freelanceprogrammers.org Forum Index » Cold Fusion

View previous topic :: View next topic
Post new topic   Reply to topic

[Cold Fusion]<DEV> Login | CF Compare?


View user's profile Post To page top
jwilliams@... Posted: Wed Apr 05, 2000 8:21 pm


Joined: 05 Apr 2000

Posts: 10
[Cold Fusion]<DEV> Login | CF Compare?
The problem is when I compare a form variable against a database record i.e.

<CFSET VarUsername = Form.Username>

<CFQUERY name="Login" datasource="AIS" maxrows="1" dbtype="ODBC">
SELECT * From users WHERE username = `#VarUsername#`
</CFQUERY>

<CFOUTPUT query="Login">

<CFIF #password# EQ #Form.PW#>

<H1>Login OK</H1>

<a href="users/#Form.Username#">Go To My User Page</a>

<CFELSE>

<H1>Login Fails</h1>

<a href="login.htm">Try Again</a>
</CFIF>

Is this the best way to go about a Login Page? Im planning on setting
cookies but this cold fusion stuff is all nwe to me. I bought the WDK
Beginners edition but it doesn`t help me very much with this situation. If
anybody can give me examples or places to find them it would be greatly
appreciated.



John Williams
Director Of Technical Services
JWilliams@...
Analysis & Information Services
Phone: (410)561-0778
Fax: (410)561-9657
Reply with quote
Send private message
View user's profile Post To page top
todd@... Posted: Wed Apr 05, 2000 9:28 pm


Joined: 05 Apr 2000

Posts: 7
[Cold Fusion]<DEV> Login | CF Compare?
Here is the way I implement my logins. This *may* not be the best way, but
it`s quick and works for me. I don`t bother with case sensitivity, but you
can easily add a check for it, if you do.

I have an `authentication page` that has this code in it:

<!--- first I make sure they actually filled out the form --->
<CFIF IsDefined(`Form.txtLogin`) AND Form.txtLogin IS NOT "">

<!--- if they did, run the query. if not, send them back to the login
page with an error --->
<CFQUERY name="qryGetLoginInfo" datasource="Datasource">
SELECT contact_id, username, password FROM user_login WHERE
username = `#Form.txtLogin#` AND password = `#Form.txtPassword#`
</CFQUERY>

<!--- then I make sure the query returned a value. If it didn`t, then I
know they don`t have a login and get sent back to the login page with an
error. If the query did return a value, then set a Session.Variable and
send them on to the next page. --->
<CFIF IsDefined(`qryGetLoginInfo.contact_id`) AND
qryGetLoginInfo.contact_id IS NOT "">
<CFSET Session.ContactID = #qryGetLoginInfo.contact_id#>
<CFLOCATION url="admin/Default.cfm">
<CFELSE>
<CFLOCATION url="login.cfm?no=pass">
</CFIF>
<CFELSE>
<CFLOCATION url="login.cfm?no=pass">
</CFIF>
<!--- no=pass is just a trigger that I can check for when my login page
loads to determine if I need to display an error message or not. --->

Then, I take all of the files I want to password protect and put them in
their own folder. In that folder I create an Application.cfm with the
following code in it:

<!--- If the Session.ContactID is blank, or hasn`t been set, then they get
sent back to the login page. When no=pass is sent to the login page, a
message explaining that the session timed out, or they have not logged in,
is displayed, otherwise, the login page is displayed as normal. --->
<CFIF NOT IsDefined(`Session.ContactID`) OR Session.ContactID IS "" OR
Session.ContactID IS "0">
<CFLOCATION url="../login.cfm?no=pass">
</CFIF>
<!--- with this code, every time a page loads in this folder, it runs the
Application.cfm file and checks for that Session.ContactID that was set at
login. If it`s ever missing, or times out, or anything, they get booted
back to the login page with an error message. --->

And that`s it. Like I said, it might not be the best way, but it`s simple,
reusable, and it works. Plus, I can use that Session.ContactID that they
were assigned when they logged in to track what they do. ;)

All you have to do to log them out is to clear their Session.Variable. :)
Make sense?

Todd Ashworth
--------------------------------------
Saber Corporation
Web Application Development
www.sabersite.com
(803) 327-0137 [111]
(803) 328-2868 (fax)

----- Original Message -----
From: "John H Williams" <jwilliams@...>
To: "Cold Fusion List (E-mail)" <cold_fusion@onelist.com>
Sent: Wednesday, April 05, 2000 11:21 AM
Subject: [cold_fusion] [Cold Fusion]<DEV> Login | CF Compare?


> The problem is when I compare a form variable against a database record
i.e.
>
> <CFSET VarUsername = Form.Username>
>
> <CFQUERY name="Login" datasource="AIS" maxrows="1" dbtype="ODBC">
> SELECT * From users WHERE username = `#VarUsername#`
> </CFQUERY>
>
> <CFOUTPUT query="Login">
>
> <CFIF #password# EQ #Form.PW#>
>
> <H1>Login OK</H1>
>
> <a href="users/#Form.Username#">Go To My User Page</a>
>
> <CFELSE>
>
> <H1>Login Fails</h1>
>
> <a href="login.htm">Try Again</a>
> </CFIF>
>
> Is this the best way to go about a Login Page? Im planning on setting
> cookies but this cold fusion stuff is all nwe to me. I bought the WDK
> Beginners edition but it doesn`t help me very much with this situation.
If
> anybody can give me examples or places to find them it would be greatly
> appreciated.
>
>
>
> John Williams
> Director Of Technical Services
> JWilliams@...
> Analysis & Information Services
> Phone: (410)561-0778
> Fax: (410)561-9657
>
>
>
> ------------------------------------------------------------------------
> GET A NEXTCARD VISA, in 30 seconds! Get rates as low as 2.9%
> Intro or 9.9% Fixed APR and no hidden fees. Apply NOW!
> http://click.egroups.com/1/936/4/_/291057/_/954948367/
> ------------------------------------------------------------------------
>
>
>
Reply with quote
Send private message
Post new topic Reply to topic
Display posts from previous:   
freelanceprogrammers.org Forum Index » Cold Fusion
 

All times are GMT
Page 1 of 1
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Freelace Website Designer - Customer web design and software building.
China Wholesale - Electronics Products
Character Studio - Tutorials and Help