Hi Karen,
You've gotten a couple of decent suggestions, although both of them require
lots of moving parts and are liable to break or cause problems re:
popup-killers, etc... They're not bad suggestions, they just require a lot
of attention to detail.
My suggestion for the simplest way to accomplish this is this:
At the top of any given page which requires a login, ( maybe even in the
application.cfm file -- it just depends how your app is structured ), where
you check for the existance of the login variables, if the user is not
logged in ( due to session expiration ), you can store any form variables in
the session scope ( it will have been reinitiated for the browser, so you're
good there ), include the login script along with any layout and formatting,
footers, etc. then abort the page, i.e. Use the variable #cgi.path_info# as
the action for the login form so that the form will post back to the same
page.
<cflock scope="session" type="readonly" timeout="10">
<cfset request.session = duplicate(session)></cflock>
<cfif not IsDefined("request.session.userid")>
<cfif isdefined("form.username")>
<!--- section 2 --->
<cfinclude template="login/action.cfm">
<cfif loginfailed>
<cfinclude template="login/form.cfm"><cfabort>
</cfif>
<cfelse>
<!--- section 1 --->
<cflock scope="session" type="exclusive" timeout="10">
<cfset session.formdump = duplicate(form)></cflock>
<cfinclude template="login/form.cfm"><cfabort>
</cfif>
</cfif>
<cfif IsDefined("request.session.formdump")>
<!--- section 3 --->
<cfset temp = StructAppend(form,request.session.formdump,true)>
<cflock scope="session" type="exclusive" timeout="10">
<cfset temp = StructDelete(session,"formdump")></cflock>
</cfif>
So what will happen with this in the application.cfm file is this:
After the session times out, the user submits the form.
section 1. A new session is created for the user, the form
data is coppied to the session scope and the user is
presented with the login form.
section 2. An attempt is made to log the user in -- if the login
fails, the user is presented with the login form again.
section 3. After a successful login the form data is retrieved
from the session scope and placed back into the form scope
where it can be used by the page as normal. Form data is
then purged from the session scope to prevent it interfering
with subsequent requests.
If properly implemented, this should be completely seamless
and requires no javascript (which may or may not be an issue :).
hth
Isaac
Certified Advanced ColdFusion 5 Developer
www.turnkey.to
954-776-0046
> I've implemented my first application using session
> variables. It is a
> data-entry type system that has an application timeout of
> 15 minutes. If
> users try to access a page w/in the system after 15 minute
> timeout
> period, it will take user to a login form. So far, so
> good.
> Here is the problem scenario:
> A user is in the middle of filling out a form w/in the
> system and gets
> called away for more than 15 minutes. Upon returning, the
> user
> completes the form and hits Submit. The user is required
> to login again.
> However, upon successfully logging in, the form fields
> are not passed
> through the login form to the processing template. So
> there is an error
> and the user must back up and re-enter the form.
> Is there an easy way to do this? I've already considered
> creating
> session variables for the form fields, but this would
> require much
> coding and some re-writing/re-arranging of code, primarily
> because there
> are several different forms to handle in the system. I
> just wanted to
> make sure I'm doing the "best practice".
> Thanks.
> Karen R. Harker, MLS
> UT Southwestern Medical Library
> 5323 Harry Hines Blvd.
> Dallas, TX 75390-9049
> 214-648-1698
> http://www.swmed.edu/library/
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org
