Jason T. Slack wrote:
>
> <CFAPPLICATION NAME="mysession" SESSIONMANAGEMENT="Yes"
> SESSIONTIMEOUT="#CreateTimeSpan(0, 0, 20, 0)#">
PRoblem #1: <cfapplication> ONLY goes in a file called Application.cfm
The application.cfm is processed on EVERY coldfusion request.
Problem #2: <!--- successful login -->
You've combined a CFML open comment ("<!---") with a standard HTML
comment end "-->")
Problem #3 - ALWAYS USE CFQUERYPARAM in your queries.
so replace your variable parameters in the query with cfqueryparam tags,
like this:
<cfquery name="ckCreds" datasource="#MyDSN#">
SELECT LocationName FROM
WHERE LocationID = <Cfqueryparam cfsqltype="cf_sql_varchar"
value="#form.user#">
AND LocationPassword = <cfqueryparam cfsqltype="cf_sql_varchar"
value="#form.password#">
</cfquery>
Just get used to using cfqueryparam now and it will save you a LOT of
grief later. It improves performance and enhances security - eliminates
the possibility of SQL injection.
Rick
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting,
up-to-date ColdFusion information by your peers, delivered to your door four
times a year.
http://www.fusionauthority.com/quarterly
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259983
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
