select name from user where username = '#form.username#' and password = '#form.password#' Note that there are places for better error messages, etc, but I leave that exercise to you. Also, you'll need to change the query, and where the firstname and lastname are being pulled out of. Once they're logged in, you can have a link to a logout page (/protected/logout.cfm), with the content of logout.cfm as follows: To answer your question on CGI.SCRIPT_NAME and CGI.QUERY_STRING: CGI.SCRIPT_NAME is the part of the URL after the hostname, before the query string. For the URL [url]http://www.example.com/foo/bar/baz.html?test=1&example=Yes[/url] the SCRIPT_NAME is: /foo/bar/baz.html CGI.QUERY_STRING is everything in the URL after the ?. in the example URL above, it would be: test=1&example=Yes [allowsmilie] => 1 [showsignature] => 0 [ipaddress] => [iconid] => 0 [visible] => 1 [attach] => 0 [infraction] => 0 [reportthreadid] => 0 [isusenetpost] => 1 [msgid] => [ref] => [htmlstate] => on_nl2br [postusername] => Kronin555 [ip] => webforumsuser@m [isdeleted] => 0 [usergroupid] => [membergroupids] => [displaygroupid] => [password] => [passworddate] => [email] => [styleid] => [parentemail] => [homepage] => [icq] => [aim] => [yahoo] => [msn] => [skype] => [showvbcode] => [showbirthday] => [usertitle] => [customtitle] => [joindate] => [daysprune] => [lastvisit] => [lastactivity] => [lastpost] => [lastpostid] => [posts] => [reputation] => [reputationlevelid] => [timezoneoffset] => [pmpopup] => [avatarid] => [avatarrevision] => [profilepicrevision] => [sigpicrevision] => [options] => [akvbghsfs_optionsfield] => [birthday] => [birthday_search] => [maxposts] => [startofweek] => [referrerid] => [languageid] => [emailstamp] => [threadedmode] => [autosubscribe] => [pmtotal] => [pmunread] => [salt] => [ipoints] => [infractions] => [warnings] => [infractiongroupids] => [infractiongroupid] => [adminoptions] => [profilevisits] => [friendcount] => [friendreqcount] => [vmunreadcount] => [vmmoderatedcount] => [socgroupinvitecount] => [socgroupreqcount] => [pcunreadcount] => [pcmoderatedcount] => [gmmoderatedcount] => [assetposthash] => [fbuserid] => [fbjoindate] => [fbname] => [logintype] => [fbaccesstoken] => [newrepcount] => [vbseo_likes_in] => [vbseo_likes_out] => [vbseo_likes_unread] => [temp] => [field1] => [field2] => [field3] => [field4] => [field5] => [subfolders] => [pmfolders] => [buddylist] => [ignorelist] => [signature] => [searchprefs] => [rank] => [icontitle] => [iconpath] => [avatarpath] => [hascustomavatar] => 0 [avatardateline] => [avwidth] => [avheight] => [edit_userid] => [edit_username] => [edit_dateline] => [edit_reason] => [hashistory] => [pagetext_html] => [hasimages] => [signatureparsed] => [sighasimages] => [sigpic] => [sigpicdateline] => [sigpicwidth] => [sigpicheight] => [postcount] => 5 [islastshown] => 1 [isfirstshown] => [attachments] => [allattachments] => ) --> <cflogin> and <cfloginuser> problems - Coldfusion - Getting Started

<cflogin> and <cfloginuser> problems - Coldfusion - Getting Started

Hey guys, I was wondering if you could help me. I have been trying to use the <cflogin> and <cfloginuser> scripts in my Application.cfm but with no success. The first reason for the no success is that it will not redirect back to index.cfm if the user hasn't logged on. Second reason is that in the login form, the Reference Guide has #CGI.script_name#?#CGI.query_string# as the action. What the hell is this and how does it work. lol... What i would like is a script that allows my users to log on in the index.cfm (but be restricted from the other ...

  1. #1

    Default <cflogin> and <cfloginuser> problems

    Hey guys, I was wondering if you could help me. I have been trying to use the
    <cflogin> and <cfloginuser> scripts in my Application.cfm but with no success.
    The first reason for the no success is that it will not redirect back to
    index.cfm if the user hasn't logged on.
    Second reason is that in the login form, the Reference Guide has
    #CGI.script_name#?#CGI.query_string# as the action. What the hell is this and
    how does it work. lol...

    What i would like is a script that allows my users to log on in the index.cfm
    (but be restricted from the other pages until logged in) and have their session
    variables saved so that they can see their username from the dynamic text and
    be able to change their details. And then when thay have finished, be able to
    logout (and have their session killed so that they cannot press the back button
    to go back to the previous page).

    The thing that really gets me though is the CGI scripts and how they work.

    Here is a step by step in which i want the users to do:
    1.Log in from index.cfm
    2.Be directed to the index2.cfm page.
    3.See "hello (whatever their name is)" from the dynamic text.
    4.Press the logout button and be returned to the index.cfm page (the only
    non-registered user page apart from register.cfm) with their session killed

    I am running Coldfusion MX 7.

    Thanks in advance.

    mikkime23 Guest

  2. #2

    Default Re: <cflogin> and <cfloginuser> problems

    sorry for the bump but my business needs your help...
    mikkime23 Guest

  3. #3

    Default Re: <cflogin> and <cfloginuser> problems

    Go read the CFML Reference doentation on <cflogin>, <cfloginuser>, etc.

    I'll give you a hint: your index.cfm page (since you want non-authenticated
    users to see it, and you want your login form on it), is the loginform.cfm
    page. Once they successfully log in (which _you_ check for in your code), then
    you can forward them to index2.cfm. In order to place their name on the page,
    you want to store some user information in their SESSION, which requires that
    you have SESSION variables setup in your <cfapplication> tag.

    _Your_ business needs _your_ help. Do some homework, then if you still have
    questions you can ask again.

    Kronin555 Guest

  4. #4

    Default Re: <cflogin> and <cfloginuser> problems

    I have done my homework, and i have done all of thoses practice things but I
    don't understand them. That was my whole point in posting his thread.

    Hey guys, I was wondering if you could help me. I have been trying to use the
    <cflogin> and <cfloginuser> scripts in my Application.cfm but with no success.
    The first reason for the no success is that it will not redirect back to
    index.cfm if the user hasn't logged on.
    Second reason is that in the login form, the Reference Guide has
    #CGI.script_name#?#CGI.query_string# as the action. What the hell is this and
    how does it work. lol...

    Sorry for being a pain in the , but i really need this...

    mikkime23 Guest

  5. #5

    Default Re: <cflogin> and <cfloginuser> problems

    So you have 2 pages that anyone can see:
    index.cfm - this page has the login form on it
    register.cfm

    And everything else (I'm assuming there's more than just index2.cfm?) needs to
    be accessed only after login?

    The best thing to do:
    move protected pages under a subfolder. For explanation sake, let's move them
    under a folder called "protected"

    So you have in your web root:
    /index.cfm
    /register.cfm
    /Application.cfm -- no <cflogin...> tag at all, but a <cfapplication...> tag,
    etc.
    /protected/index.cfm
    /protected/Application.cfm
    /protected/logout.cfm

    the login form at /index.cfm has as its action /protected/index.cfm
    Here's an example snippet of the login form that's in the /index.cfm:
    <form name="LoginForm" action="/protected/index.cfm" method="post">
    Name: <input type="text" name="username"><br>
    Password: <input type="password" name="password"><br>
    <input type="submit" name="Login" value="Login">
    </form>

    Now in the /protected/Application.cfm, you want to have something similar to:
    <cinclude template="../Application.cfm">
    <cflogin>
    <cfif not isDefined("form.username") and not isDefined("form.password")>
    <cflocation url="/">
    <cfelseif form.username eq "" or form.password eq "">
    <!--- both username and password are required... --->
    </cfif>
    <cfquery name="AuthUser" datasource="#DSN#">
    select name from user where username = '#form.username#' and password =
    '#form.password#'
    </cfquery>
    <cfif AuthUser.recordcount eq 1>
    <cfloginuser name="#AuthUser.userid#" password="#form.password#" roles="User">
    <cfset SESSION.User = StructNew()>
    <cfset SESSION.User.FirstName = AuthUser.firstname>
    <cfset SESSION.User.LastName = AuthUser.lastname>
    <cfelse>
    <!--- login is invalid --->
    </cfif>
    </cflogin>

    Note that there are places for better error messages, etc, but I leave that
    exercise to you. Also, you'll need to change the query, and where the firstname
    and lastname are being pulled out of.

    Once they're logged in, you can have a link to a logout page
    (/protected/logout.cfm), with the content of logout.cfm as follows:
    <cflogout>
    <cfset StructDelete("SESSION","User")>
    <cflocation url="/">
    <!--- it might be nice to put a message about "You are logged out" here --->

    To answer your question on CGI.SCRIPT_NAME and CGI.QUERY_STRING:
    CGI.SCRIPT_NAME is the part of the URL after the hostname, before the query
    string. For the URL [url]http://www.example.com/foo/bar/baz.html?test=1&example=Yes[/url]
    the SCRIPT_NAME is: /foo/bar/baz.html
    CGI.QUERY_STRING is everything in the URL after the ?. in the example URL
    above, it would be:
    test=1&example=Yes

    Kronin555 Guest

Similar Threads

  1. cflogin
    By Mattastic in forum Macromedia ColdFusion
    Replies: 5
    Last Post: August 11th, 10:09 AM
  2. Using <cflogin>
    By ckainc in forum Coldfusion - Getting Started
    Replies: 1
    Last Post: June 22nd, 01:35 PM
  3. cflogin problem
    By prabin_sh in forum Coldfusion - Advanced Techniques
    Replies: 4
    Last Post: May 11th, 04:36 PM
  4. cflogin confusion
    By nckgb in forum Macromedia ColdFusion
    Replies: 2
    Last Post: March 18th, 07:08 PM
  5. cflogin HELP
    By nckgb in forum Coldfusion - Getting Started
    Replies: 0
    Last Post: March 15th, 03:00 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •