> <cfif not IsDefined("LoggedIn")> <!--- this logic added to --->
This line is getting triggered on every page load, so when it
redirects and reloads the page it's getting triggered again in an
endless cycle. You'll need to add logic to tell it not to redirect
when you're actually loading the login page:
<cfif not IsDefined("LoggedIn") and cgi.script_name is not
"/login.cfm"> <!--- this logic added to --->
Adjust that as needed and it should stop redirecting when you're
viewing the login page.
Having said that, there are a number of other issues with this code
(login protection is only running in the onApplicationStart method so
would only be run on the very first request to the app, for one).
There's a SQL injection vulnerability in there, variable scoping
issues (e.g. as written someone could pass ?loggedin=1 on the url and
it would bypass this.
I understand you're learning but would recommend finding a different
login example to work with as this one is going to lead you places you
really don't want to go.
-Justin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353861
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
