[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

CF Login redirect

Posted on 2006-05-05
5
Medium Priority
?
346 Views
Last Modified: 2013-12-24
Hello,
  I've been using the Dreamweaver tools to secure a page.  It allows me to redirect to "sorry" page (or whatever) to direct them to login if they try to go directly to the page without logging in.

My login page then sends them to the web's default page on authorization.

What I really want to do is have them sent back to the page they wanted in the first place.

Code below as you can see has a "URL Fail" redirect.

Thanks in advance.

<cflock scope="Session" type="ReadOnly" timeout="30" throwontimeout="no">
  <cfset MM_Username=Iif(IsDefined("Session.MM_Username"),"Session.MM_Username",DE(""))>
  <cfset MM_UserAuthorization=Iif(IsDefined("Session.MM_UserAuthorization"),"Session.MM_UserAuthorization",DE(""))>
</cflock>
<cfif MM_Username EQ "">
  <cfset MM_referer=CGI.SCRIPT_NAME>
  <cfif CGI.QUERY_STRING NEQ "">
    <cfset MM_referer=MM_referer & "?" & CGI.QUERY_STRING>
  </cfif>
  <cfset MM_failureURL="../sorry.cfm?accessdenied=" & URLEncodedFormat(MM_referer)>
  <cflocation url="#MM_failureURL#" addtoken="no">
</cfif>
<cfset CurrentPage=GetFileFromPath(GetTemplatePath())>
0
Comment
Question by:lrbrister
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:jtreher
ID: 16614937
You are going to have a hard time adjusting this code to do what you want.

There are couple of approaches one is to include the login form and then do an abort so that the URL stays the same. So the top of each secure page checks to see if the user authenticated, if not, checks to see if a login form has been submitted, if not displays login form.

Pseudocode for top of each page

MysecurePage (like view_orderhistory)

is user logged in?
 yes - continue processing page
 no - is user submitting a login form
    yes - validate and login user
      Did user validate
        yes - continue processing page
        no - display login form and abort
    no - display login form and abort

0
 
LVL 25

Expert Comment

by:dgrafx
ID: 16614947

Create a var named reqPage (for ex)
reqPage=#cgi.SCRIPT_NAME#:#replace(cgi.query_string,"&",":","all")#
which is the requested page and querystring they were trying to access
notice I replaced the & with :
send this to your sorry page and again to login and again to login action and if successful login then loop through the reqPage var using : as delimiter
Make the pagename listfirst adding ? and then add the rest of reqPage adding a &
Then locate to this resulting value you've created with the loop.
The reason for the : instead of & is so you can send them around in a url string - if you want to use a session for ex, then I don't imagine you'd have to.
I hope this is coherent - I'm in a hurry
If any questions just ask ...
0
 
LVL 3

Accepted Solution

by:
pcaioo earned 2000 total points
ID: 16615990
I think you want this

<cflock scope="Session" type="ReadOnly" timeout="30" throwontimeout="no">
  <cfset MM_Username=Iif(IsDefined("Session.MM_Username"),"Session.MM_Username",DE(""))>
  <cfset MM_UserAuthorization=Iif(IsDefined("Session.MM_UserAuthorization"),"Session.MM_UserAuthorization",DE(""))>
</cflock>

<cfif MM_Username EQ "">
  <cfinclude template="../sorry.cfm">
  <cfabort>
</cfif>
<cfset CurrentPage=GetFileFromPath(GetTemplatePath())>

which will send your user to a sorry page without change the URL or redirect.
which mean lot faster .
0
 
LVL 25

Expert Comment

by:dgrafx
ID: 16616162
lrbrister
I thought you wanted to grab the page and querystring that the user was trying to access when the fact that they weren't logged in stopped them and sent them to a sorry page
###" for the purpose of letting them login and then send them to the page they had originally wanted. "### ???

How is the accepted answer here going to do that?
0
 
LVL 3

Expert Comment

by:pcaioo
ID: 16616726
because the querystring has never been change in my example it still in URL
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses
Course of the Month18 days, 12 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question