setting their last log-in date/time //--->
                        <CFIF Validate neq 'default'>
                              <!---// Grab all user info, last login, etc //--->
                              <CFQUERY name="GetRoles" datasource="Reports">
                              SELECT
                                    Users.Username as Username,
                                    Users.RealName as Realname,
                                    Users.LastLogin as LastLogin,
                                    Users.Roles as Roles
                              FROM
                                    USERS
                              WHERE
                                    Users.Username = '#Left(UCASE(TRIM(Form.Username)), 10)#'
                              </CFQUERY>
                                    <!---// If the realname is null, go grab the real user name from the 400 and update the SQL database --->
                                    <CFIF Len(Trim(GetRoles.RealName)) eq 0>
                                                <!---// The realname is null, so go and grab the AS400 realname //--->
                                                <CFQUERY name="GetName" datasource="{DSNNAME}">
                                                SELECT
                                                      UPTEXT as RealName
                                                FROM
                                                      UTILS.USERS
                                                WHERE
                                                      UPUPRF = '#Left(UCASE(TRIM(Form.Username)), 10)#'
                                                </CFQUERY>
                                                <!---// Write our current login info to the database //--->
                                                <CFQUERY name="Login" datasource="Reports">
                                                UPDATE
                                                      Users
                                                SET
                                                      BadLogins = 0,
                                                      LastLogin = GetDate(),
                                                      LastIP = '#CGI.REMOTE_ADDR#',
                                                      RealName = '#GetName.RealName#',
                                                      Lockdate = '',
                                                      Lockip = ''
                                                WHERE
                                                      Username = '#Left(UCASE(TRIM(Form.Username)), 10)#'
                                                </CFQUERY>
                                    <CFELSE>
                                                <!---// Write our current login info to the database //--->
                                                <CFQUERY name="Login" datasource="Reports">
                                                UPDATE
                                                      Users
                                                SET
                                                      BadLogins = 0,
                                                      LastLogin = GetDate(),
                                                      LastIP = '#CGI.REMOTE_ADDR#',
                                                      Lockdate = '',
                                                      Lockip = ''
                                                WHERE
                                                      Username = '#Left(UCASE(TRIM(Form.Username)), 10)#'
                                                </CFQUERY>
                                    </CFIF>
                              <!--- Log in the user here, as we have passed the AS400 authentication check --->
                              
                              
                              <CFLOGINUSER name="#GetRoles.Username#" password="blank" roles="#Replace(GetRoles.Roles, " ", "", "ALL")#">
                        </CFIF>
            </CFIF>
</CFLOGIN>
<!---// [ end ] login action //--->


<!---// If the logged in user is blank, abort all page processing //--->
<CFIF Len(Trim(UCase(GetAuthUser()))) eq 0>
      <BR><BR>Please log in to access this page.  Press refresh or F5 to reload this page and log in now!
      <CFABORT>
</CFIF>


<!---// ********************************************** //--->
<!---// User is all logged in now, display our top bar //--->
<!---//         Get user details from SQL              //--->

      <CFQUERY name="LoadUser" datasource="Reports">
      SELECT
            Users.Username as Username,
            Users.RealName as Realname,
            Users.LastLogin as LastLogin,
            Users.Roles as Roles,
            Users.Theme as Theme,
            Users.Seclevel as Level
      FROM
            USERS
      WHERE
            Users.Username = '#Left(Trim(UCase(GetAuthUser())), 10)#'
      </CFQUERY>
      
      <!---/// If the LoadUser.Theme variable is blank, use default //--->
      <CFIF Len(Trim(LoadUser.Theme)) eq 0>
            <CFSET LoadUser.Theme = 'default.css'>
      </CFIF>

      <!---// Define our application scope and initialize all session variables //--->
      <CFAPPLICATION name="secure" sessionmanagement="yes" sessiontimeout="#CreateTimeSpan(1, 0, 0, 0)#" clientmanagement="yes" setclientcookies="no">
            <CFLOCK scope="application" timeout="5" type="exclusive">
                  <CFSET Application.DSN="{DSNNAME}">
            </CFLOCK>
      
      <!---// Create our header row on the top of all pages processed //--->
      <HEAD>
                        <!--- Include the CSS Style Sheet --->
                        <CFOUTPUT>
                        <LINK rel="STYLESHEET" href="https://mydomain.com/login/#LoadUser.Theme#" type="text/css">
                        </CFOUTPUT>
                        
                        <!---// Get a list of links to be displayed according to the users security level //--->
                        <CFQUERY name="GetGroups" datasource="Reports">
                        SELECT DISTINCT
                              Grouping
                        FROM
                              ReportList
                        ORDER BY
                              Grouping
                        </CFQUERY>
                        
                        
                        <SCRIPT language="JavaScript1.2">
                        
                        var linkset=new Array()
                        
                        </SCRIPT>
                        
                        <CFLOOP query="GetGroups">
                              
                              <CFQUERY name="GetReports" datasource="Reports">
                              SELECT
                                    Name,
                                    Description,
                                    Link,
                                    Grouping
                              FROM
                                    ReportList
                              WHERE
                                    Grouping = '#GetGroups.Grouping#'
                                    AND SecLevel <= #LoadUser.Level#
                              ORDER BY
                                    Name
                              </CFQUERY>
                              
                              <!---// If we are on the first record, dont use a plus sign //--->
                              <CFOUTPUT query="GetReports">
                                    <CFIF GetReports.CurrentRow eq 1>
                                          <SCRIPT language="JavaScript1.2">
                                          linkset[#GetGroups.CurrentRow - 1#]='<div class="menuitems"><a href="#GetReports.Link#" title="#GetReports.Description#">#GetReports.Name#</a></div>'
                                          </SCRIPT>
                                    <CFELSE>
                                          <SCRIPT language="JavaScript1.2">
                                          linkset[#GetGroups.CurrentRow - 1#]+='<div class="menuitems"><a href="#GetReports.Link#" title="#GetReports.Description#">#GetReports.Name#</a></div>'
                                          </SCRIPT>
                                    </CFIF>
                              </CFOUTPUT>
                        </CFLOOP>
                        
                        <SCRIPT language="JavaScript1.2">
                        
                        // Add my hard-coded user-self administrator options //
                        linkset[99]='<div class="menuitems"><a href="https://mydomain.com/login/resetpw.cfm" title="Allows you to reset your AS400 password.  You will have to do this every 30 days!">Reset Password</a></div>'
                        linkset[99]+='<div class="menuitems"><a href="https://mydomain.com/login/settheme.cfm" title="Choose a reporting theme (for you green screen users!)">Set Theme</a></div>'
                        
                        
                        ////No need to edit beyond here
                        
                        var ie4=document.all&&navigator.userAgent.indexOf("Opera")==-1
                        var ns6=document.getElementById&&!document.all
                        var ns4=document.layers
                        
                        function showmenu(e,which){
                        
                        if (!document.all&&!document.getElementById&&!document.layers)
                        return
                        
                        clearhidemenu()
                        
                        menuobj=ie4? document.all.popmenu : ns6? document.getElementById("popmenu") : ns4? document.popmenu : ""
                        menuobj.thestyle=(ie4||ns6)? menuobj.style : menuobj
                        
                        if (ie4||ns6)
                        menuobj.innerHTML=which
                        else{
                        menuobj.document.write('<layer name=gui bgColor=#E6E6E6 width=165 onmouseover="clearhidemenu()" onmouseout="hidemenu()">'+which+'</layer>')
                        menuobj.document.close()
                        }
                        
                        menuobj.contentwidth=(ie4||ns6)? menuobj.offsetWidth : menuobj.document.gui.document.width
                        menuobj.contentheight=(ie4||ns6)? menuobj.offsetHeight : menuobj.document.gui.document.height
                        eventX=ie4? event.clientX : ns6? e.clientX : e.x
                        eventY=ie4? event.clientY : ns6? e.clientY : e.y
                        
                        //Find out how close the mouse is to the corner of the window
                        var rightedge=ie4? document.body.clientWidth-eventX : window.innerWidth-eventX
                        var bottomedge=ie4? document.body.clientHeight-eventY : window.innerHeight-eventY
                        
                        //if the horizontal distance isn't enough to accomodate the width of the context menu
                        if (rightedge<menuobj.contentwidth)
                        //move the horizontal position of the menu to the left by it's width
                        menuobj.thestyle.left=ie4? document.body.scrollLeft+eventX-menuobj.contentwidth : ns6? window.pageXOffset+eventX-menuobj.contentwidth : eventX-menuobj.contentwidth
                        else
                        //position the horizontal position of the menu where the mouse was clicked
                        menuobj.thestyle.left=ie4? document.body.scrollLeft+eventX : ns6? window.pageXOffset+eventX : eventX
                        
                        //same concept with the vertical position
                        if (bottomedge<menuobj.contentheight)
                        menuobj.thestyle.top=ie4? document.body.scrollTop+eventY-menuobj.contentheight : ns6? window.pageYOffset+eventY-menuobj.contentheight : eventY-menuobj.contentheight
                        else
                        menuobj.thestyle.top=ie4? document.body.scrollTop+event.clientY : ns6? window.pageYOffset+eventY : eventY
                        menuobj.thestyle.visibility="visible"
                        return false
                        }
                        
                        function contains_ns6(a, b) {
                        //Determines if 1 element in contained in another- by Brainjar.com
                        while (b.parentNode)
                        if ((b = b.parentNode) == a)
                        return true;
                        return false;
                        }
                        
                        function hidemenu(){
                        if (window.menuobj)
                        menuobj.thestyle.visibility=(ie4||ns6)? "hidden" : "hide"
                        }
                        
                        function dynamichide(e){
                        if (ie4&&!menuobj.contains(e.toElement))
                        hidemenu()
                        else if (ns6&&e.currentTarget!= e.relatedTarget&& !contains_ns6(e.currentTarget, e.relatedTarget))
                        hidemenu()
                        }
                        
                        function delayhidemenu(){
                        if (ie4||ns6||ns4)
                        delayhide=setTimeout("hidemenu()",500)
                        }
                        
                        function clearhidemenu(){
                        if (window.delayhide)
                        clearTimeout(delayhide)
                        }
                        
                        function highlightmenu(e,state){
                        if (document.all)
                        source_el=event.srcElement
                        else if (document.getElementById)
                        source_el=e.target
                        if (source_el.className=="menuitems"){
                        source_el.id=(state=="on")? "mouseoverstyle" : ""
                        }
                        else{
                        while(source_el.id!="popmenu"){
                        source_el=document.getElementById? source_el.parentNode : source_el.parentElement
                        if (source_el.className=="menuitems"){
                        source_el.id=(state=="on")? "mouseoverstyle" : ""
                        }
                        }
                        }
                        }
                        
                        if (ie4||ns6)
                        document.onclick=hidemenu
                        
                        </SCRIPT>
      </HEAD>
      <CFOUTPUT>
            <!---// Nevessary for displaying the DHTML menu popup //--->
            <DIV id="popmenu" class="menuskin" onMouseover="clearhidemenu();highlightmenu(event,'on')" onMouseout="highlightmenu(event,'off');dynamichide(event)"></DIV>
            
            
            <CFPARAM name="num" default="0" type="numeric">
            <BODY topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0">
                  <CFIF NOT Isdefined("URL.Toolbar")>
                        <TABLE width="100%" cellpadding="2" cellspacing="0" class="Navbar">
                              <TR>
                                    <TD><A href="##" class="NavLinks" onMouseover="showmenu(event,linkset[99])" onMouseout="delayhidemenu()">#Trim(LoadUser.RealName)#, last login #DateFormat(LoadUser.LastLogin, "MM/DD/YYYY")#</A></TD>
                                    <CFLOOP query="GetGroups">
                                          <!---// Check authority to groups here.  Add csv list to SQL to authorize user to additional groups //--->
                                          <CFIF isUserInRole("#GetGroups.Grouping#") OR isUserInRole("All") OR GetGroups.Grouping eq GetAuthUser()>
                                                <CFIF GetGroups.Grouping eq GetAuthUser()>
                                                      <TD><A href="##" class="NavLinks" onMouseover="showmenu(event,linkset[#GetGroups.CurrentRow - 1#])" onMouseout="delayhidemenu()">[My Reports]</A></TD>
                                                <CFELSE>
                                                      <TD><A href="##" class="NavLinks" onMouseover="showmenu(event,linkset[#GetGroups.CurrentRow - 1#])" onMouseout="delayhidemenu()">[#GetGroups.Grouping#]</A></TD>
                                                </CFIF>
                                          </CFIF>
      
                                    </CFLOOP>
                                    <TD><A href="https://#CGI.SERVER_NAME#/index.cfm?Logout=True" class="NavLinks">[Logout]</A>&nbsp;&nbsp;&nbsp;</TD>
                              </TR>
                        </TABLE>
                  </CFIF>
      </CFOUTPUT>

      <!---// Check if the users password is going to expire soon, and direct user to the change password screen //--->
      <CFQUERY name="GetExpire" datasource="{DSN}">
      SELECT
            UPPWCD
      FROM
            UTILS.USERS
      WHERE
            UPUPRF = '#GetAuthUser()#'
      </CFQUERY>
      
      <!---// Make sure a date is defined, then if its greater than 29 days (as a regular user) and not greater than 150 days (as an admin), present expired message //--->
      <CFIF GetExpire.RecorDcount gt 0 AND DateDiff("d", Now(), GetExpire.UPPWCD) gte 29 AND DateDiff("d", Now(), GetExpire.UPPWCD) lte 150>
            <I>You should reset your password now, it will expire soon.</I>
      </CFIF>
************************************************************************

Hope you can make sense of that, I have it well commented, paste into dreamweaver and let the lag highliting go to work.  :)  Tell me if you use this please!
0
 

Author Comment

by:mdbbound
ID: 11711342
Thanks so much to all.  I promise i'll get back once i get part of it going (for sure with follow up ?????)
0
 

Author Comment

by:mdbbound
ID: 11723730
Thanks.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now