Just to throw in my penny's worth, and maybe learn something new at the same time. I just wrote my first application using the new security. Here's what I did, and I must admit some of it I pulled together from Ray Camden's presentations and the documentation. Hopefully I don't have to many bad practices in it! ______________________________________________________
Bill Grover Supervisor MIS Phone: 301.424.3300 x3324 EU Services, Inc. FAX: 301.424.3696 649 North Horners Lane E-Mail: [EMAIL PROTECTED] Rockville, MD 20850-1299 WWW: http://www.euservices.com ______________________________________________________ The last lines of my application.cfm file are: <CFIF GetFileFromPath(GetBaseTemplatePath()) NEQ "Login.cfm"> <CFINCLUDE TEMPLATE="/MyEU/Login.cfm"> </CFIF> My Login.cfm file is: <!--- Page: Login.cfm Function: Processes a users login to the MyEU site. Created by: Bill Grover ---> <!--- Needed for when the session times out but CFMX thinks the login still active ---> <cfif NOT IsDefined("SESSION.nUserID")> <cflogout> </cfif> <cflogin> <cfif IsDefined("FORM.UserName") AND IsDefined("FORM.UserPass")> <cfstoredproc procedure="rGetUserInfo" datasource="#APPLICATION.cWebClientDSN#" username="#APPLICATION.cWebClientUser#" password="#APPLICATION.cWebClientPass#"> <cfprocparam type="In" cfsqltype="CF_SQL_VARCHAR" value="#FORM.UserName#" null="No"> <cfprocparam type="In" cfsqltype="CF_SQL_VARCHAR" value="#FORM.UserPass#" null="No"> <cfprocresult name="WebClientInfo"> </cfstoredproc> <cfif WebClientInfo.RecordCount EQ 1> <cfloginuser name="#WebClientInfo.wcu_userid#" password="#FORM.UserPass#" roles=""> <cfset SESSION.nUserID = WebClientInfo.wcu_id> <cfset SESSION.cUserName = WebClientInfo.wcu_userid> <cfset SESSION.cUserPass = FORM.UserPass> <cfset SESSION.cUserFullName= WebClientInfo.wcu_name> <cfset SESSION.cEMail = WebClientInfo.wcu_email> <cfset SESSION.cCompanyName = WebClientInfo.wcu_company> </cfif> </cfif> </cflogin> <cfif GetAuthUser() EQ ""> <cfif GetFileFromPath(GetBaseTemplatePath()) NEQ "GetLogin.cfm"> <cfinclude template="GetLogin.cfm"> </cfif> <cfabort> </cfif> My GetLogin.cfm file is: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!--- Page: GetLogin.cfm Function: Prompts for a user's login to the MyEU site. Created by: Bill Grover ---> <cfoutput> <html> <head> <title> #APPLICATION.cTitle# </title> </head> <body> <P> Please enter your login information. </P> <!--- The following insures that if you have not logged in and hit a page (other than the login page) once you have logged in you return to the page you wanted to. ---> <cfif ListFindNoCase(APPLICATION.cLoginPageList, GetFileFromPath(GetBaseTemplatePath()))> <form action="ClientMain.cfm" method="post"> <cfelse> <cfset lcDestination = Trim(CGI.path_info)> <cfif CGI.query_string NEQ ""> <cfset lcDestination = lcDestination & "?" & CGI.query_string> </cfif> <form action="#lcDestination#" method="post"> </cfif> <table> <tr> <td>User:</td> <td> <input type="text" name="UserName" size="15" maxlength="15"> </td> </tr> <tr> <td>Password:</td> <td> <input type="password" name="UserPass" size="15" maxlength="15"> </td> </tr> <tr> <td align="center" colspan="2"> <input type="submit" value="Login"> <input type="reset" value="Reset"> </td> </tr> </table> </form> </body> </html> </cfoutput> > -----Original Message----- > From: Mike Miessen [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, January 07, 2003 7:28 PM > To: CF-Talk > Subject: RE: stupid newbie tricks > > > Thank you I will use the full path. > > -----Original Message----- > From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, January 07, 2003 6:43 PM > To: CF-Talk > Subject: Re: stupid newbie tricks > > Dave Watts wrote: > > > > You can simplify this as shown here: > > > > <cfif Session.AllowIn neq "true"> > > <cfif CGI.SCRIPT_NAME does not contain "login"> > > I would caution using against using contain. If your > webserver adheres > strictly to the formal definition of a URL, the URL > "http://domain.com/index.cfm;login"; might return a script_name of > "index.cfm;login", which would be very undesirable. > > Jochem > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
