I ran your test, it came back with my info in the admin
section with my application set up. so here is my full
application.cfc file. in both directories:
Application.cfc in Main directory:
<cfcomponent output="false">
<cfscript>
THIS.name = "myWebsite";
THIS.sessionManagement=true;
THIS.clientManagement=true;
THIS.applicationTimeout = createTimeSpan(0,0,20,0);
THIS.sessionTimeout = createTimeSpan(0,0,20,0);
THIS.setClientCookies = 1;
THIS.setDomainCookies = 1;
THIS.scriptProtect = "All";
</cfscript>
<cffunction name="onApplicationStart" returntype="boolean"
output="false">
<cfset APPLICATION.appStarted = now()>
<cfif not isDefined ("APPLICATION.dataSource")>
<cfset APPLICATION.dataSource = "myDB">
</cfif>
<cfset APPLICATION.companyName = "myCompanyName">
<cfreturn true>
</cffunction>
<cffunction name="onSessionStart" returntype="any"
output="true">
<cfset SESSION.created = now()>
<cfset CLIENT.cfid = SESSION.cfid>
<cfset CLIENT.cftoken = SESSION.cftoken>
<cfif IsValidUser.recordcount eq 1>
<CFQUERY NAME="IsValidUser"
datasource="#APPLICATION.dataSource#">
SELECT user.id, user.Fname, user.Lname, user.admin
FROM user
WHERE userName =<cfqueryparam cfsqltype="cf_sql_varchar"
value="#FORM.userLogin#">
AND password =<cfqueryparam cfsqltype="cf_sql_varchar"
value="#FORM.userPassword#">
</CFQUERY>
<cflock scope="Session" type="EXCLUSIVE" TIMEOUT="20">
<cfset SESSION.auth = structNew()>
<cfset SESSION.auth.isLoggedIn = "Yes">
<cfset SESSION.auth.id = IsValidUser.id>
<cfset SESSION.auth.Fname = IsValidUser.Fname>
<cfset SESSION.auth.Lname = IsValidUser.Lname>
<cfset SESSION.auth.isAdminstrator =
IsValidUser.isAdminstrator>
</cflock>
</cfif>
</cffunction>
<cffunction name="onRequestStart" returntype="boolean"
output="true">
<cfset request.datasource = "myDB">
<cfset sitePath = "
http://www.myweb.com">
<cfset sitePath = "
http://www.myweb.com/Application.cfc">
<cfset sitePath = "
http://www.myweb.com/admin">
<cfset sitePath = "
http://www.myweb.com/admin/Application.cfc">
<cfreturn true>
</cffunction>
<cffunction name="onSessionEnd" returnType="void">
<cfargument name="theSession" type="struct"
required="true">
<cfset var duration =
dateDiff("s",arguments.theSession.created,now())>
<cflog file="#THIS.name#" text="Session lasted for
#duration# seconds.">
</cffunction>
<cffunction name="onApplicationEnd" returntype="void"
output="false">
<cfargument name="appScope" required="True">
<cflog file="#THIS.name#" text=
"App ended after
#dateDiff('n',ARGUMENTS.appScope.appStarted,now())# minutes.">
</cffunction>
</cfcomponent>
ProxyApplication.cfc (In main directory, I do not own the
server and it is shared hosting so I need this to make a secure
directory, so I read and it seems to work)
<cfcomponent extends="Application">
</cfcomponent>
Application.cfc in the locked directory:
<cfcomponent output="false" extends="ProxyApplication">
<cffunction name="OnRequestStart" output="false"
returntype="string">
<cfif NOT isDefined("SESSION.auth.isLoggedIn")>
<cflocation url="../sitemanager.cfm" addtoken="no">
<cfabort>
<cfelseif isDefined("FORM.UserLogin")>
<cfinclude template="../LoginCheck.cfm">
<cfreturn true>
</cfif>
</cffunction>
</cfcomponent>
then there is the LoginCheck page with the session code I
posted in the first post.