Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

cffile or cfcontent question

Posted on 2006-06-12
3
Medium Priority
?
644 Views
Last Modified: 2013-12-24

I have a secure site. https://trest.com

I have the site set up to force people to log in.

Where I am currently stuck is I have different files that I need to post on the site for people to download. Some files are power point some are excel and some are pdf.

The problem I am having is once someone has logged in. the can book mark the URL for the file and go straight to the file bypassing my log in page.

I have done enough reading to know I need to use the cffile or cfcontent tag. I just can not get the code to work.


How would I use the cffile code? The files are static so a variable would be perfected.

<cffile action="read" variable="File1" file="Z:\Sitedata\Info2006.ppt">
<cfset MIME1="application/powerpoint">
<p><span class="style2"><a href="file1">Info 2006</a> - Power Point</span></p>

Thanks for your help
0
Comment
Question by:clake24
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 25

Accepted Solution

by:
dgrafx earned 2000 total points
ID: 16890632
First off - to secure files:
Your folder Sitedata needs to be hidden (if you have access to server - use windows explorer - right click - properties - check hidden then OK) - if this is hosted and you only have ftp access - right click folder and remove read, write, execute.
OR
put the folder outside your website - if z:\sitedata is outside website - then you're good to go.

<cfparam name="session.loggedin" default="false">
<cfif session.loggedIn><!--- this is just an example var saying if user is logged in - you need to create it though like example above
when a user logs in successfully - then set it to true --->
<cfdirectory action="list" directory="Z:\Sitedata\" name="files">
<cfoutput query="files">
<a href="getfile.cfm?getfile=#name#">#name#</a><br>
</cfoutput>
</cfif>

<!--- code below is an ex. getfile.cfm --->
<cfif isdefined("getfile")>      
<cfheader name="content-disposition" value="inline; filename=#getfile#">            
<cftry>
<cfcontent type="application/unknown" file="Z:\Sitedata\#getfile#" deletefile="no">
<!--- application/unknown will prompt to download or open (depending on browser settings) --->
<cfcatch>
<script>
<cfoutput>alert("There was a problem downloading #getfile#")</cfoutput>
</script>
</cfcatch>
</cftry>            
</cfif>
0
 

Author Comment

by:clake24
ID: 16891638
dgrafx,

Thanks for the help.

The Z:\Sitedata is outside of the website directory.

I made the changes above and the files open. the one problem is if i copy the url into clip board and open another browswer window I can past the link and open the file again.

Do I need to set some sort of session or application time out?
0
 
LVL 25

Assisted Solution

by:dgrafx
dgrafx earned 2000 total points
ID: 16894632
opening a new browser window on the same pc will still have the same session.
the session will exist until it times out or you have a logout page that kills the session.
also, you should put your <cfif session.loggedIn></cfif> block around everything on the getfile.cfm page.

your session will timeout as specified in cf administrator default value (maybe 20 minutes)
you can override this setting in your cfapplication tag :
<CFAPPLICATION Name="nameforapp"
CLIENTManagement="yes"    
SESSIONManagement="yes"
SETCLIENTCookies="yes"
SESSIONTimeout="0.03125"
APPLICATIONTimeout="1">
the sessiontimeout decimal value = desired hours / 24
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question