Alan's right. Coldfusion sits on top of the directories, so you can head the user off at the pass before showing off anything that may be within that folder. In your case you may want to consider trapping whether or not the user has access by pushing in some security logic into the onRequestStart method that should be available through application.cfc (assuming you are using application.cfc and your version of CF can handle it). There you can do something like this (not tested):
Reference to application.cfc example: http://www.bennadel.com/blog/726-ColdFusion-Application-cfc-Tutorial-And-Application-cfc-Reference.htm <!--- if you do not have the variable set or you are not logged in and you are attempting to access the secured directory then abort ---> <cfif NOT isDefined( "session.loggedIn" ) OR NOT session.loggedIn AND findNoCase( arguments.targetPath, "{directory}" )> <cfabort /> </cfif> I'm sure there are other ways, but something like this should work fine and you would only need one application scope. -Pat On Mon, Oct 19, 2009 at 3:01 PM, Alan Rother <[email protected]> wrote: > > Why are you using so many application.cfm files? You really only need one, > from what you've described. > > On Mon, Oct 19, 2009 at 2:34 PM, Brian Bradley <[email protected]> wrote: > > > > > In the one off of the root - I name it login_app and it has a session > > variable named loggedIn. In the contact folder (for example) the name of > > that application is contact_app and it is looking for the loggedIn > variable. > > If loggedIn exists, it lets the user access the pages in that directory, > if > > it does not, it will redirect them to the logon page. I am getting that > > loggedIn cannot be defined since it isn't technically part of the > > contact_app application. I can still pull the value up in the contact > > folder from a file just not from the application file. I thought that > the > > directory structure plays a role and I can use variables as long as it > goes > > from the root through the subdirectories, but I guess I am wrong. I just > am > > hoping to avoid cookies if possible. Thanks. > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:327342 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
