Solved

cfapplication - how to keep login information for each page

Posted on 2004-10-06
10
336 Views
Last Modified: 2013-12-24
I'm using cfapplication and I need every page the user accesses, I need their name and employee number.

My cfapplication.cfm looks like this:

<!--- Create the application --->
<cfapplication name="myapp" clientmanagement="Yes" sessionmanagement="Yes" sessiontimeout="#CreateTimeSpan(0,4,0,0)#" applicationtimeout="#CreateTimeSpan(0,8,0,0)#" SETCLIENTCOOKIES="Yes">

<CFPARAM NAME="session.allowin" DEFAULT="false">

<cfif session.allowin neq "true">
      <cfif ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
      <cfelseif ListLast(CGI.SCRIPT_NAME, "/") EQ "mgmt_home.cfm">
      <cfelse>
      <script>
              alert("You must login to access this area!");
              self.location="login.cfm";
      </script>
      </cfif>
</cfif>

My form on the login.cfm page looks like this:

<form action="mgmt_home.cfm" method="post">
<table width="65%" cellspacing="2" cellpadding="2" align="center" bgcolor="B0C4DE">
   <tr>
      <td colspan="2" align="center" class="small">
         Please enter your AWID and password.<br>
         <img src="../images/dot_clear.gif" width="1" height="10">
      </td>
   </tr>
   <tr>
      <th align="right" class="small">Login:</th>
      <td><input type="text"
         size="15"
         maxlength="7"
         name="user_name"
         value=""
         class="smallblue"
         onFocus="this.style.border='2px solid';"
         onBlur="this.style.border='1px solid';">
      </td>
   </tr>
   <tr>
      <th align="right" class="small">Password:</th>
      <td><input type="password"
         size="15"
         maxlength="8"
         name="user_pass"
         value=""
         class="smallblue"
         onFocus="this.style.border='2px solid';"
         onBlur="this.style.border='1px solid';">                                    
      </td>
   </tr>
   <tr>
      <td colspan="2" align="right"><input type="Image" src="../images/go.gif" name="login_user" value="Log In"></td>
   </tr>
</table>
</form>

And finally...my authorized login page, mgmt_home.cfm looks like this:

<!-- BEGIN LOGIN VERIFICATION -->
<!--- Get all records from the database that match this users credentials --->
<cfquery name="qVerify" datasource="myds">
    SELECT            *
    FROM            tbl_loginmgmt
    WHERE            user_name = '#user_name#'
</cfquery>

<cfif qVerify.RecordCount>
    <!--- This user has logged in correctly, change the value of the session.allowin value --->
    <cfset session.allowin = "True">
    <!--- Now welcome user and redirect to "index.cfm" --->
<cfoutput query="qVerify">

</cfoutput>      
<cfelse>
    <!--- this user did not log in correctly, alert and redirect to the login page --->
    <script>
        alert("Your credentials could not be verified, please try again!!!");
        self.location="Javascript:history.go(-1)";
    </script>
</cfif>
<!-- END LOGIN VERIFICATION -->

Now if the user clicks on a menu item off of this page and goes to the next page, I lose the user_name information.  How do I keep the qverify query information with any page the user attempts to access?
0
Comment
Question by:Lee R Liddick Jr
  • 5
  • 4
10 Comments
 
LVL 21

Accepted Solution

by:
pinaldave earned 500 total points
ID: 12241963
Hi leerljr68,
use session management and that way you can save it...
now I have noticed that you are already using the session you can do this...

<cfset session.queryname = yoruquery>

this is what you can pass to all the pages nad you can use all the param from this session.queryname

Regards,
---Pinal
0
 

Author Comment

by:Lee R Liddick Jr
ID: 12242032
So on every page I include the statement:

<cfset session.queryname = qVerify>

qVerify being the name of my initial query on my login verification page (mgmt_home.cfm).
0
 

Author Comment

by:Lee R Liddick Jr
ID: 12242190
Or no...it would be this...

<cfset session.qVerify = form.user_name>

And I would place this on every page?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 21

Expert Comment

by:pinaldave
ID: 12242484
you do not have to do that on every page... you will have to do it once where you run that query and through out the session it will be automatically be saved and you can get it on whatever page you want to use it.
Regards,
---Pinal
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 12244448
make sure cookies are enabled, if not pass the #session.urlToken# with every url, i.e. < ahref="index.cfm?#session.urlToken#">test</a>

or use #urlSessionFormat("index.cfm")#
0
 

Author Comment

by:Lee R Liddick Jr
ID: 12245120
I will finish trying that and testing on Thursday pinaldave...thank you much!
0
 
LVL 21

Expert Comment

by:pinaldave
ID: 12245359
no problem,
Hope that I can help you,
Regards,
---Pinal
0
 

Author Comment

by:Lee R Liddick Jr
ID: 12258684
pinaldave...I'm not getting something here...

I have application.cfm, login.cfm (which is just the login form), and mgmt_services.cfm (which is the first page the user sees when successfully logging in).  Mgmt_services.cfm is the page that also holds the query qVerify that holds the login information and the information that I want passed to every page that user accesses.

So in your example:

<cfset session.queryname = yourquery>

What does 'queryname' represent?  What does 'yourquery' represent?  And where exactly am I placing this?
0
 
LVL 21

Expert Comment

by:pinaldave
ID: 12258828
you can put that in your application.cfm
what youcan do is that yourqury is the qurey you will run and want to store in the session variable the information of the login.
the queryname will be any variable which you want to give it the name it can be same name as your query for username or anything...
0
 

Author Comment

by:Lee R Liddick Jr
ID: 12259491
My cfapplication.cfm now looks like this but it still isn't working...

<!--- Create the application --->
<cfapplication name="myname" clientmanagement="Yes"
                    sessionmanagement="Yes"
                    sessiontimeout="#CreateTimeSpan(0,4,0,0)#"
                    applicationtimeout="#CreateTimeSpan(0,8,0,0)#"
                              SETCLIENTCOOKIES="Yes">

<!--- Now define that this user is logged out by default --->
<CFPARAM NAME="session.allowin" DEFAULT="false">
<!--- Now if the variable "session.allowin" does not equal true, send user to the login page --->

<cfif session.allowin neq "true">
      <cfif ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
      <cfelseif ListLast(CGI.SCRIPT_NAME, "/") EQ "mgmt_home.cfm">
        <cfset session.qVerify = qVerify>
      <cfelse>
      <!--- this user is not logged in, alert user and redirect to the login.cfm page --->
      <script>
              alert("You must login to access this area!");
              self.location="login.cfm";
      </script>
      </cfif>
</cfif>
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question