subject:"RE\: \[cflogin\] My Symptoms and my application.cfm code..."

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Raymond Camden

IL PROTECTED] > Sent: Thursday, July 10, 2003 9:03 AM > To: CF-Talk > Subject: Re: [cflogin] My Symptoms and my application.cfm code... > > > on 7/10/03 10:53 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > > > Then that is the root of your problem. You aren't lo

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Jeff

on 7/10/03 10:53 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > Then that is the root of your problem. You aren't logged out. You need > to add some kind of logout function, something like > > > > > Aha...see, I even made a logout.cfm that had the following (I pasted this time): Now

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Jeff

on 7/10/03 10:51 AM, Thomas Chiverton at [EMAIL PROTECTED] wrote: > On Thursday 10 Jul 2003 15:40 pm, Jeff wrote: >> I'm on win2k, running IIS, with devCFMX running. Whenever I try to test >> pages that have cflogin code, I never "completely" log out. In other words, >> whenever I output GetAuthUs

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Raymond Camden

IL PROTECTED] > Sent: Thursday, July 10, 2003 8:41 AM > To: CF-Talk > Subject: Re: [cflogin] My Symptoms and my application.cfm code... > > > on 7/10/03 10:27 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > > > Oh hey, I think I know what you may be seeing. Are you

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Thomas Chiverton

On Thursday 10 Jul 2003 15:40 pm, Jeff wrote: > I'm on win2k, running IIS, with devCFMX running. Whenever I try to test > pages that have cflogin code, I never "completely" log out. In other words, > whenever I output GetAuthUser() I return "JEFF-PC/Jeff". That's IIS's intergrated NT auth. then...

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Jeff

on 7/10/03 10:27 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > Oh hey, I think I know what you may be seeing. Are you already logged > on? What do you see if you output getAuthuser()? Remember that the code > INSIDE cflogin is only run if you are not logged in. > Okay, this brings me to somet

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Jeff

on 7/10/03 10:25 AM, Raymond Camden at [EMAIL PROTECTED] wrote: >> >> >> >> > > I assume you just typo'd above, but it should be cflocation > url="login.cfm" - you were missign the first " Yeah, I wasn't pasting, I was just typing from memory...but you know...you made me go back and look

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Thomas Chiverton

On Thursday 10 Jul 2003 15:21 pm, Jeff wrote: > > > Dump the value and see what it has, maybe it's being set to something funny ? I think you want a () in there too. -- Thomas C Advanced ColdFusion Programmer PLEASE NOTE: When the Recipient Is Not Directly Observing This E-mail, It May

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Raymond Camden

-Original Message- > From: Jeff [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 10, 2003 8:22 AM > To: CF-Talk > Subject: Re: [cflogin] My Symptoms and my application.cfm code... > > > on 7/10/03 10:11 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > > >

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Raymond Camden

> > > > I assume you just typo'd above, but it should be cflocation url="login.cfm" - you were missign the first " -ray ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.hou

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Jeff

on 7/10/03 10:11 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > I'd see Thomas' reply on storing the hashed version of the password. > This is better than my method. As for the mechanics of the cookie, you > can either store one cookie, and then simply say the first 50 chars are > username, the

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Raymond Camden

Yahoo IM : morpheus "My ally is the Force, and a powerful ally it is." - Yoda > -Original Message- > From: Jeff [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 10, 2003 8:01 AM > To: CF-Talk > Subject: Re: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread webguy

Hi, Raymond said: >> >> > What is to stop me from editing my cookie and setting my ID to be > someone else? Actually on that subject, interesting articles on securityfocus.com about Penetration Testing for Web Applications (or hacking web apps depending on what color your hat is... ) http://

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Thomas Chiverton

On Thursday 10 Jul 2003 14:57 pm, Raymond Camden wrote: > It does, unless someone decrypts your cookie. Why not simply store both > the username and password? Store a hash of the password on the client. Then if Evil Bob gets hold of the client machine, they can't retrieve the original password.

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Jeff

on 7/10/03 9:57 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > It does, unless someone decrypts your cookie. Why not simply store both > the username and password? THen the only risk is if someone hacks into > the users computer, and THEN the only thing loss is ONE account. > Currently if I decr

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Raymond Camden

: morpheus "My ally is the Force, and a powerful ally it is." - Yoda > -Original Message- > From: Jeff [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 10, 2003 7:54 AM > To: CF-Talk > Subject: Re: [cflogin] My Symptoms and my application.cfm code... > >

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread webguy

Haven't read your code, but if you use HTTP Analyzer http://www.coolfusion.com/downloads/ or wget or telnet to see what is actually happening. Teach a man to fish ... ~ and you can sell him fishing equipment. WG -Original Message- From: Jeff [mailto:[EMAIL PROTECTED] However, whenever

Re: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Jeff

on 7/10/03 9:51 AM, Raymond Camden at [EMAIL PROTECTED] wrote: > Not related to your issue, but this: > > > > > What is to stop me from editing my cookie and setting my ID to be > someone else? Yeah, I see that too. Before the end of the day I was gonna add a cfencrypt to it. Wouldn't that

RE: [cflogin] My Symptoms and my application.cfm code...

2003-07-10 Thread Raymond Camden

Not related to your issue, but this: What is to stop me from editing my cookie and setting my ID to be someone else? === Raymond Camden, ColdFusion Jedi Master for Mindseye, Inc (www.mindseye.com) Member of Team Mac

RE: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

Re: [cflogin] My Symptoms and my application.cfm code...

RE: [cflogin] My Symptoms and my application.cfm code...

19 matches

Site Navigation

Mail list logo

Footer information