Kevan, I will post some feedback on your site when I get second. Anyone who has not read that post be sure to read it, great article on a oo approach to application security. I will share my thoughts and code with you shortly.
Dan On 1/9/07, Kevan Stannard <[EMAIL PROTECTED]> wrote:
Hi Aaron, I put up some thoughts on this a few weeks back. http://www.stannard.net.au/blog/index.cfm/2006/11/14/Implementing-Simple-Obj ect-Oriented-Security-in-ColdFusion Any feedback from anyone on the list is appreciated. Best Regards Kevan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Roberson Sent: Wednesday, 10 January 2007 4:14 AM To: [email protected] Subject: SPAM-LOW: [CFCDEV] Code Examples for User Authentication Login I am looking for some code examples to learn from for authenticating users in an MVC architecture using DAOs, services, gateways and beans. I currently have the following code in my DAO, but I am wondering if I should really be adding to the CRUD methods: <cffunction name="authenticate" access="public" output="false" hint="accepts user object, email and password and checks performs authentication. Populates user object if authenticated and returns true or false"> <cfargument name="user" required="yes" hint="required. accepts user object"> <cfset var qCheckUser = ""> <cfquery name="qCheckUser" datasource="#variables.dsn#"> SELECT userid, email, password FROM user WHERE email = <cfqueryparam cfsqltype="cf_sql_varchar" value="#user.getEmail()#"> AND password = <cfqueryparam cfsqltype="cf_sql_varchar" value="#user.getPassword()#"> </cfquery> <cfscript> if(IsQuery(qCheckUser) AND qCheckUser.RecordCountEQ 1){ read(arguments.user,qCheckUser.userid); return true; }else{ return false; } </cfscript> </cffunction> Thanks for the help! -Aaron You are subscribed to cfcdev. To unsubscribe, please follow the instructions at http://www.cfczone.org/listserv.cfm CFCDev is supported by: Katapult Media, Inc. We are cool code geeks looking for fun projects to rock! www.katapultmedia.com An archive of the CFCDev list is available at www.mail-archive.com/[email protected] You are subscribed to cfcdev. To unsubscribe, please follow the instructions at http://www.cfczone.org/listserv.cfm CFCDev is supported by: Katapult Media, Inc. We are cool code geeks looking for fun projects to rock! www.katapultmedia.com An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
-- Thank You Dan Vega [EMAIL PROTECTED] http://www.danvega.org You are subscribed to cfcdev. To unsubscribe, please follow the instructions at http://www.cfczone.org/listserv.cfm CFCDev is supported by: Katapult Media, Inc. We are cool code geeks looking for fun projects to rock! www.katapultmedia.com An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
