Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

having to login every page

Status
Not open for further replies.
dunskii

dunskii

Programmer
Sep 14, 2001
107
AU
Hello all,

I have added login for some admin pages, I am having to login for every page when trying to add a product instead of remembering that i am logged in

heres the code that is included in the application.cfm

Code: 
<cflogin>
    
    <cfif CGI.QUERY_STRING IS "">
        <cfset FormAction = #CGI.SCRIPT_NAME#>
    <cfelse>
        <cfset FormAction = "#CGI.SCRIPT_NAME#?#CGI.QUERY_STRING#">
    </cfif>

    <cfif NOT (IsDefined ("Form.Username") AND IsDefined ("Form.Password"))>
        <cfinclude template="login.cfm">
        <cfabort>
     
    <cfelse>
       
            <CFQUERY NAME="login" DATASOURCE="y_business">
            SELECT      business_id,user_name,access_level
            FROM         login
            WHERE        (User_name = <cfqueryparam value="#Form.Username#" cfsqltype="CF_SQL_VARCHAR">
                        AND Password = <cfqueryparam value="#Form.password#" cfsqltype="CF_SQL_VARCHAR">)
            </CFQUERY>

        <cfif login.RecordCount EQ '1'>
            <cfloginuser name="#login.business_id#, #login.user_name#" password="#Form.password#" roles="#trim(login.access_level)#">

        <cfelse>
            
            <cfset Invalid = "Yes">
            <cfinclude template="login.cfm">
            <cfabort>
        </cfif>        
    </cfif>    
</cflogin>
 
Sort by date Sort by votes
You need to set it as a session variable, that way it will automatically carry from page to page as the user navigates through the site.

In your application.cfm set
Code: 
<cfapplication sessionmanagement="yes">

For you login page, have it collect a username and password and send it off to your action file. In the action file, put some code like this...

Code: 
<cfquery name="selectusers" datasource="#db#" maxrows="1">
     SELECT * FROM users
     WHERE username = #form.username# AND password = #form.password#
</cfquery>

<cfoutput query="selectusers">
<cfset session.username = #selectusers.username#>
<cfset session.password = #selectusers.password#>
</cfoutput>

<cflocation template="./admin.cfm">

That will set the session variable if the user exists and then send them off to the secured page. Now you need to secure each page individually. To do this, create a file called security.cfm and put the following code in it.

Code: 
<cfparam name="session.username" default="">
<cfparam name="session.password" default="">

<cfif #session.username# IS "" OR #session.password# IS "">
     <cflocation template="login.cfm">
     <cfabort>
</cfif>

Now at the top of all your secured pages, do a <cfinclude template="security.cfm">. That will make sure the user is logged in before they get the page. If not, they will be taken back to the login.
 
Upvote 0 Downvote
Thanks for your help mike....i thought with the cflogin tag included i9n the application page it did the same operation as if there was a security cfm page, if this is fause will the security.cfm be processed before or after the application.cfm

thanks again

AD
 
Upvote 0 Downvote
I always thought cflogin was kinda lame. You can do the same thing in the application.cfm without it.

---application.cfm---
Code: 
<cfapplication name = "appName"
sessionmanagement = "yes"
setclientcookies = "yes"
sessiontimeout = "#createtimespan(0,0,10,0)#">

<cfif (not isdefined("session.loggedIn") or not session.loggedIn) and cgi.scriptName neq "/login.cfm">
<cflocation url = "login.cfm">
</cfif>
--- login.cfm ---
Code: 
<cfif isdefined("form.submit")>
  <cfquery datasource = "dsn" name = "qCheckUser">
    SELECT userName 
    FROM   usersTable
    WHERE  userName = '#form.userName#'
    AND    password = '#form.password#'
  </cfquery>
  <cfif qCheckUser.recordCount gt 0>
    <cfset session.loggedIn = true>
    <cfset session.userName = qCheckUser.userName>
    <cflocation url = "default.cfm">
  <cfelse>
    <cfset errorMsg = "No user on file">
  </cfif>
</cfif>
<html>
  <body>
    <cfif isdefined("errorMsg")>
      <cfoutput>#errorMsg#</cfoutput>
    </cfif>
    <form>
      log in form here
    </form>
  </body>
</html>

A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools.
-Douglas Adams (1952-2001)
 
Upvote 0 Downvote
oops cgi.scriptName should be cgi.script_Name

A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools.
-Douglas Adams (1952-2001)
 
Upvote 0 Downvote
Here's an FAQ on using cflogin: faq232-5186



Hope This Helps!

Ecobb
Beer Consumption Analyst

"My work is a game, a very serious game." - M.C. Escher
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cohan123
  • Locked
  • Question
page layout-&gt;page size, optimal for web
Replies
0
Views
199
cohan123
cohan123
RosieGp
  • Locked
  • Question
How to read string of 0s and 1s 1
Replies
3
Views
250
LyndonOHRC
LyndonOHRC
ElizaShteto
  • Locked
  • Question
Split One Page in two separate Pages in Framemaker 11
Replies
0
Views
77
ElizaShteto
ElizaShteto
goldtooth
  • Locked
  • Question
Adding a linked table to a page in Dreamweaver
Replies
0
Views
91
goldtooth
goldtooth
Mike Lewis
  • Locked
  • Question
Using Dreamweaver to maintain a site not created in Dreamweaver
Replies
2
Views
242
Mike Lewis
Mike Lewis

Part and Inventory Search

Sponsor

Back
Top