| Posted By |
Discussion Topic: login
-- page:
1
2
|
|
zionist |
03-21-2007 @ 3:21 AM |
|
|
Junior Member
Posts: 94
Joined: Feb 2007
|
HI GUYS I AM HAVING A PROBLEM WITH MY LOGIN FORM. I HAVE TO SETS OF USERS (ADMIN AND USERS) THAT I WOULD LIKE TO GIVE ACCESS TO DIFFERENT DATA ON MY APPLICATION.WELL THE LOGIN WORKS BUT NOT PERFECT.THIS IS THE EXPLANATION.I AM TESTING IT ON MY LAPTOP WITH IE AND OPERA.WHEN I LOGIN AS ADMIN I GAIN ACCESS TO ADMIN PAGES AND WHEN I LOGIN AS AN ORDINARY USER I GAIN ACCESS TO THE RIGHT DATA BUT THE PROBLEM IS WHEN I LOGIN AS EITHER ONE OF THE GROUPS IN MY BROWSERS I HAVE TO RESTART THE MACHINE OR WAIT FOR SOMETIME BEFORE I CAN LOGIN AS ANOTHER SAY USER/ADMIN OTHERWISE I I LOGIN AS ADMIN AND LOGOUT THEN LOGIN AS A USER THE LOGIN REDIRECTS TO ITS SELF.HERE IS MY CODE.PLEASE HELP ME
LOGIN FORM(I NAMED IT INDEX.CFM)
<cfif IsDefined("FORM.UserName")>
<cfset MM_redirectLoginSuccess="arkright.cfm">
<cfset MM_redirectLoginSuccess="user.cfm">
<cfset MM_redirectLoginFailed="index.cfm">
<cfquery name="MM_rsUser" datasource="house">
SELECT UserName,Pwd,UsersGroup FROM users WHERE UserName=
<cfqueryparam value="#FORM.UserName#" cfsqltype="cf_sql_clob" maxlength="50">
AND Pwd=<cfqueryparam value="#FORM.Pwd#" cfsqltype="cf_sql_clob" maxlength="50">
</cfquery>
<cfif MM_rsUser.RecordCount NEQ 0>
<cftry>
<cflock scope="Session" timeout="30" type="Exclusive">
<cfset Session.MM_Username=FORM.UserName>
<cfset Session.MM_UserAuthorization=MM_rsUser.UsersGroup[1]>
</cflock>
<cfif IsDefined("URL.accessdenied") AND true>
<cfset MM_redirectLoginSuccess=URL.accessdenied>
</cfif>
<cflocation url="#MM_redirectLoginSuccess#" addtoken="no">
<cfcatch type="Lock"><!--- code for handling timeout of cflock --->
</cfcatch>
</cftry>
</cfif>
<cflocation url="#MM_redirectLoginFailed#" addtoken="no">
<cfelse>
<cfset MM_LoginAction=CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ "">
<cfset MM_LoginAction=MM_LoginAction & "?" & XMLFormat(CGI.QUERY_STRING)>
</cfif>
</cfif><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>AKRIGHT LOGIN FORM</title>
<style type="text/css">
<!--
body {
background-image: url(images/bg_image.png);
}
.style1 {
font-size: 24px;
font-weight: bold;
color: #FFFFFF;
}
.style2 {
color: #FFFFFF;
font-weight: bold;
}
-->
</style>
<script src="Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
<script type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers.document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors=',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == ');
}
//-->
</script>
</head>
<body>
<form id="form1" name="form1" method="POST" action="<cfoutput>#MM_loginAction#</cfoutput>">
<p> </p>
<p align="center" class="style1">PLEASE LOGIN TO ACCESS YOUR SECURITY LEVEL</p>
<p> </p>
<p align="center"><img src="images/ak_projects.png" width="140" height="45" /></p>
<table width="388" height="108" border="0" align="center">
<tr>
<td width="113"><span class="style2">USER NAME: </span></td>
<td width="265"><input name="UserName" type="text" id="UserName" /></td>
</tr>
<tr>
<td><span class="style2">PASSWORD:</span></td>
<td><input name="Pwd" type="password" id="Pwd" /></td>
</tr>
<tr>
<td> </td>
<td><input name="Submit" type="submit" onclick="MM_validateForm('UserName',','R','Pwd',','R');return document.MM_returnValue" value="LOG IN" /></td>
</tr>
</table>
<p>
<script type="text/javascript">
AC_FL_RunContent( 'codebase','http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0','width','10','height','10','src','flash/bg','quality','high','pluginspage','http://www.macromedia.com/go/getflashplayer','movie','flash/bg' ); //end AC code
</script>
<noscript><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="10" height="10">
<param name="movie" value="flash/bg.swf" />
<param name="quality" value="high" />
<embed src="flash/bg.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="10" height="10"></embed>
</object></noscript>
</p>
</form>
</body>
</html>
PART OF THE CODE ON THE ADMIN PAGE(ARKRIGHT.CFM)
<cfif IsDefined("URL.MM_logout") AND URL.MM_logout EQ "1">
<cflock scope="Session" type="Exclusive" timeout="30" throwontimeout="no">
<cfset Session.MM_Username="">
<cfset Session.MM_UserAuthorization="">
</cflock>
<cfset MM_logoutRedirectPage="index.cfm">
<cfif MM_logoutRedirectPage EQ "">
<cfset MM_logoutRedirectPage=CGI.SCRIPT_NAME>
</cfif>
<cfset MM_logoutQuery=ListDeleteAt(CGI.QUERY_STRING,ListContainsNoCase(CGI.QUERY_STRING,"MM_logout=","&"),"&")>
<cfif MM_logoutQuery NEQ "">
<cfif Find("?",MM_logoutRedirectPage) EQ 0>
<cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "?" & MM_logoutQuery>
<cfelse>
<cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "&" & MM_logoutQuery>
</cfif>
</cfif>
<cflocation url="#MM_logoutRedirectPage#" addtoken="no">
</cfif>
<cflock scope="Session" type="ReadOnly" timeout="30" throwontimeout="no">
<cfset MM_Username=Iif(IsDefined("Session.MM_Username"),"Session.MM_Username",DE(""))>
<cfset MM_UserAuthorization=Iif(IsDefined("Session.MM_UserAuthorization"),"Session.MM_UserAuthorization",DE(""))>
</cflock>
<cfif MM_Username EQ "" OR MM_UserAuthorization EQ "" OR ListFind("Admin",MM_UserAuthorization) EQ 0>
<cfset MM_referer=CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ "">
<cfset MM_referer=MM_referer & "?" & CGI.QUERY_STRING>
</cfif>
<cfset MM_failureURL="index.cfm?accessdenied=" & URLEncodedFormat(MM_referer)>
<cflocation url="#MM_failureURL#" addtoken="no">
</cfif>
<cfset CurrentPage=GetFileFromPath(GetTemplatePath())>
<!---//--------------------------------------------------------------------
PART OF CODE ON USER PAGE(USERS.CFM)
<cfif IsDefined("URL.MM_logout") AND URL.MM_logout EQ "1">
<cflock scope="Session" type="Exclusive" timeout="30" throwontimeout="no">
<cfset Session.MM_Username="">
<cfset Session.MM_UserAuthorization="">
</cflock>
<cfset MM_logoutRedirectPage="index.cfm">
<cfif MM_logoutRedirectPage EQ "">
<cfset MM_logoutRedirectPage=CGI.SCRIPT_NAME>
</cfif>
<cfset MM_logoutQuery=ListDeleteAt(CGI.QUERY_STRING,ListContainsNoCase(CGI.QUERY_STRING,"MM_logout=","&"),"&")>
<cfif MM_logoutQuery NEQ "">
<cfif Find("?",MM_logoutRedirectPage) EQ 0>
<cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "?" & MM_logoutQuery>
<cfelse>
<cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "&" & MM_logoutQuery>
</cfif>
</cfif>
<cflocation url="#MM_logoutRedirectPage#" addtoken="no">
</cfif>
<cflock scope="Session" type="ReadOnly" timeout="30" throwontimeout="no">
<cfset MM_Username=Iif(IsDefined("Session.MM_Username"),"Session.MM_Username",DE(""))>
<cfset MM_UserAuthorization=Iif(IsDefined("Session.MM_UserAuthorization"),"Session.MM_UserAuthorization",DE(""))>
</cflock>
<cfif MM_Username EQ "" OR MM_UserAuthorization EQ "" OR ListFind("User",MM_UserAuthorization) EQ 0>
<cfset MM_referer=CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ "">
<cfset MM_referer=MM_referer & "?" & CGI.QUERY_STRING>
</cfif>
<cfset MM_failureURL="index.cfm?accessdenied=" & URLEncodedFormat(MM_referer)>
<cflocation url="#MM_failureURL#" addtoken="no">
</cfif>
<cfset CurrentPage=GetFileFromPath(GetTemplatePath())>
APPLICATION.CFM
<cfapplication sessionmanagement="yes" setclientcookies="yes" name="user_auth"
sessiontimeout="#CreateTimeSpan(0,0, 20, 0)#" applicationtimeout="#CreateTimeSpan(2,0, 0, 0)#">
|
|
GrowlyBear |
|
03-21-2007 @ 3:58 AM |
|
|
Moderator
Posts: 1314
Joined: May 2004
|
Where is the LOG OUT code?
~~~~~~~~~~~~~~~~~~~
CF Blogger
http://www.cfblogger.com
|
|
zionist |
|
03-23-2007 @ 7:20 AM |
|
|
Junior Member
Posts: 94
Joined: Feb 2007
|
this is the logout code for each page(note its a text link).it appears at the bottom of each page.
<a href="<cfoutput>#CurrentPage#?MM_logout=1</cfoutput>">LOG OUT</a>
|
|
zionist |
|
03-27-2007 @ 8:41 AM |
|
|
Junior Member
Posts: 94
Joined: Feb 2007
|
can someone please help me? when i try to login as an administrator in the address bar of the browser i get this "http://localhost:8500/arkright/index.cfm?accessdenied=%2Farkright%2Fuser%2Ecfm" but when i login as ordinary user login is successful.i need the login to work for administrators too.please bail me out.the login form and logout is at the beginning of the descussion
|
|
GrowlyBear |
|
03-27-2007 @ 9:45 AM |
|
|
Moderator
Posts: 1314
Joined: May 2004
|
unless it is not shown or in a file somewhere i do not see where the logout is clearing the session values.
so a logout is not really a logout. thus you have to wait till the session times out in the application.
~~~~~~~~~~~~~~~~~~~
CF Blogger
http://www.cfblogger.com
|
|
Webmaster |
|
03-27-2007 @ 11:56 AM |
|
|
Administrator
Posts: 4533
Joined: Jan 2002
|
I see this in your code
<cfif IsDefined("URL.MM_logout") AND URL.MM_logout EQ "1">
<cflock scope="Session" type="Exclusive" timeout="30" throwontimeout="no">
<cfset Session.MM_Username="">
<cfset Session.MM_UserAuthorization="">
</cflock>
<cfset MM_logoutRedirectPage="index.cfm">
<cfif MM_logoutRedirectPage EQ "">
<cfset MM_logoutRedirectPage=CGI.SCRIPT_NAME>
</cfif>
<cfset MM_logoutQuery=ListDeleteAt(CGI.QUERY_STRING,ListContainsNoCase(CGI.QUERY_STRING,"MM_logout=","&"),"&")>
<cfif MM_logoutQuery NEQ "">
<cfif Find("?",MM_logoutRedirectPage) EQ 0>
<cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "?" & MM_logoutQuery>
<cfelse>
<cfset MM_logoutRedirectPage=MM_logoutRedirectPage & "&" & MM_logoutQuery>
</cfif>
</cfif>
<cflocation url="#MM_logoutRedirectPage#" addtoken="no">
</cfif>
Now with that in mind; you have this on one page... not on the application.cfm... based on the way you are linking to logout; that is the issue. Basically you will need to actually either move to application.cfm or maybe even have a stand-alone file called "logout.cfm" and load that... make sense?
Pablo Varando 
Senior Application Architect
EasyCFM.COM, LLC.
904.483.1457 \\ mobile
webmaster@easycfm.com \\email
|
|
zionist |
|
03-29-2007 @ 7:49 AM |
|
|
Junior Member
Posts: 94
Joined: Feb 2007
|
can someone please give me a working solution.please this is a do or die situation i have tried to look at what you guys have said and i am greatful that you take time off to reply but i do not know what to do.please help.
|
|
GrowlyBear |
|
03-29-2007 @ 8:38 AM |
|
|
Moderator
Posts: 1314
Joined: May 2004
|
you built it with Dreamweaver built in stuff, surely it has the logout info.
We (most of us) build our own login/logout. Check the tutorial section of this site.
So to GIVE you a working solution is difficult as we do not have your pages. I know this sounds harsh but go to the tutorials and use the examples there.
They are cleaner , faster, and quite simple.
~~~~~~~~~~~~~~~~~~~
CF Blogger
http://www.cfblogger.com
|
|
GrowlyBear |
|
03-29-2007 @ 8:45 AM |
|
|
Moderator
Posts: 1314
Joined: May 2004
|
going through the DW help i saw this. since I'm not using a site i cannot see what the code is have you tried it?
Logging out users
When a user logs in successfully, a session variable is created that consists of the user name. When the user leaves your site, you can use the Log Out User server behavior to clear the session variable and redirect the user to another page (usually a "goodbye" or "thank you" page).
You can invoke the Log Out User server behavior when the user clicks a link or when a specific page loads.
To add a link to let users log out:
Select text or an image on a page to serve as the link.
In the Server Behaviors panel (Window > Behaviors), click the Plus (+) button and select User Authentication > Log Out User.
The Log Out User dialog box appears.
Specify a page to open when the user clicks the link.
The page is usually a "goodbye" or "thank you" page.
Click OK.
To log out a user when a specific page loads:
Open the page that will load in Dreamweaver.
The page is usually a "goodbye" or "thank you" page.
In the Server Behaviors panel, click the Plus (+) button and select User Authentication > Log Out User.
The Log Out User dialog box appears.
Select the Log Out When Page Loads option.
Click OK.
~~~~~~~~~~~~~~~~~~~
CF Blogger
http://www.cfblogger.com
|
|
zionist |
|
03-31-2007 @ 6:55 AM |
|
|
Junior Member
Posts: 94
Joined: Feb 2007
|
hi guys this must be nagging for you but i am desperate.i have read all documentation on dw server behaviours and cflogin wizard but i still cannot get the result i need.i have a database with two usergroups(admin and users)and i what to use cflogin wizard to authenticate users against the usergroups but cflogin users the defined username and password when creating it so i need a way to change the code it generates to have roles based authentication coz i want admin and user to view different pages.the cflogin documentation is confusing me.thanks.
|
