Solved

cffile or cfcontent question

Posted on 2006-06-12
3
625 Views
Last Modified: 2013-12-24

I have a secure site. https://trest.com

I have the site set up to force people to log in.

Where I am currently stuck is I have different files that I need to post on the site for people to download. Some files are power point some are excel and some are pdf.

The problem I am having is once someone has logged in. the can book mark the URL for the file and go straight to the file bypassing my log in page.

I have done enough reading to know I need to use the cffile or cfcontent tag. I just can not get the code to work.


How would I use the cffile code? The files are static so a variable would be perfected.

<cffile action="read" variable="File1" file="Z:\Sitedata\Info2006.ppt">
<cfset MIME1="application/powerpoint">
<p><span class="style2"><a href="file1">Info 2006</a> - Power Point</span></p>

Thanks for your help
0
Comment
Question by:clake24
  • 2
3 Comments
 
LVL 25

Accepted Solution

by:
dgrafx earned 500 total points
ID: 16890632
First off - to secure files:
Your folder Sitedata needs to be hidden (if you have access to server - use windows explorer - right click - properties - check hidden then OK) - if this is hosted and you only have ftp access - right click folder and remove read, write, execute.
OR
put the folder outside your website - if z:\sitedata is outside website - then you're good to go.

<cfparam name="session.loggedin" default="false">
<cfif session.loggedIn><!--- this is just an example var saying if user is logged in - you need to create it though like example above
when a user logs in successfully - then set it to true --->
<cfdirectory action="list" directory="Z:\Sitedata\" name="files">
<cfoutput query="files">
<a href="getfile.cfm?getfile=#name#">#name#</a><br>
</cfoutput>
</cfif>

<!--- code below is an ex. getfile.cfm --->
<cfif isdefined("getfile")>      
<cfheader name="content-disposition" value="inline; filename=#getfile#">            
<cftry>
<cfcontent type="application/unknown" file="Z:\Sitedata\#getfile#" deletefile="no">
<!--- application/unknown will prompt to download or open (depending on browser settings) --->
<cfcatch>
<script>
<cfoutput>alert("There was a problem downloading #getfile#")</cfoutput>
</script>
</cfcatch>
</cftry>            
</cfif>
0
 

Author Comment

by:clake24
ID: 16891638
dgrafx,

Thanks for the help.

The Z:\Sitedata is outside of the website directory.

I made the changes above and the files open. the one problem is if i copy the url into clip board and open another browswer window I can past the link and open the file again.

Do I need to set some sort of session or application time out?
0
 
LVL 25

Assisted Solution

by:dgrafx
dgrafx earned 500 total points
ID: 16894632
opening a new browser window on the same pc will still have the same session.
the session will exist until it times out or you have a logout page that kills the session.
also, you should put your <cfif session.loggedIn></cfif> block around everything on the getfile.cfm page.

your session will timeout as specified in cf administrator default value (maybe 20 minutes)
you can override this setting in your cfapplication tag :
<CFAPPLICATION Name="nameforapp"
CLIENTManagement="yes"    
SESSIONManagement="yes"
SETCLIENTCookies="yes"
SESSIONTimeout="0.03125"
APPLICATIONTimeout="1">
the sessiontimeout decimal value = desired hours / 24
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now