> Darn, that did more to confuse me than anything else...
>
> So lemme get this straight, I'm not going to be able to start
> my logic with "does a session exist?" because the cflogin tag
> isn't going to do anything with sessions? Like create one?
The cflogin tag has nothing to do with sessions. Period. As it stands,
you 'create' a session when you put the cfapplication tag in your
browser. I believe it exists even before you do your first <cfset
session.foo = 1>. (Actually, I'm sure of this since you can cfdump
session immediately.) You _can_ however set a session var on login. You
will see in my code that after the users logs in correctly, I set
various session values (I do it all at once by getting a struct of user
data then appending it on the session scope.)
> What I'm looking for is basically the following:
> 1. Is the user logged in with a current session? (I would
> place this in the application.cfm of the directory I want to
> protect, so It's executed on every page in the directory, so
> people can't bookmark a page and come back to it without
To determine if someone is logged on, you can do multiple things.
1) getAuthUser() will return "" if not logged in. See special note.
2) If anything inside the cflogin block is run, you are not logged in.
So you could do:
<cflogin>
<cfset request.ImAGuest = true>
</cflogin>
and request.ImAGuest will exist if the user isn't logged in.
> having to log back in) 2. If so, then display the page. If
> not, redirect them up one level to the home page, which has a
> link to the login popup. (should the login page itself, the
> one taking usernames and passwords reside in the lower,
> protected directory? Or should it sit up, outside of the
> directory with the application.cfm page and just pass
> successful logins to that directory?)
It doesn't matter where it exists. If you want a popup, then it has to
be in the web directory somewhere. If you cfinclude the code, you don't
have to worry about Application.cfm blocking access to it (something I
see cfnewbies do - protect all files using application.cfm and forget to
make it possible to view the login page.)
> My login is basically just a popup window that will refresh
> the parent and close itself upon successful login. In other
> words, you'd go to index.cfm, and click a link to popup
> login.cfm, and when you successfully logged in, the window
> would close and you'd be on the index page of the lower directory.
>
That can work. :)
Special Note:
If inside a <cflogin> block you log the user in, getAuthUser
will STILL report "". It will report "" until you exit the cflogin
block. This is a known bug.
http://www.camdenfamily.com/morpheus/blog/index.cfm?mode=entry&entry=32
=======================================================================
Raymond Camden, ColdFusion Jedi Master for Mindseye, Inc
Member of Team Macromedia
Email : [EMAIL PROTECTED]
Blog : www.camdenfamily.com/morpheus/blog
Yahoo IM : morpheus
"My ally is the Force, and a powerful ally it is." - Yoda
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Signup for the Fusion Authority news alert and keep up with the latest news in
ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
