0 Replies Latest reply on Aug 29, 2013 2:07 PM by iccsi

    ColdFusion Security Example

    iccsi Level 1

      http://help.adobe.com/en_US/ColdFusion/9.0/Developing/WSc3ff6d0ea77859461172e0811cbec22c24 -7c30.html

       

      I followed above link to create a user login function.

      I want to it shows user welcome message and set login input invisible and give user logout button to logout.

      It gives me login form, but it does not show welcome message and login input still on the form.

       

      Here is my code which is exatly from above link.

      Can you please help me to see any mistake in my code or modify the code to make login to show welcome message and invisible login input and give user logout button?

       

      Your help and information is great appreciated,

       

      Regards,

       

      Iccsi,

       

      <cffunction

      name="OnRequestStart"

      access="public"

      returntype="boolean"

      output="false"

      hint="Fires at first part of page processing.">

       

       

       

      <!---Define arguments.--->

      <cfargument

      name="TargetPage"

      type="string"

      required="true"

      />

      <cfif IsDefined("Form.logout")>

          <cflogout>

      </cfif>

       

      <cflogin>

         <cfif not isdefined("cflogin")>

            <cfinclude template="loginform.cfm">

            <cfinclude template="index.cfm">

            <cfabort>

         <cfelse>

                    <cfif cflogin.name IS "" OR cflogin.password IS "">

                <cfoutput>

                  <h2>You must enter text in both the user name and password fields.</h2>

                </cfoutput>

                <cfinclude template="Common/loginform.cfm">

                <cfinclude template="index.cfm">

                <cfabort>

               <cfelse>

                 <cfstoredproc procedure="MySP" datasource="MySource">

                 <cfprocparam value="#cflogin.name#" cfsqltype="cf_sql_char">

                 <cfprocparam value="#cflogin.password#" cfsqltype="cf_sql_char">

                 <cfprocresult name="myUser" resultset="1">

                 </cfstoredproc>

                 <cfif myUser.UserRoles NEQ "">

                   <cfloginuser name="#cflogin.name#" password="#cflogin.password#" roles="#myUser.UserRoles#">

                  <cfelse>

                    <cfoutput>

                     <h2>Your login information is not valid.<br>

                      Please try again</h2>

                    </cfoutput>

                    <cfinclude template="loginform.cfm">

                    <cfinclude template="index.cfm">

                    <cfabort>

                 </cfif>

               </cfif>

             </cfif>

          </cflogin>     

         

          <cfif GetAuthUser() NEQ "">

                  <cfoutput>

                     <form action="securitytest.cfm" method="post">

               <input type="Submit" Name="Logout" Value="Logout">

             </cfoutput>

          </cfif>  

       

         

       

       

       

      <!--- Return out. --->

      <cfreturn true />

      </cffunction>