cflogin troubling

I have a simple login page and i wanna use cflogin..

Due to some unknown cause i am haing issues, i am unable to sort it out why:

My Login Form

<table border="0" cellpadding="1" cellspacing="2" width="100%">
                      <caption>
                      Login
                      </caption>
                      <tr>
                        <td colspan="2" class="default" align="center">Please enter your Username and Password below and click Login.</td>
                      </tr>
                      <cfif IsDefined('invalid')>
                        <tr>
                          <td align="center" colspan="2" class="errString">#ToString(ToBinary(invalid))#</td>
                        </tr>
                      </cfif>
                      <tr>
                        <td align="right" width="25%"><strong>Username&nbsp;:&nbsp;</strong></td>
                        <td width="340" align="left"><cfinput type="text" name="j_username" message="Error! Please Provide username" tooltip="Provide Your Username" required="yes" class="textfield_effect" id="j_username" tabindex="1" size="25" maxlength="100"></td>
                      </tr>
                      <tr>
                        <td class="default" align="right"><strong>Password&nbsp;:&nbsp;</strong></td>
                        <td width="340" align="left"><cfinput type="password" name="j_password" message="Error! Please Provide Password" tooltip="Password Required" required="yes" class="textfield_effect" id="j_password" tabindex="2" size="25" maxlength="100"></td>
                      </tr>
                      <tr>
                        <td class="default">&nbsp;</td>
                        <td align="left"><cfinclude template="captcha/captcha.cfm">
                          <cfimage action="captcha" fontSize="25" width="200" height="50" text="#rndString#"
                        fonts="Arial,Verdana,Courier New" difficulty="medium" quality="1"></td>
                      </tr>
                      <tr>
                        <td class="default" align="right"><strong>Verify Yourself&nbsp;:</strong>
                          <cfinput type="hidden" name="userInput" value="#rndHash#"></td>
                        <td align="left"><cfinput type="text" name="regVerifyCaptcha" message="Error! Provide Captcha Value" tooltip="Provide Exact Text as above in Image" required="yes" class="textfield_effect" id="regVerifyCaptcha" tabindex="3" size="25" maxlength="10"/></td>
                      </tr>
                      <tr>
                        <td align="right" class="default">&nbsp;</td>
                        <td align="left"><input type="checkbox" name="RememberMe" tabindex="4" value="Yes" <cfif IsDefined("cookie.j_username")> CHECKED</cfif>>
                          <em>Remember Me</em></td>
                      </tr>
                      <tr>
                        <td align="center">
                  <cfif StructKeyExists(URL,'returnurl')>
                              <cfinput type="hidden" name="returnurlvalue" value="#ToString(ToBinary(returnurl))#">
                        <cfelse>
                              <cfinput type="hidden" name="returnurlvalue" value="index.cfm">    
                        </cfif></td>
                        <td align="left"><cfinput type="submit" name="login" value="Login" class="searchButton" tabindex="5">
                          &nbsp;&nbsp;
                          <cfinput type="reset" name="reset" value="Clear" class="searchButton" tabindex="6"></td>
                      </tr>
                    </table>

now my check.cfm page:

now it goes to the check.cfm and stops there when the returnurlvalue is defined like:

http://127.0.0.1/project/index.cfm?action=addtofav&ID=44 

so it stops there

if there is default value of index.cfm in the returnurlvalue, it works fine.

Confused why it is beahving awkward
<cfdump var="#form#">
<cfparam name="returnpath" default="#form.returnurlvalue#">
<cfdump var="#returnpath#">
<cfparam name="FORM.regVerifyCaptcha" default="">
<cfparam name="FORM.userInput" default="">
<cflogin idletimeout="1800">
<cfif Not IsDefined('cflogin')>
  <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
  <cfelse>
  <cfif cflogin.name IS "" OR cflogin.password IS "">
    <cfset invalid  = "Error! Please Provide Username/Password">
    <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
  	<cfelseif Hash(Form.regVerifyCaptcha) NEQ Form.userInput>
	<cfset invalid = "Error! Captcha Text Mismatching, Try again">
    <cfinclude template="index.cfm?action=login&invalid=#ToBase64(invalid)#">
    <cfelse>
    <cfinvoke component="#request.cfcPath#.tools" method="members" returnvariable="getChkrecords">
    <cfinvokeargument name="nusername" value="#trim(cflogin.name)#">
    <cfinvokeargument name="npassword" value="#trim(cflogin.password)#">
    </cfinvoke>
    <cfif getChkrecords.user_role NEQ "">
      <cfloginuser name="#cflogin.name#" Password = "#cflogin.password#" roles="#getChkrecords.user_role#">
      <cfset session.email = #getChkRecords.email_addr#>
      <cfset session.loggedin = true>
      <cfset session.user = #getChkRecords.user_name#>
      <cfset session.userID = #getChkRecords.user_ID#>
      <cfset session.role = #getChkRecords.user_role#>
      	<cfoutput>
        <meta http-equiv="refresh" content="0;URL=#returnpath#" />
        </cfoutput>
      <cfelse>
      <cfset invalid = "Error! Invalid Username/Password">
      <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
    </cfif>
  </cfif>
</cfif>
</cflogin>

Open in new window

LVL 16
Gurpreet Singh RandhawaCEOAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gdemariaCommented:
what is the value of returnPath right at the time of refresh?

Can you add this?

         <cfoutput>
            Return path is [#returnpath#]<cfabort>
            <meta http-equiv="refresh" content="0;URL=#returnpath#" />
         </cfoutput>


0
gdemariaCommented:
I'm curious why you want to use cflogin when it seems you are using session variables as well.    That just means you have to maintain two login states at one time..
0
Gurpreet Singh RandhawaCEOAuthor Commented:
well i am being of a fan of cflogin and also wanna use the session variables so they are specific to use in some cases like email, full name etc etc..

ok i added the following and i get this:

Return path is [index.cfm]

the above is returned simply beacsue i used the login with returnurlvalue set to INDEX.cfm default if returnurlvalue value passed in url is null. now my second case scenario:

now with value passed in url is:

Return path is [http://127.0.0.1/project/index.cfm?action=addtofav&ID=33]
0
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

gdemariaCommented:
which scenario works and does not work?
0
Gurpreet Singh RandhawaCEOAuthor Commented:
second one does not work and sometimes both do not work but mostly the lastone
0
Gurpreet Singh RandhawaCEOAuthor Commented:
Return path is [http://127.0.0.1/project/index.cfm?action=addtofav&ID=33] this one is the mostly does not work
0
gdemariaCommented:
can you be more specific when you say "does not work"  

what doesn't happen?   Do you get an error, does the page not refresh, the page does refresh but the session is not kept....
0
Gurpreet Singh RandhawaCEOAuthor Commented:
some time page does not refresh, sometimes it refreshes, sometimes it work and sometimes it is not..

is my code perfect or am i missing something..

0
gdemariaCommented:

If the problem is that the refresh is not working, and everything else is fine, you can test the refresh further by removing the other code and trying just the meta refresh line.   See if it works by itself or perhaps the other code is effecting it.

0
Gurpreet Singh RandhawaCEOAuthor Commented:
ok cflogin made me so crazy that i left it and came to simple way: no have another trouble..

it does not validate my captcha..

you will ask me why i used this:

<cfif request.captcha IS 1>    
<cfelseif Hash(Form.regVerifyCaptcha) NEQ Form.userInput>
      <cfset invalid = "Error! Captcha Text Mismatching, Try again">
          <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
</cfif>

like i have a config file at backend where i can enable and disable captcha.. if request.captcha is 1, it means it is enabled must validate if the value is not entered from front end..

but it is skipping the value and logging with any captcha value

please guide now what i am doing wrong
<cfparam name="returnpath" default="#form.returnurlvalue#">
<cfif len(form.cusername) IS 0>
	<cfset invalid = "Error! Please Provide Username">
    <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
<cfelseif len(form.pwd) IS 0>
	<cfset invalid = "Error! Please Provide Password"> 
    <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
<cfif request.captcha IS 1>    
<cfelseif Hash(Form.regVerifyCaptcha) NEQ Form.userInput>
	<cfset invalid = "Error! Captcha Text Mismatching, Try again">
    	<cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
</cfif>           
<cfelse>
  <cfinvoke component="#request.cfcPath#.tools" method="members" nusername="#form.cusername#" npassword="#form.pwd#" returnvariable="MM_rsUser"/>
  <cfif MM_rsUser.RecordCount NEQ 0>
    <cftry>
      <cflock scope="Session" timeout="30" type="Exclusive">
        <cfset session.email = #MM_rsUser.email_addr#>
      	<cfset session.loggedin = true>
      	<cfset session.user = #MM_rsUser.user_name#>
      	<cfset session.userID = #MM_rsUser.user_ID#>
      	<cfset session.role = #MM_rsUser.user_role#>
      </cflock>
      <cflocation addtoken="no" url="#returnpath#">
      <cfcatch type="Lock">
       <cfset invalid = "Error #cfcatch.Detail# #cfcatch.Message#">
       <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
      </cfcatch>
    </cftry>
  <cfelse>
  <cfset invalid = "Error! Incorrect Credentials, try again">  
  <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
  </cfif>
</cfif>

Open in new window

0
gdemariaCommented:

This CFIF statement is NOT validating when request.captcha is 1

<cfif request.captcha IS 1>    

      Do NOT VALIDATE

<cfelseif Hash(Form.regVerifyCaptcha) NEQ Form.userInput>     ----- VALIDATE

      <cfset invalid = "Error! Captcha Text Mismatching, Try again">
      <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">

</cfif>




I think you wanted to say...

<cfif request.captcha IS NOT 1>    
0
Gurpreet Singh RandhawaCEOAuthor Commented:
let me try
0
Gurpreet Singh RandhawaCEOAuthor Commented:
either the request.captcha IS 1

 btw i still tried this way:

<cfif request.captcha IS 0>    
<cfelseif Hash(Form.regVerifyCaptcha) NEQ Form.userInput>
      <cfset invalid = "Error! Captcha Text Mismatching, Try again">
          <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
</cfif>

it did not worked either neither it worked this way:

<cfif request.captcha IS 1>    
<cfelseif Hash(Form.regVerifyCaptcha) NEQ Form.userInput>
      <cfset invalid = "Error! Captcha Text Mismatching, Try again">
          <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
</cfif>

it just skips the captcha
0
gdemariaCommented:
You said that you want to use captcha if request.captcha is 1

If you use this statement

  <cfif request.captcha IS 1>    
      (Do Nothing)
  <cfelseif.....

It will enter that CFIF where you have no code, and captcha will be ignored
0
gdemariaCommented:
Lol, of course, it will only get to those lines of code if the password is EMPTY !!!
<cfif len(form.cusername) IS 0>
     <cfset invalid = "Error! Please Provide Username">
     <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
<cfelseif len(form.pwd) IS 0>
     <cfset invalid = "Error! Please Provide Password"> 
     <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">

     <cfif request.captcha IS 1> 
        
     <cfelseif Hash(Form.regVerifyCaptcha) NEQ Form.userInput>
          <cfset invalid = "Error! Captcha Text Mismatching, Try again">
          <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">
     </cfif>           
<cfelse>

Open in new window

0
gdemariaCommented:

<cfelseif len(form.pwd) IS 0>

     <cfset invalid = "Error! Please Provide Password"> 
     <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">

<cfelseif request.captcha IS 1 and Hash(Form.regVerifyCaptcha) NEQ Form.userInput>

    <cfset invalid = "Error! Captcha Text Mismatching, Try again">
    <cflocation addtoken="no" url="index.cfm?action=login&invalid=#ToBase64(invalid)#">

<cfelse>
....

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Gurpreet Singh RandhawaCEOAuthor Commented:
Thanks! btw it also worked other way too!!

Cheers
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Servers

From novice to tech pro — start learning today.