Solved

ColdFusion using Query String parameters

Posted on 2008-06-16
5
574 Views
Last Modified: 2013-12-24
I have attached the instructions for a form I am working on.  I understand how to pass the string for validation,  but what I don't know is how to hide the results from the user and then append the information to another string that the user would see (below):


<cfoutput><a href="http://print.redleafdigital.com/fma/login.aspx?key=#Sesson.Key#">Customized Holiday Cards</a></cfoutput>
SSO.pdf
0
Comment
Question by:Albee_J
5 Comments
 
LVL 82

Expert Comment

by:hielo
ID: 21797891
>> but what I don't know is how to hide the results from the user
Not sure what you are doing, but perhaps you need hidden variables:
<input type="hidden" name="myFieldName" value="#url.theFieldName#"/>
0
 
LVL 63

Expert Comment

by:Zvonko
ID: 21798293
The SSO.pdf is a bit strange because the examples do have typos and use the same string as auth= key and the session key.
From the description I read that the session key is generated for every use as a new key and valid only for one ´session authentication. Therefore there is no need to hide the Session key.
Big care is to keep the auth= key secret but that auth key handling has NOT to go to browser. It has to be handled completely on ColdFusion side.
0
 

Author Comment

by:Albee_J
ID: 21803610
Thanks for the information Zvonko:

What I am stuck on is how to grab the returned auth key and store it as a session variable that can be used to redirect the user.

See my code below. (note I have hidden our key information etc)


<!---Digital Storefront Code--->
 

<cfif IsDefined('Sesson.AuthKey')>

<cflocation addtoken="no" url="http://print.redleafdigital.com/***/login.aspx?key=#Sesson.AuthKey#">

<cfelse>
 

<dd class="bodytext"><img src="../SiteImages/new.gif" alt="New" width="37" height="24" hspace="2"><cfoutput><a href="http://print.redleafdigital.com/***/SSO.aspx?user=#Session.SuNameKey#&company=**auth=****-****-**-****-****">Customized Holiday Cards</a></dd>

</cfoutput>
 

</cfif>
 

<!---End Digital Storefront Code--->

Open in new window

0
 
LVL 2

Accepted Solution

by:
adobe116 earned 500 total points
ID: 21817261
Hi, I'm not sure I understand exactly what you need to do because I don't understand where the session var comes into play, but I think you need to use the cfhttp tag.

On the page where the user is logging in, call the cfhttp tag and return the result to the user.  Store it as a session to if needed.

You would do something like:
<cfhttp method="Get"
    url="http://print.redleafdigital.com/acme/SSO.aspx?user=user@domain.com&company=3aut
h=14363E23-67E9-41E9-9AE4-CC8B01F4EB70"
    name="returnedTempAuthKey">
<cfdump var="#returnedTempAuthKey#"><br>

#returnedTempAuthKey# should be your 36 char temp key.  Once you know it works, comment out the CFDUMP line.  

Then you could do (further down the page):
<form name="store" method="POST"
action="http://print.redleafdigital.com/acme/login.aspx">
<input type="hidden" name="key" value="#returnedTempAuthKey#">
<a href="#" onClick="Javascript: document.store.submit();">Click Here to view
your storefront</a>
</form>

I'll attach this as a code snippet below.  I used the form example from page 2 of your pdf, you can just substitute the <a> example as well.  Best of luck.
<!--- GET TEMP KEY FROM REDLEAF --->

<cfhttp 

    method="Get"

    url="http://print.redleafdigital.com/acme/SSO.aspx?user=user@domain.com&company=3aut

h=14363E23-67E9-41E9-9AE4-CC8B01F4EB70"

    name="returnedTempAuthKey">
 

<!--- DUMP THE RESULTS FOR TESTING --->

<cfdump var="#returnedTempAuthKey#"><br>
 

<!--- FORM FOR USER (From page 2 of your pdf) --->

<form name="store" method="POST"

action="http://print.redleafdigital.com/acme/login.aspx">

<input type="hidden" name="key" value="#returnedTempAuthKey#">

<a href="#" onClick="Javascript: document.store.submit();">Click Here to view your storefront</a>

</form>

Open in new window

0
 

Author Closing Comment

by:Albee_J
ID: 31467787
Excellent, Thank you!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
The purpose of this video is to demonstrate how to automatically show related posts at the bottom of a blog post in WordPress. This will be demonstrated using a Windows 8 PC. Plugin “Yet Another Related Posts Plugin” will be used. Go to your…
The purpose of this video is to demonstrate how to reset a WordPress password if you are locked out and cannot reset the password. A typical use would be if you cannot access the email to which WordPress would send the password recovery email to…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now