Doesn't ANYBODY know anything about cflogin???

[nckgb]

:Q Do the people on this forum not know anything about cflogin OR is it they do
not wish to share??? I posted a ? a week ago and I am still waiting to here a
reply. Here is the problem. Hi I need some help. Ifind lots of tutorials for
simple login and for using cflogin in the Application...BUT nothing about using
cf_login for single pages. Here are the codes I am using and ALL that is
happening is I am returned to the login page everytime, if I enter correct or
false data and NO error message...PLUS there is no login happening. !. I put
this code in the BODY ON THE PAGE I want to secure: (The login form does show
up on the page just does nothing) <body> <cfif not len(getAuthUser())> <cfset
request.loginmessage = 'You need to Log In.'> <cfinclude
template='../LogIn/ForceUserLogIn.cfm'> </cfif> <!-- Get authorized user
suppled in Name of login tag --> <cfset ContactName = ListFirst(GetAuthUser())>
<cfoutput> <h2>Add or Edit a Event</h2> WELCOME BACK, #ContactName#
</cfoutput> </body> I then have a login form; <!--- If the user is now
submitting the 'login' form, include 'Login Check' code ---> <!--- to validate
user ---> <cfif IsDefined('Form.UserLogin')> <cfinclude
template='LoginCheck.cfm'> </cfif> <html> <head> <title>Log In</title> <meta
http-equiv='Content-Type' content='text/html; charset=iso-8859-1'> </head>
<body> <!--- Start our Log in Form ---> <cfform action='#CGI.SCRIPT_NAME#'
name='LoginForm' method='post'> <!--- Make the UserLogIn and UserPass fields
required ---> <input type='hidden' name='UserLogIn_required'> <input
type='hidden' name='UserPass_required'> <table border='0' bgcolor='#FFFF00'
align='right'> <tr><Th colspan='2'>Please Log in</Th></tr> <tr></tr> <tr></tr>
<tr> <th>User Name (Alias): </th> <td> <!--- text field for user name 'Alias'
---> <cfinput type='text' name='UserLogIn' size='20' value='' maxlength='100'
required='yes' message='Please type your user name AKA Your User Alias'> </td>
</tr> <tr></tr> <tr></tr> <tr></tr> <tr> <th>Password: </th> <td> <!--- text
field for Password ---> <cfinput type='password' name='UserPass' size='20'
value='' maxlength='100' required='yes' message='Please insert your user
password.'> <!--- Submit button that reads submit ---> <input type='submit'
value='Log In'> </td> <td> </td> </tr> </table> <table> <tr> <td> </td>
<td><font size='+1' face='Comic Sans MS, MS Serif, Arial'> Forgot your
password? </font> <font face='Comic Sans MS, MS Serif, Arial'> Send it to your
registered Email address </font> </td> <td> </td> <td> <a name=''
onClick='window.open('./to email.cfm')'> <img src='../Images/fastemail.gif'>
</td> </tr> </table> </cfform> <cfinclude template='../head and
foot/footer.cfm'> </table> <cfinclude template='LogInFocus.cfm'> </body>
</html> I then have a check if they are logged in form; <!--- validates a user
login name and password ---> <!--- first make sure we have a login name and
password ---> <cfparam name='Form.UserLogIn' type='string'> <cfparam
name='Form.UserPass' type='string'> <!--- find record with this user name and
password ---> <!--- if no rows returned one or both are not valid ---> <cfquery
name='GetUser' datasource='#REQUEST.DataSource#'> SELECT UserID, UserLogIn,
UserCity, UserState, UserCounty, UserCountry FROM Users WHERE UserLogIn
='#Form.UserLogIn#' AND UserPass ='#Form.UserPass#' </cfquery> <!--- If the
username and password are correct ---> <cfif GetUser.RecordCount EQ 1> <!---
remember user's logged in status, plus ---> <!--- UserID and UserLogin name in
structure ---> <cfset SESSION.Auth = StructNew()> <cfset
SESSION.Auth.IsLoggedIn = 'yes'> <cfset SESSION.Auth.UserID = GetUser.UserID>
<cfset SESSION.Auth.UserLogIn = GetUser.UserLogIn> <!--- Now that user is
logged in, send them to whatever page they were trying to access --->
<cflocation url='#CGI.SCRIPT_NAME#'> </cfif> the code I am using for
ForceUserLog.cfm in my ? It is here <body> <cfif not len(getAuthUser())> <cfset
request.loginmessage = 'You need to Log In.'> <cfinclude
template='../LogIn/ForceUserLogIn.cfm'> <<<<<<!--- HERE --->>>>>> </cfif>
<!--- This is my forceUserlogin.cfm ---> <!--- Force the user to log in --->
<!--- This code executes only if the user has not logged in ---> <!--- Once the
user is logged in via <cfloginuser>, this code will be skipped ---> <cflogin>
<!--- If the user hasn't gotten the login form yet, display it ---> <cfif NOT
(IsDefined('FORM.UserLogin') AND IsDefined('FORM.UserPassword'))> <cfinclude
template='LoginForm.cfm'> <cfabort> <!--- Otherwise, the user is submitting
the login form ---> <!--- This code decides wheather the username and password
are valid ---> <cfelse> <!--- Find record with this Username/Password --->
<!--- If no rows returned, password not valid ---> <cfquery name='Logged'
datasource='#REQUEST.DataSource#'> SELECT UserID, UserLogIn, UserPass,
UserRoleName FROM Users WHERE UserLogIn = '#FORM.UserLogIn#' AND UserPass =
'#Form.UserPass#' </cfquery> <!--- If the user name and password are correct
.... ---> <cfif Logged.RecordCount EQ 1> <!--- Tell CF to consider the user
logged in ---> <!--- For the name attribute, we will provide the user
alias(UserLogin), seperated by commas. Later we can access the NAME value via
GetAuthUser() ---> <cfloginuser NAME='#Logged.UserID#,#Logged.UserLogIn#'
PASSWORD='#FORM.UserPass#' roles='#Logged.UserRoleName#'> <!--- Otherwise,
re-prompt for a valid username and password ---> <cfelse> Sorry, we do not know
this User Name OR Password. Please try again. <cfinclude
template='LogInForm.cfm'> <<<<< <!--- HERE -->>>>>>< <cfabort> </cfif>
</cflogin> Thanks for any help anyone can give.

[mpwoodward *TMM*]

nckgb wrote:

> :Q Do the people on this forum not know anything about cflogin OR is it they do
> not wish to share??? I posted a ? a week ago and I am still waiting to here a
> reply.

I replied to another post of yours--did you not see it? Here it is
again. I will try to answer any additional questions you may have.

Unless I'm just missing it I don't see that you're using cflogin or
cfloginuser anywhere on this page, so getAuthUser() is never going to
return anything. Think of cflogin this way. Anything you put between
your cflogin tags is only going to get executed if someone is not logged
in, so for example you could put your login form in your cflogin tags.
Also in my experience you have to have your cfloginuser tag inside a
cflogin tag for it to work properly, so you'd have to do a check for the
form submission, validate the user, and if that's successful then log
the user in. There is a very basic example here that illustrates this:
[url]http://tinyurl.com/5lqy6[/url]

Whether you want to apply this to your entire site or one page, the
principle would be the same.

Hope that helps!
Matt


--
Matt Woodward
Team Macromedia - ColdFusion

[nckgb]

You did not read my reply on the first post NOR did you read this post. I
forgot in the first post to put in the forceuserlogin.cfm Which I did repost in
the first post and is on this post! I also have a application.cfm with the
session enabled. PLEASE HELP. READ what I am trying to do and please tell me
what I am doing wrong. Thanks

[mpwoodward *TMM*]

nckgb wrote:

> You did not read my reply on the first post NOR did you read this post. I
> forgot in the first post to put in the forceuserlogin.cfm Which I did repost in
> the first post and is on this post! I also have a application.cfm with the
> session enabled. PLEASE HELP. READ what I am trying to do and please tell me
> what I am doing wrong. Thanks
>

I think your problem is that you're using cflocation to route people
back to the same page, which affects the setting of the cflogin cookie.
I created a simplified version of what you're trying to do and used a
javascript redirect instead of cflocation and it worked fine, so try
that and see if it solves the problem.

Matt

--
Matt Woodward
Team Macromedia - ColdFusion

[slackula]

now do i feel your pain. i've once had with the same problem you're having,
but i have found better solution. there's a framework out there called ONTAP
that does everything you're asking (there have been articles and macrumedia
presentations about it and it look very good) try it out and you will be
happy. use ONTAP.

greetings from italy!

[slackula]

now do i feel your pain. i've once had with the same problem you're having,
but i have found better solution. there's a framework out there called ONTAP
that does everything you're asking (there have been articles and macrumedia
presentations about it and it look very good) try it out and you will be
happy. use ONTAP.

greetings from italy!

[Paul Whitham TMM]

The CFlocation used to cause problems with Cookies in early versions of CF
but that was fixed in MX6.1

--
Regards

Paul Whitham
Macromedia Certified Professional for Dreamweaver MX2004
Valleybiz Internet Design
[url]www.valleybiz.net[/url]

Team Macromedia Volunteer for Ultradev/Dreamweaver MX
[url]www.macromedia.com/support/forums/team_macromedia[/url]

"mpwoodward *TMM*" <mpwoodward@gmail.com> wrote in message
news:d1slob$ltn$1@forums.macromedia.com...

> nckgb wrote:

> > You did not read my reply on the first post NOR did you read this post.

I

> > forgot in the first post to put in the forceuserlogin.cfm Which I did

repost in

> > the first post and is on this post! I also have a application.cfm with

the

> > session enabled. PLEASE HELP. READ what I am trying to do and please

tell me

> > what I am doing wrong. Thanks
> >

>
> I think your problem is that you're using cflocation to route people
> back to the same page, which affects the setting of the cflogin cookie.
> I created a simplified version of what you're trying to do and used a
> javascript redirect instead of cflocation and it worked fine, so try
> that and see if it solves the problem.
>
> Matt
>
> --
> Matt Woodward
> Team Macromedia - ColdFusion

[mpwoodward *TMM*]

Paul Whitham TMM wrote:

> The CFlocation used to cause problems with Cookies in early versions of CF
> but that was fixed in MX6.1
>

Well, there's still something going on here related to that apparently
because when I replace the cflocation with a javascript redirect, voila,
things work as they should. I'll have to dig into it more tomorrow.
Could it be because in this case the page is getting routed back to itself?

My modified version of the original poster's code is below, and this
works fine. If I replace the javascript bit with a cflocation (I'm on
CFMX 7), it doesn't work and I see the behavior this person is seeing,
namely that the login doesn't seem to stick and you just see the login
form over and over. I've personally never routed things back to the
same page like this before when I use cflogin, but that's the behavior
I'm seeing. (Note that this code is cfincluded on another page that's
supposed to be protected by cflogin.)

<cflogin>
<!--- if they're submitting the form, validate --->
<cfif StructKeyExists(form, "username")>
<cfif form.username EQ "admin" AND form.password EQ "admin">
<cfloginuser name="admin" password="admin" roles="admin" />
<cfelse>
You need to log in.
</cfif>
<script language="javascript">
<cfoutput>document.location.href =
"#CGI.SCRIPT_NAME#";</cfoutput>
</script>

<cfelse>
<cfform action="#CGI.SCRIPT_NAME#" method="post">
<table border="1">
<tr>
<td align="right">User Name:</td>
<td><cfinput type="text" name="username"
required="yes" /></td>
</tr>
<tr>
<td align="right">Password:</td>
<td><cfinput type="password" name="password"
required="yes" /></td>
</tr>
<tr>
<td colspan="2" align="center"><input
type="submit" value="Login" /></td>
</tr>
</table>
</cfform>
<cfabort />
</cfif>
</cflogin>


Matt
--
Matt Woodward
Team Macromedia - ColdFusion

[tjfrevert]

If you use cflocation CF doesn't set cookies , session variables or run queries
on that cfm page. If you move the login script into a cfc, pass it the login
info and then, do a redirect on the cfm page based on the returned data from
the cfc it will work much better.