I have a question that its answer may be interesting and usefull for many CF developers. Here it is.
I have a site, and I have a folder where access is restricted and I have a login page asking for user name and password. As usually I chech these access data in my database and I give or give not access to the content of this folder. Nothing special until now. Let's suppose The root folder of my site is C:\MySite The restricted access folder is C:\MySite\MembersFolder In the root folder I have the login page C:\MySite\login.cfm In the restricted access folder and its subfolders I have various CF pages e.g. -- C:\MySite\MembersFolder\page1.cfm , -- C:\MySite\MembersFolder\folder2\page2.cfm etc Whenever someone logs in successfully I keep a session variable with his name, userid etc blah blah. So whenever someone tries to access a restricted access page e.g C:\MySite\MembersFolder\page1.cfm I check if there is or there is not the session variable of his access. If the session variable exists I give access, otherwise I send him to the login page. Again nothing special. Just typical proccess. My question is. All the above can restrict access to any CF page in the folder C:\MySite\MembersFolder BUT what about any other content in this folder e.g PDF, jpg, doc files etc ? Because someone not logged in can just write in his browser: http://www.MySite.com/MembersFolder/MyBook.pdf and can get the PDF file without loggin!!! Any idea how can I restrict access to any kind of content (htm, cfm, pdf, jpg, doc xls etc) using coldfusion ? (Well I know I can store these kind of files in binary fields of the database.... instead of storing them as files, but I don't think it's realistic. These files pdf, doc, tiff, xls can be many Mb and it's not realistic to read these huge files from the database in middle or high traffic site.) So any other idea? Thanks in advance for your response. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324237 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4