Is it possible for CF to remember a password from the time it has been entered until the remainder of the session. <br>e.g. To enter the ask the doctor page you need to enter a password. (The doctor page is a link on a ubiquitous frame) Say after submitting first question the user decides to go back and ask another question. Is it posiible to work it so that there's need to reenter it and one is taken directly to the question entry page.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Remembering passwords 2
- Thread starter Shlomo
- Start date
-
1
- #2
I think the effect you want can be achieved as follows:<br>* the login action page sets a Session-level variable to record the user's id, e.g.<br> <cfset Session.UserId = #form.UserId#><br>* each page which provides a service to the user checks this variable and, if it hasn't been set, shows the login page, e.g.<br> <cfparam name="Session.UserId" default=""><br> <cfif Session.UserId IS ""> <!--- not logged in ---><br> <cflocation url="loginpage.cfm"><br> <cfelse><br> <!--- do something useful for the user ---><br> </cfif><br><br>The advantage of remembering user id is that it enables other pages to check the user's authorisation - you might not need this now but you might need it for some later extension to your system.
Update on my last response:<br><br>I've just found this article -<br><A HREF=" TARGET="_new"> the author says (to cut a very long story short):<br>* if there's any possibility of your using <b>clustered servers with load-balancing</b>, use Client variables rather than Session variables. If a user gets switched from server A to server B, server doen't know about the Session variables which were stored on server A (which may have gone down). If you think your organisation / any of your clients may use clustered servers with load-balancing, you'll need to read the article as it's long and I haven't taken it all in yet.<br>* if there's <b>no</b> possibility of your using clustered servers with load-balancing, use Session variables because they're much simpler.<br>
-
1
- Thread starter
- #4
OK, well I think your solution would work, <font color=red>but</font> , there's one point I didn't specify before and it might be the key.<br>As is the site doesn't have a login page per se, instead when you click to enter 'page x' well, that page requires a registered user.<br>So the problem becomes that <font color=red>since</font> it's the home page link that accesses the login page and the setting for the session variable would be on the login page (which is cfif(loggedin=true) cfincluded in to the 'welcome' page) if there is a cfparam in the home page there is an error since at least for the first time accessesed the variable in the cfparam (session.userid) is not defined. <br>(I hope I explained this clearly !)<br>Is the only solution to create a separate login page?<br>Actually at Tek-Tips it seems that what's been done, there is a separate form to log in on on the side of the page!!!!<br>And from there on you get a whole new set of templates.<br>Thanks ,<br>Shlomo
cfparam allows you to specify a <b>default</b> value if the variable is not already defined, and that prevents an error if the user has not logged in:<br> <cfparam name="Session.UserId" <b>default=""</b>><br><br>And you need to include the "check login" code on every page, because even if your site has a login page someone will try to by-pass it.<br><br>So put the "check login" code in <b>Application.cfm</b>, which is processed at the start of every page request - then no-one needds to remeber to include it in each display page.
- Thread starter
- #6
OK, I hear what you are saying. <i><font color=red>but</font></i>this is what has happened. I typed the following exact words in the login page:<br><cfparam name="session.userid" default=""><br><cfif session.userid is ""><br><cfinclude template="pass.cfm"><br><cfabort><br></cfif><br><br>And it parsed the whole template as if session.userid were something other than "".<br>Hrumph!!!!!<br>Thanks again
Don't know how you've got your whole app set up, but this bit from DWAC might be relevant:<br>To enable session variables, set SESSIONMANAGEMENT="Yes" in the CFAPPLICATION tag in your Application.cfm file. Note that when you turn on session management in the CFAPPLICATION tag, you must specify the application's name.<br><br>Also I notive you typed "session". All the examples say "Session" and I think it needs a capital "S".<br><br>Given what you said about Ben Forta's basic book not mentioning Session variables, I suspect you need to read through DWAC at least to the end of the chapter "Using the Application Framework" in order to have all the info you need.
- Thread starter
- #8
- Thread starter
- #9
- Status