Skip navigation
Currently Being Moderated

Session variables are set, then immediately disappear. What now?

May 7, 2009 11:52 AM

Ok, this is strange. Maybe because I'm darn tire. But anyway...

 

I have a simple login script that checks stuff and then if successful logs them in via setting session variables into the session via a struct like so:

 

<cfset session.user = {} />

 

I then set all my other user specific stuff in this struct. That's straightforward...and when I dump session.user...it shows the data. However, if I refresh the page, this session variable disappears. If I simply dump "session" then I see the usual CFID and CFTOKEN stuff. So session is enabled and ready, but why then does it disappear?

 

I have done stuff like this before so I really can't see what's happening. The session timeout is also set to 30 minutes in the Application.cfc so that shouldn't be it.

 

My CFC code is below.

 

Many thanks,

Mikey.

 

==================================

 

<cffunction name="authenticateUser" returntype="void" output="true" access="public" displayname="authenticateUser">

 

        <cfargument name="userName" type="string" />
        <cfargument name="userPassword" type="string" />
        <cfargument name="userCaptcha" type="string" />
        <cfargument name="userCaptchaEncrypted" type="string" />
       
        <cfset var local = {} />
        <cfset local.fieldsValid = true />

 

        <cfif not len(trim(arguments.userName))>
            <cfset request.messagesObject.addMessage("info","User name is required.") />
            <cfset local.fieldsValid = false />
        </cfif>
       
        <cfif not len(trim(arguments.userPassword))>
            <cfset request.messagesObject.addMessage("info","Password is required.") />
            <cfset local.fieldsValid = false />
        </cfif>
       
        <cfif not len(trim(arguments.userCaptcha))>
            <cfset request.messagesObject.addMessage("info","The security code is required.") />
            <cfset local.fieldsValid = false />
        <cfelse>
            <cfif not trim(arguments.userCaptcha) eq decrypt(arguments.userCaptchaEncrypted,"iloveyou","CFMX_COMPAT","Hex" )>
                <cfset request.messagesObject.addMessage("error","The security code entered was incorrect.") />
                <cfset local.fieldsValid = false />
            </cfif>
        </cfif>
       
        <cfif len(trim(arguments.userCaptcha)) neq 5>
            <cfset request.messagesObject.addMessage("info","The security code must be 5 characters in length.") />
            <cfset local.fieldsValid = false />
        </cfif>
       
        <cfif not len(trim(arguments.userCaptchaEncrypted))>
            <cfset request.messagesObject.addMessage("error","The encrypted security code is required by the system but was not found.") />
            <cfset local.fieldsValid = false />
        </cfif>

 

        <cfif local.fieldsValid>
       
            <!---<cftry>--->

 

                <cflock name="lockGetUser" type="exclusive" timeout="30">
               
                    <cfquery name="local.qryGetUser" datasource="#request.dsn#" username="#request.username#" password="#request.password#">
                    SELECT userID, userName, userPassword, userRole, userDeleted
                    FROM #request.tbl_users#
                    WHERE userName = <cfqueryparam cfsqltype="cf_sql_varchar" value="#trim(arguments.userName)#" />
                    AND userPassword = <cfqueryparam cfsqltype="cf_sql_varchar" value="#trim(arguments.userPassword)#" />
                    AND userDeleted = 0
                    </cfquery>
                   
                </cflock>
               
                <cfif local.qryGetUser.recordcount eq 1>
               
                    <cflock scope="session" timeout="30" type="exclusive">
                   
                        <cfset session.user = {} />
                        <cfset session.user.username = local.qryGetUser.userName />
                        <cfset session.user.role = local.qryGetUser.userRole />
                        <cfset session.user.id = local.qryGetUser.userID />
                       
                        <cfdump var="#session.user#" />
                       
                    </cflock>

 

                    <cfset request.messagesObject.addMessage("ok","Welcome " & htmlEditFormat(local.qryGetUser.userName) & ". You have been logged in.") />

 

                <cfelse>   
                    <cfset request.messagesObject.addMessage("error","Invalid user name / password combination.") />
                </cfif>
   
                <!---<cfcatch type="any">
                    <cfset request.messagesObject.addMessage("error","authenticateUser() " & cfcatch) />
                </cfcatch>
   
            </cftry>--->
           
        </cfif>
       
    </cffunction>

 
Replies
  • Currently Being Moderated
    May 7, 2009 12:23 PM   in reply to Kapitaine
    <cfset session.user = {} />

     

    That's dicey! I expected the done thing, namely, <cfset session.user = "">. Could you show us the code in Application.cfc? That's where the engine usually needs oiling.

     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points