W3Schools Forum > Login problem

vchris

Dec 18 2006, 07:55 PM

The only thing accessible on the site I'm working on is a login page. So I have login_e.cfm and Application.cfm and then a secure folder called secure that contains the site and another Application.cfm.

My problem is that when I log in with the correct info, the login page reloads and if I refresh the page or click login again without any info in the fields, I'm redirected to the secure folder and I'm logged in. For some reason I have to reclick or refresh the page myself. Same thing happens on logout. I have to reclick the logout button.

I have a session variable called LoggedIn. By default it's 0 and when the user is logged in it's 1.

Login_e.cfm

CODE

<cfif isDefined('form.login')>
      <cfif len(form.uname) gt 0 AND len(form.pword) gt 0>
        <cfif form.uname eq 'a' AND form.pword eq 'b'>
            <cfset Session.LoggedIn = 1>
        </cfif>
        <h3>Loggin unsuccessful</h3>
    <cfelse>
        <h3>Username and password are required.</h3>
    </cfif>
  </cfif>

Public Application.cfm

CODE

Private Application.cfm

CODE

Do I have to redirect myself? Won't Application.cfm do it automatically?

Skemcin

Dec 18 2006, 08:20 PM

Why do you need two seperate application.cfm pages?

In any case, try using client side redirects - use javascript instead of the cflocation - see if that makes a difference. My guess would be that the cflocation is never giving the client a chance to register itself as being logged in - I only use cflocation with 301 redirects - everything else I waste the bandwidth and go back to the client so I know anything I have defined on that page prior to the redirect will hold.

OLD

CODE

NEW

CODE

<cfif Session.LoggedIn eq 0>
<script language="javascript" type="text/javascript">
// alert('Optional Alert Message.\nClick OK to Continue.');
document.location="../login_e.cfm";
</script></cfif>

vchris

Dec 20 2006, 07:17 PM

I'm testing the development site on the live server and it seems like I can't login. I get a CF error but I was able to login on the dev server. I only have 1 application.cfm now.

QUOTE

An error occurred while evaluating the expression:

Session.allowin="true"

Error near line 18, column 9.

Symbol Session.allowin is in a scope that contains data shared across threads and cannot be accessed without an active lock

The error occurred while processing an element with a general identifier of (CFSET), occupying document position (18:3) to (18:32) in the template file /magma/users/u40/environ/public_html/PRTR/validate_e.cfm.

Date/Time: Wed Dec 20 14:15:41 2006
Browser: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1
Remote Address: 199.212.18.131

Application.cfm

CODE

<cfapplication sessionmanagement="Yes" sessiontimeout="10" name="prtr" clientmanagement="No">

<cflock type="EXCLUSIVE" scope="SESSION" timeout="10">
<cfparam name="Session.UserName" default="">
<cfparam name="Session.LoggedIn" default="0">
<cfparam name="Session.UserType" default="">
<cfparam name="session.allowin" default="false">
</cflock>

<cfif session.allowin neq "true">
    <cflocation url="index_e.cfm" addtoken="no">
    <cfabort>
<cfelse>

    <form name="loginform" action="validate_e.cfm" method="get">

<input type="hidden" name="user_required" value="Please input a Username">
<input type="hidden" name="pass_required" value="Please input a Password">

<p>Username: <input type="text" name="user"></p>
<p>Password: <input type="password" name="pass"></p>
<p><input type="submit" value="Submit" name="loginsubmit"></p>

</form>
</cfif>

Skemcin

Dec 20 2006, 10:16 PM

try using:
#createtimespan(0,0,2,0)#

for your sessiontimeout attribute in your <cfapplication> tag. That would be days, hours, minutes, seconds.

Then, try it without the cflock, too.

See if that helps.

CODE

<cfapplication sessionmanagement="Yes" sessiontimeout="#createtimespan(0,0,10,0)#" name="prtr" clientmanagement="No">

<cfparam name="Session.UserName" default="">
<cfparam name="Session.LoggedIn" default="0">
<cfparam name="Session.UserType" default="">
<cfparam name="session.allowin" default="false">

<cfif session.allowin neq "true">
    <cflocation url="index_e.cfm" addtoken="no">
    <cfabort>
<cfelse>

    <form name="loginform" action="validate_e.cfm" method="get">

<input type="hidden" name="user_required" value="Please input a Username">
<input type="hidden" name="pass_required" value="Please input a Password">

<p>Username: <input type="text" name="user"></p>
<p>Password: <input type="password" name="pass"></p>
<p><input type="submit" value="Submit" name="loginsubmit"></p>

</form>
</cfif>

vchris

Dec 21 2006, 01:51 PM

Doesn't seem to work. I think the live server has different settings on it...

Skemcin

Dec 21 2006, 02:33 PM

Try a couple of these solutions:
http://www.google.com/search?q=is+in+a+sco...+an+active+lock

vchris

Jan 10 2007, 05:59 PM

Seems like the web server uses Allaire ColdFusion. I never heard of that version before.

Skemcin

Jan 12 2007, 09:21 PM

QUOTE (vchris @ Jan 10 2007, 11:59 AM)

Seems like the web server uses Allaire ColdFusion. I never heard of that version before.

Sorry - busy week - anyway - Allaire - omg, too funny.

Allaire is the last name of the original creators of the ColdFusion technology. Since then, its been bought out by Macromedia and Adobe - that is a total of 4 server versions. If it says Allaire - it is old (no offensive to Jeremy and JJ Allaire). So, is it version 3, most of the world is on version 7.0.2.

vchris

Jan 13 2007, 03:48 AM

Must be. This week we tried using a method using cookies for the login that we found on their website FAQ and it didn't even work... You know how PHP can be set to a certain version in a control panel, well can CF be set the same way? Maybe it's still set to version Allaire but in fact version 6 or 7 is available. We still don't have access to the CP since only 2 people have access to it and 1 is gone for a couple years and another is gone to a French course and is hard to contact. Anyway I don't care, I'm gone for a week

Skemcin

Jan 13 2007, 04:06 AM

QUOTE (vchris @ Jan 12 2007, 09:48 PM)

Must be. This week we tried using a method using cookies for the login that we found on their website FAQ and it didn't even work... You know how PHP can be set to a certain version in a control panel, well can CF be set the same way? Maybe it's still set to version Allaire but in fact version 6 or 7 is available. We still don't have access to the CP since only 2 people have access to it and 1 is gone for a couple years and another is gone to a French course and is hard to contact. Anyway I don't care, I'm gone for a week

just do this on a page:

<cfdump var="#server#">

That will tell you everything (and a little more) than you need to know.

vchris

Mar 5 2007, 08:01 PM

QUOTE (Skemcin @ Jan 12 2007, 11:06 PM)

just do this on a page:

<cfdump var="#server#">

That will tell you everything (and a little more) than you need to know.

Is there other variables for cfdump? Is there one to view all data sources?

Skemcin

Mar 6 2007, 12:21 AM

Hi,

You can dump any scope:

<cfdump var="#cgi#">
<cfdump var="#cookie#">
<cfdump var="#session#">
<cfdump var="#form#">
<cfdump var="#url#">
<cfdump var="#server#">
<cfdump var="#application#">
<cfdump var="#request#">
<cfdump var="#variables#">
<cfdump var="#qryYourQueryName#">
etc.

But, I do not think any of those will return available datasources - those would have to be obtained from the ColdFusion Administrator - at least as far as I know.