I have an application that has to grant or deny access based on whether the user has paid membership fees. They can't get to the application unless the page that sends them there has also granted access through the online shop (.asp, written by someone else), so I figured if they have access to the article, then they have access to my app. If they don't have access to the article then I'll send them back to the article. Then all considerations of access and payment etc are handled by the article and the shop. And also the article is free to the public or restricted access to members only based on the content management system's settings rather than my coldfusion programming. If a content writer changes the status of the article, it also changes the status of the CF application without needing to have any work from me.
So the test I've got on my page is if cgi.http_referer is the article, or elsewhere in my app, then they're granted access, other wise they get sent back to the article using <cflocation . However lately, I have had some users who can't get access. No matter what they do, they're kicked back to the article. This doesn't happen to everyone, only a few people, and we're having trouble finding the common factor with these people. We're assuming at present that the cause is we're not picking up the http_referer parameter. Does cgi.http_referer always work with all browsers? Do some firewalls prevent browsers passing on this variable? Because if it's not provided my app will assume they have no right to be here and kick them out. How else can I check that the user has come from a particular place, without using cgi.http_referer? Cheers, Mike Kear Windsor, NSW, Australia AFP WebWorks FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
