Solved

Trying to Link to a Blog Article from an E-mail

Posted on 2012-03-14
10
208 Views
Last Modified: 2012-08-14
I have a blog that is password-protected. Each month I send out an e-mail newsletter that contains excerpts from articles in the blog. Each excerpt has a link to the blog so the user can read the whole story.

I am trying to link to the individual article in the blog from the e-mail. If the user is not logged in to the blog, I want them to go to the login page and then get directed to their requested blog article, not the blog home page.

Here is the code I use to determine if the user is logged in or not:

<!--- Check login status --->
<cfparam name="Session.Auth.isLoggedIn" default="No">

<cfif Session.Auth.isLoggedIn EQ "No">
<cfif  ListLast(CGI.SCRIPT_NAME, "/") EQ "index.cfm">
          <script>
               self.location="/login.cfm";
           </script>
     </cfif>
</cfif>

How do I direct the visitor to the blog article after they login instead of just going to the blog home page? Do I have to add a URL parameter?

Here is a sample link:
http://www.myblog.com/blog/index.cfm/2012/3/13/this-is-the-blog-article
0
Comment
Question by:kenjpete
  • 4
  • 4
  • 2
10 Comments
 
LVL 52

Accepted Solution

by:
_agx_ earned 500 total points
ID: 37722425
Yes, add a url parameter containing the target page to the login link.  

          self.location="/login.cfm?goToPage="+ escape("/path/to/blog/entry/here");

On your login page pass the value to the action page. Then on successful login, redirect them to the appropriate page.

          <cfparam name="form.goToPage" default="">
          .... login code
          <cfif len(form.goToPage)>
                    send them to the form.goToPage url
           <cfelse>
                    send them to the main page
         </cfif>

   <script>self.location="/login.cfm";</script>


Though cflocation is better than using a javascript redirect, because javascript can be disabled.
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37722428
A typical session-based logon framework would be integrated with your application cfc. If implemented in this way any coldfusion templates in your application path will be caught by the logon mechanism when the page is requested in Application.cfc's onRequestStart. If not logged in they will be prompted to do so, then be directed to the appropriate page. If already logged in, they will bypass the logon prompt.

Here's a simple example...

Application.cfc...

<cfcomponent>
   <cffunction name="onRequestStart>
      <cfinclude template="logonAction.cfm">
   </cffunction>
</cfcomponent>

Open in new window


logonAction.cfm...

<cfif isDefined("logout")>
   <cfset SESSION.isLoggedIn = FALSE>
   <p><em>You have been logged out.</em></p>
</cfif>

<cfif isDefined("logon")>
   <cfif userIsAuthenticated(FORM.userid, FORM.password)>       <!---whatever do you to authenticate goes here--->
      <cfset SESSION.isLoggedIn = TRUE>
   <cfelse>
      <cfset SESSION.isLoggedIn = FALSE>
      <p><em>Invalid UserID or Password.</em><p>
   </cfif>
</cfif>

<cfif NOT structKeyExists(SESSION, "loggedIn") OR SESSION.loggedIn EQ FALSE>
   <cfinclude tempate="logonForm.cfm">
   <cfabort>
<cfelse>

Open in new window


logonForm.cfm...

<cfform action="#CGI.SCRIPT_NAME#">
   UserID: <cfinput type="text" name="userid"><br />
   Password: <cfinput type="text" name="password"></br>
   <cfinput type="hidden" name="logon" value="1">
   <cfinput type="submit" value="Log In" name="btnLogon">
</cfform>

Open in new window

0
 
LVL 52

Expert Comment

by:_agx_
ID: 37722485
I'd agree real frameworks can make this kind of task easier, but it does require refactoring. However, that doesn't address the orig. question of how to redirect to a specific entry after login.

> isDefined("logon")

Also be sure to always scope variables (or preferably use structKeyExists) to avoid unintentional mishaps
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37722520
My post is relevant in that the core problem here is in the logic behind his logon routine. If it were built properly there would be no need for a re-direct.

I agree that using StructKeyExists is best practice, but I don't see how that is relevent...
0
 
LVL 52

Expert Comment

by:_agx_
ID: 37723441
My post is relevant in that the core problem here is in the logic behind his logon routine.

I don't disagree with the idea that there's better way of handling redirection (But I also don't know if they can or want to rewrite the code along these lines. That's up to them).

However the point is the code doesn't actually address the specific question that was asked. How to redirect to the previous url, not just how to create a generic login process. ie It's missing an example showing how to tie the two concepts together.

Edit: I disagree it's the core problem. They could easily make the existing code work by adding a url parameter. But I agree it's not very robust, and isn't the approach I'd use either.

If it were built properly there would be no need for a re-direct.
Strictly speaking, yes there would. It'd  just be handled differently.

I agree that using StructKeyExists is best practice, but I don't see how that is relevent...

Actually I said scoping or structKeyExists. Proper scoping to ensure the right result every time isn't "best practices" - its' the only practice IMO .. and correct code is always relevant ;-)
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 7

Expert Comment

by:micropc1
ID: 37723515
My intention was to convey how the logic of a properly-designed logon routine should be implemented - not a lesson on how to write CFML - but I think you know that. I agree that your solution would be a very quick and easy way to remedy their immediate need, but they should ultimately look into redesigning their logon framework.

However the point was the code doesn't actually address the specific question that was asked. How to redirect to the previous url, not just how to create a generic login process

By implementing a properly designed logon framework the issue of redirection will be eliminated, which will resolve the problem.
0
 
LVL 52

Expert Comment

by:_agx_
ID: 37723519
but I think you know that.


Yep, I totally get it (and agree). But 1) I don't know what limitations they have. Sometimes people can't change things even when they should and 2) I was subtly trying to encourage you to show more code relevant to their situation to convince them why your method was better ;-) Just because you might understand something doesn't automatically mean your audience does too.
0
 

Author Comment

by:kenjpete
ID: 37725905
Thanks Guys! I really appreciate both of your input! I agree that this logon framework isn't the best approach. But, the reason I am doing it this way is because I am using BlogCFC for our blog software, and I was asked to add password-protection to it, along with a public page on the front end. So, I actually have the Application.cfm session scope that is part of BlogCFC and also my own Application.cfc file on the public part. This has complicated matters a bit for me.

Then, the whole e-mail newsletter feature got added. So I figured the easiest way to solve the linking problem was to probably add some sort of URL parameter and re-direct the user if the login is successful. My only concern with that is will the user be required to login several times in the same session of they click multiple links in that e-mail newsletter?

I will try the URL parameter approach and let you know how it goes, unless you have any other suggestions?
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37726663
That makes since. _agx_'s code should work, but yes - I think you'll need to modify it to keep track of the logon state (like you were doing with the SESSION.auth.isLoggedIn variable)

Another thought...you don't necessarily have to implement the above logon framework in Application.cfc. Just modify the the following login.cfm and reference it at the top of every template using a cfinclude tag. It will automatically get called when you request your template. This can be easily reusable and there won't be any need for URL parameters or redirection...

blogwhatever.cfm

<cfinclude url="login.cfm">
.
.
blog code

Open in new window


login.cfm

   
   <!---log the user out - ?logoff URL parameter was passed--->
   <cfif structKeyExists(URL, "logoff")>
      <cfset SESSION.auth.isLoggedIn = FALSE>
      <p><em>Logged out.</em><p>
   </cfif>

   <!---log the user in - logon form was submitted--->
   <cfif structKeyExists(FORM, "logon")>   
      <cfif userIsAuthenticated(FORM.userid, FORM.password)>       <!---whatever do you to authenticate goes here--->
         <cfset SESSION.auth.isLoggedIn = TRUE>
      <cfelse>
         <cfset SESSION.auth.isLoggedIn = FALSE>
         <p><em>Invalid UserID or Password.</em><p>
      </cfif>
   </cfif>

   <!---if not logged in, show the logon prompt--->
   <cfif NOT structKeyExists(SESSION.auth, "isLoggedIn") OR SESSION.auth.isLoggedIn EQ true)>
             <!---Your logon form would go here--->
             <cfform action="#CGI.SCRIPT_NAME#">
             UserID: <cfinput type="text" name="userid"><br />
             Password: <cfinput type="text" name="password"></br>
             <cfinput type="hidden" name="logon" value="1">
             <cfinput type="submit" value="Log In" name="btnLogon">
         </cfform>
         <cfabort>
   </cfif>

Open in new window

0
 

Author Closing Comment

by:kenjpete
ID: 37730559
I was able to get the URL parameter approach working. If the site I was working with had a better framework for handling these URL re-directs I would have happily used the other approach suggested.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

PROBLEM:  How to open a cfwindow or run a function on double click of a cfgrid row. One of my clients wanted to be able to double click on a row item to get more detailed information about a transaction and to be able to modify the line items i…
Hi. There are several upload tutorials using jquery and coldfusion. I found a very interesting one here Upload Your Files using Jquery & ColdFusion and Preview them (http://www.randhawaworld.com/) . I did keep the main js functions but made sever…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now