Copy link to clipboard
Copied
quote:
<cfcomponent>
<!--- --->
<cfscript>
this.name = 'myApp';
this.sessionManagement = true;
this.sessionTimeout = CreateTimeSpan(0,1,0,0);
this.sessionStorage = 'cookie';
this.applicationTimeout = CreateTimeSpan(0,1,0,0);
this.loginStorage = 'session';
this.setClientCookies = true;
request.dsn = 'myDbName';
request.cfc = 'www.inc.cfc';
</cfscript>
<!--- On Request Start --->
<cffunction name="onRequestStart">
<!--- Functions to run when user in Admin section --->
<cfif GetBaseTemplatePath() CONTAINS "\admin\">
<!--- check for user login --->
<cflogin idletimeout="3600">
<cfif NOT IsDefined("cflogin")>
<cfinclude template="admin/login.cfm">
<cfabort>
<cfelse>
<!--- check for user --->
<cfquery name="getUser" datasource="#request.dsn#">
SELECT *
FROM users
WHERE userStatus = 1
AND userUsername = '#cflogin.name#'
AND userPassword = '#cflogin.password#'
</cfquery>
<!--- login or boot --->
<cfif getUser.recordCount IS 1>
<cfif ISDefined('form.changePW')>
<cfscript>
args = StructNew();
args.username = '#cflogin.name#';
args.password = '#cflogin.password#';
args.newPass = '#form.newPass#';
</cfscript>
<cfinvoke component="#request.cfc#.userAdmin" method="pw" argumentcollection="#args#" returnvariable="vars.success"></cfinvoke>
<cfif vars.success IS false><cflocation url="#cgi.script_name#?msg=2" addtoken="no"><cfelse><cfset url.msg = 3></cfif>
</cfif>
<cfloginuser name="#cflogin.name#" password="#cflogin.password#" roles="#ValueList(getUser.userGroup)#" />
<cfelse>
<cflocation url="#request.adminRoot#/index.cfm?msg=1" addtoken="no">
</cfif>
<!--- get permissions for user --->
<cfquery name="getUserPerms" datasource="#request.dsn#">
SELECT p.*, r.*, pg.*, ug.*
FROM permissions AS p
INNER JOIN rights AS r ON r.rtsCode = p.permRightsID
INNER JOIN pages AS pg ON pg.pageID = p.permPageID
INNER JOIN userGroups AS ug ON ug.ugrpID = p.permGroupID
WHERE ug.ugrpID IN ('#getUser.userGroup#')
AND r.rtsStatus = 1
AND pg.pageStatus = 1
AND ug.ugrpStatus = 1
ORDER BY pageFile
</cfquery>
<!--- Set user session variables and go to homepage --->
<cflock scope="session" timeout="10">
<cfscript>
session.user = StructNew();
session.user.loggedIn = true;
session.user.username = '#cflogin.name#';
session.user.userFirstName = '#getUser.userFirstName#';
session.user.userLastName = '#getUser.userLastName#';
session.user.userAccount = '#getUser.userAccount#';
session.user.userGroup = '#getUser.userGroup#';
session.user.rights = StructNew();
if(getUserPerms.recordCount IS NOT 0){
session.user.ugrpGroupAssign = '#getUserPerms.ugrpGroupAssign#';
for(p=1; p LTE getUserPerms.recordCount; p=p+1){
SetVariable("session.user.rights.#getUserPerms.pageCode#.access", "#getUserPerms.permRightsID
#");
}
}
</cfscript>
</cflock>
</cfif>
</cflogin>
<!--- Check users rights on this page --->
<cfset request.pageArray = ListToArray(GetBaseTemplatePath(), '\')>
<cfset vars.pageArray = request.pageArray>
<cfif ISDefined('session.user.rights')>
<cfset vars.accessVar = "session.user.rights.#ListFirst(vars.pageArray[ArrayLen(vars.pageArray)], '.')#.access">
<cflock scope="session" timeout="10">
<cfif ISDefined(vars.accessVar)>
<cfset session.user.thisPageAccess = "#Evaluate(vars.accessVar)#">
<cfelse>
<cfset session.user.thisPageAccess = "n">
</cfif>
</cflock>
</cfif>
<cfif NOT ListFindNoCase('login.cfm,logout.cfm',vars.pageArray[ArrayLen(vars.pageArray)])>
<cfif session.user.thisPageAccess IS 'n'>
<cflocation url="#request.adminRoot#" addtoken="no">
</cfif>
</cfif>
</cfif>
</cffunction>
</cfcomponent>
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied