Link to home
Create AccountLog in
Avatar of Coast Line
Coast LineFlag for Canada

asked on

question regarding application.cfc

Hi experts. I have the following application.cfc, but when i login my session does not get populated, i am using the following code:

<cffunction verifyclient="yes" name="onApplicationStart" output="false">
  <cfset Application.configured = 1>
  <cfset Application.datetimeConfigured = TimeFormat(Now(), "hh:mm tt") & "  " & DateFormat(Now(), "mm.dd.yyyy")>
  <cfset Application.currentSessions = 0>
  <!--- Application Addresses --->
  <cfset setLocale("English (US)")>
  <!--- Set the session page encoding --->
  <cfset setencoding("URL", "utf-8")>
  <cfset setencoding("Form", "utf-8")>
  <cfcontent type="text/html; charset=utf-8">
  <cfreturn True>
</cffunction>
<cffunction verifyclient="yes" name="onSessionStart" returntype="void">
  <cfset Session.StaffAuth = StructNew()>
  <cfset Session.StaffAuth.IsLoggedIn = false>
  <cfset Session.StaffAuth.StaffID = "">
  <cfset Session.StaffAuth.StaffName = "">
  <cfset Session.StaffAuth.StaffPermissions = "">
  <cfset Session.SuccessMsg = "">
  <cfset Application.sessionTracker = #StructNew()#>
</cffunction>
<cffunction verifyclient="yes" name="onSessionEnd" returntype="void">
  <cfargument name="SessionScope" required="true">
  <cfscript>
      StructClear(session);
      StructClear(cookie);
      </cfscript>
</cffunction>

Also my this:

<cfset setLocale("English (US)")>
  <!--- Set the session page encoding --->
  <cfset setencoding("URL", "utf-8")>
  <cfset setencoding("Form", "utf-8")>
  <cfcontent type="text/html; charset=utf-8">

is correct or not as i have added in Application.cfc file


below is the login.cfm page code:

<cfif login.RecordCount EQ 1>
      <cfif login.Disabled IS 0>
        <cfset ErrorMsg = "You account is currently inactive.">
        <cfset ErrorFlag = true>
        <cfelse>
        <cflock scope="session" type="exclusive" timeout="10">
          <cfset Session.StaffAuth = StructNew()>
          <cfset Session.StaffAuth.IsLoggedIn = true>
          <cfset Session.StaffAuth.StaffID = login.ID>
          <cfset Session.StaffAuth.StaffName = "#login.nadmin# #login.pwd#">
          <cfset Session.StaffAuth.StaffPermissions = login.role>
          <cfset Session.SuccessMsg = "">
          <!--- Declare variable in session scope for later use --->
        </cflock>
blah blah extra code goes down under.......

Open in new window

SOLUTION
Avatar of Plucka
Plucka
Flag of Australia image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of Coast Line

ASKER

Hi, I have not posted the full Application.cfc but just that part which creates problem, i have also set up something like the above you said:
<cfcomponent>
<cfscript>
       this.name = "Ba_#Hash(CreateUUID())#";
       this.applicationTimeout = createTimeSpan(0,1,0,0);
       this.clientmanagement= "yes";
       this.loginstorage = "session" ;
       this.sessionmanagement = "yes";
       this.sessiontimeout = createTimeSpan(0,0,40,0);
       this.setClientCookies = "yes";
       this.setDomainCookies = "yes";
       this.scriptProtect = "all";
   </cfscript>



ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
no chances are there that it returns zero. if info s invalid, it just shows that details are incorrect.
i will attach the screenshot f cfdump of session. when i login and what i get..
Also, what i am thinking is :
i have used the <cfset Session.StaffAuth = StructNew()> in Application.cfc and login.cfm page too.
isn't that a conflict causing,
here is the screenshot


untitled.JPG
"no chances are there that it returns zero"  - I won't believe that until I see the query.

When you set the StaffAuth struct again in your login script, it should just overwrite the one that was already set in application.cfc.  Unless the login one is getting executed first.  You could do

<cfif NOT IsDefined("Session.StaffAuth")>
	<cfset Session.StaffAuth = StructNew()>
</cfif>
 
<cfset Session.StaffAuth.IsLoggedIn = true>
<cfset Session.StaffAuth.StaffID = login.ID>
<cfset Session.StaffAuth.StaffName = "#login.nadmin# #login.pwd#">
<cfset Session.StaffAuth.StaffPermissions = login.role>
<cfset Session.SuccessMsg = "">

Open in new window

Here okay my query is this:
SELECT * FROM 
        cfm_admin 
        WHERE 
        nadmin = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.nadmin#">
        AND pwd = <cfqueryparam cfsqltype="cf_sql_varchar" value="#Hash(Trim(arguments.pwd))#">


when i use cfdump i get results as;l

query
RESULTSET  
query
        DISABLED       ID       NADMIN       PWD       ROLE
1       1       1       admin       21232F297A57A5A743894A0E4A801FC3       admin
CACHED       false
EXECUTIONTIME       0
SQL       SELECT * FROM cfm_admin WHERE nadmin = ? AND pwd = ?
SQLPARAMETERS  
array
1       admin
2       21232F297A57A5A743894A0E4A801FC3 



this won't fix your problem, but I notice you've got a cflock around the session variables.  You shouldn't need that:
http://www.horwith.com/index.cfm/2008/4/28/cflock-explained
http://www.horwith.com/index.cfm/2008/7/17/CFLOCK-further-explained
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
I want to see the rest of this code, showing such a small snippet is not helpful as the problem is likely before it (the query as Duncan suggests) or after it (you may be using cflocation)

Also as duncan suggests, you need to ensure you are executing this statement

Put this
 <cfdump var="#session#"><cfabort>

after the end of the cflocation to see what the settings are.

<cfif login.RecordCount EQ 1>
      <cfif login.Disabled IS 0>
        <cfset ErrorMsg = "You account is currently inactive.">
        <cfset ErrorFlag = true>
        <cfelse>
        <cflock scope="session" type="exclusive" timeout="10">
          <cfset Session.StaffAuth = StructNew()>
          <cfset Session.StaffAuth.IsLoggedIn = true>
          <cfset Session.StaffAuth.StaffID = login.ID>
          <cfset Session.StaffAuth.StaffName = "#login.nadmin# #login.pwd#">
          <cfset Session.StaffAuth.StaffPermissions = login.role>
          <cfset Session.SuccessMsg = "">
          <!--- Declare variable in session scope for later use --->
        </cflock>
 
 
What comes next ?....

Open in new window

Ok perfect....
I just did a <cfdump session before the <cflocation and it just showed the exact filled values with login.
when i use <cflocation to index page, the session gets expired..


SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
so what i do then
if i use this in the login.cfm pgae:
<cfif Session.StaffAuth.IsLoggedIn eq True>
 <cfinclude template="index.cfm">
</cfif>


i just works perfect. it includes the index.cfm file and shows sesssion.
but i have lots of file which are included within index.cfm, does that not hamper the Application Structure. What if Sessions Time out, it gonna loop inside it again.
A Perfect Solution showld be here i find.
Should i remove StructNew From Application.cfc
Okay Guys, I am Assigning to POints to experts..



Although the Problem is not resolved , but i learned a new thing of not using
Ah, none of us 'experts' spotted the problem, that you discovered yourself!  
this.name = "Ba_#Hash(CreateUUID())#";

Yeah, that will create a unique application each time.  A session can only exist in one application, so your session variables could never persist over more than one page.