EasyCFM.COM ColdFusion Forums / Bug Reports! / Authentication Tutorial Notes

Discussion is Locked.This discussion has been locked by Webmaster. << previous || next >> 
Posted By Discussion Topic: Authentication Tutorial Notes

book mark this topic Printer-friendly Version  send this discussion to a friend  new posts last

Webmaster
01-28-2003 @ 6:17 PM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Administrator
Posts: 4542
Joined: Jan 2002

The biggest problem I've seen people make with the login authentication tutorial is with this line:

<cfif session.allowin neq "true">
     <cfif CGI.SCRIPT_NAME EQ "logon.cfm">
     <cfelseif CGI.SCRIPT_NAME EQ "login_process.cfm">
     <cfelse>
    
     <!--this user is not logged in, alert the user and redirect to the login.cfm page------>
    
          <script>
               alert("You must be logged in to access this area.");
               self.location="logon.cfm";
          </script>
     </cfif>
</cfif>


You must remember that CGI.SCRIPT_NAME will pass the virtual path. Therefore, just putting the file name is is not a valid value. By this I mean as follows:

If the user is logging in at the following URL:
http://www.mysite.com/logon.cfm

Then the value of CGI.SCRIPT_NAME will be "/logon.cfm" so that is what you MUST check and modify the script as follows:

<cfif session.allowin neq "true">
     <cfif CGI.SCRIPT_NAME EQ "/logon.cfm">
     <cfelseif CGI.SCRIPT_NAME EQ "/login_process.cfm">
     <cfelse>
    
     <!--this user is not logged in, alert the user and redirect to the login.cfm page------>
    
          <script>
               alert("You must be logged in to access this area.");
               self.location="/logon.cfm";
          </script>
     </cfif>
</cfif>


Now if the login path is:
http://www.mysite.com/members/logon.cfm
then you must modify it as follows:

<cfif session.allowin neq "true">
     <cfif CGI.SCRIPT_NAME EQ "/members/logon.cfm">
     <cfelseif CGI.SCRIPT_NAME EQ "/members/login_process.cfm">
     <cfelse>
    
     <!--this user is not logged in, alert the user and redirect to the login.cfm page------>
    
          <script>
               alert("You must be logged in to access this area.");
               self.location="/members/logon.cfm";
          </script>
     </cfif>
</cfif>


Try to modify it accordingly to the path you are using.... if you still have question, email me with your path (even if it's a local path (i.e. http://127.0.0.1)) and I'll send you a modofied version of that line.

Thanks,
Pablo Varando
EasyCFM.COM, LLC.
=====================================================
"In my early years SPAM was good, not!"


Website Designed and Developed by Pablo Varando.