I use an include - On pages that require "being logged in" - I load a file
that checks for the "Session Username" - - If it is defined, I let the user
go about their business. If Not - I record what page they are on and send
them to a login...
The login form has a hidden field for the value of the "Failure URL" so we
can return to it after a successful login.
The Page Check (page_reqs.cfm) is as follows - - based on code from a
WSDK... (I think)
<!--- Require user login --->
<cflock scope="Session" type="ReadOnly" timeout="30" throwontimeout="no">
<cfset
BFDC_Username=Iif(IsDefined("Session.BFDC_Username"),"Session.BFDC_Username"
,DE(""))>
<cfset
BFDC_UserAuthorization=Iif(IsDefined("Session.BFDC_UserAuthorization"),"Sess
ion.BFDC_UserAuthorization",DE(""))>
</cflock>
<cfif BFDC_Username EQ "">
<cfset BFDC_referer=CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ "">
<cfset BFDC_referer=BFDC_referer & "?" & CGI.QUERY_STRING>
</cfif>
<cfset BFDC_failureURL="#APPLICATION.WebRoot#cust_login.cfm?accessdenied="
& URLEncodedFormat(BFDC_referer)>
<cflocation url="#BFDC_failureURL#" addtoken="no">
</cfif>
<cfset CurrentPage=GetFileFromPath(GetTemplatePath())>
<cfif SESSION.logged NEQ "true">
<cfset BFDC_referer=CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ "">
<cfset BFDC_referer=BFDC_referer & "?" & CGI.QUERY_STRING>
</cfif>
<cfset
BFDC_failureURL="#APPLICATION.WebRoot#cust_login.cfm?accessdenied=" &
URLEncodedFormat(BFDC_referer)>
<cflocation url="#BFDC_failureURL#" addtoken="no">
<cfelse>
</cfif>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-newbie/message.cfm/messageid:5371
Subscription: http://www.houseoffusion.com/groups/cf-newbie/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-newbie/unsubscribe.cfm
