What you could do is: In every form have a hidden field holding a hash of the SESSION.username and form template URL for security purposes and another holding either a WDDX serialzed version of your SESSION structure (possible security hasard) or a DB ID referring to record holding the serialized SESSION structure in the database (involves that you must re-serialize and save to the DB the SESSION structure on every request, or at least everytime it changes).
You should either by using CGI.HTTP_REFERER or using another hidden form field holding the form template URL be able to reconstruct the SESSION.username and URL string on the login form's submission and compare it's HASHING value with the one in the form field to ensure someone is not trying to submit data without being a valid user. Then using the serialized SESSION structure, you could reload that users SESSION, take care of not overidding it's new CFID and CFTOKEN, and resend the form data either to initialize the FORM field values so that he resubmits or directly to the validation template for insertion. Hope it helps, best of luck Marc > > I'm on the verge of pulling out what little hair I have left. I have an > > application which requires login. Once the user has logged in > successfully, > > they stay logged in as long as there is activity. I have my session > timeout > > set to 45 minutes which should be more than enough for the average user. > The > > problem is, some users will start filling out a form, leave > their computer > > for an hour, and then return to finish filling out the form and > submit it. > > At that point the session has timed-out so the user gets kicked back to > the > > login screen, the info from the form is lost and they have to > fill it out > > again. I've tried using javascript's history but that has worked - it > > returns to the form ok, but the values are not there. > > > > What I would like is for the user, on successful re-login, be > returned to > > the form they were on and have it re-populated with the data they had > > already provided. Or, after successful re-login, have the form > data passed > > to the cf page that processes the form. > > > > I have multiple forms on the site, with differing fields and > options, and > > rather than hardcode something to handle the problem for each form, I'd > like > > to have a single bit of code that will handle the problem regardless of > > which form was submitted. Is this an impossible dream? Or am I simply > > missing something? > > > > Pointers in some direction (except for up with the index finger), are > > appreciated. > > > > Thanks, > > Karl > > > > - > > You are subscribed to the CFUGToronto CFTALK ListSRV. > > This message has been posted by: Karl Zarudny > <[EMAIL PROTECTED]> > > To Unsubscribe, Please Visit and Login to http://www.CFUGToronto.org/ > > Manager: Kevin Towes ([EMAIL PROTECTED]) > http://www.CFUGToronto.org/ > > This System has been donated by Infopreneur, Inc. > > (http://www.infopreneur.net) > > > > - > You are subscribed to the CFUGToronto CFTALK ListSRV. > This message has been posted by: "Gustavo Jabbaz" <[EMAIL PROTECTED]> > To Unsubscribe, Please Visit and Login to http://www.CFUGToronto.org/ > Manager: Kevin Towes ([EMAIL PROTECTED]) http://www.CFUGToronto.org/ This System has been donated by Infopreneur, Inc. (http://www.infopreneur.net) - You are subscribed to the CFUGToronto CFTALK ListSRV. This message has been posted by: "Marc Campeau" <[EMAIL PROTECTED]> To Unsubscribe, Please Visit and Login to http://www.CFUGToronto.org/ Manager: Kevin Towes ([EMAIL PROTECTED]) http://www.CFUGToronto.org/ This System has been donated by Infopreneur, Inc. (http://www.infopreneur.net)
