Could you elaborate on Role Management? Would that be a value (SuperUser
|Admin | Dork) assigned to the variable "Role"?
Is including a template the same as redirecting the user? I'd like the
session to expire after 15 minutes of inactivity, too ... how best to do
that?
Thanks,
* JB *
Knut Bewersdorff wrote:
> Hi,
>
> if you use login with a "role" management, you can place something lieke this
> AT THE TOP OF EACH PAGE, which should be protected:
>
> <cfif NOT IsUserInRole("Admin")>
> <cfinclude template="NoRightsForThis.cfm">
> <cfabort>
> </cfif>
>
> Best regards
> Knut Bewersdorff
>
> ----- Original Message -----
> From: J.B. Mentzer
> To: cf-newbie
> Sent: Friday, March 13, 2009 4:53 AM
> Subject: Securing an Admin area?
>
>
>
> Hi all,
>
> One of my client sites carries repair parts. I've created an Admin
> section, so he can make his own adds, edits and deletions from the catalog.
>
> The database is MySQL, and the the actual queries are in Custom Tags. I
> have a login page, but need help with controlling session variables to
> enforce use of the login page to access the Admin area.
>
> The login page requires a UserID & PW, which are matched against columns
> in a Users table. What type of variable should I set for users with good
> credentials? Should I put a test for this variable in the Admin's
> Application.cfm?
>
> Thank you!
>
> * JB *
>
> JB Mentzer
>
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;207172674;29440083;f
Archive:
http://www.houseoffusion.com/groups/cf-newbie/message.cfm/messageid:4445
Subscription: http://www.houseoffusion.com/groups/cf-newbie/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.15
