I've been digging through an older app of mine. All of my security checks use the IsUserInRole() function. I just added the ckFinder "plugin" which required creating/setting session.Authenticated (or another session variable) to allow access.
This got me thinking, is managing your own session variables superior or inferior to using the integrated IsUserInRole() check? I'm interested in seeing how the community weighs in on this. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:328782 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
