Pass Hidden Field (Rep ID) as Parameter when user logs into site

Forum|Forum|14 years ago
June 17, 2011
3 replies
1063 views

I have set-up user validation to my site based on a userID and password, but I want to also pass a hidden field/parameter (RepID) to the rest of the site pages so that I can filter my record sets on those pages based on that RepID parameter.

I have coded everything the way I thought it should be, but I'm getting the following error when I test it and from what I can see it is defined...

Element PSWD is undefined in FORM.

Here is the form coding, as well as the CF coding for the user validation...

...................................................................... ...................................................................... ..

<form id="login" name="login" method="POST" action="<cfoutput>#MM_loginAction#</cfoutput>">
                <table border="0" cellspacing="0" cellpadding="5">
                  <tr>
                    <td height="35" class="text_bold">Email</td>
                    <td height="35"><label for="email"></label>
                      <input type="text" name="email" id="email" /></td>
                  </tr>
                  <tr>
                    <td height="35" class="text_bold">Password</td>
                    <td height="35"><label for="pswd"></label>
                      <input name="pswd" type="password" id="pswd" value="<cfoutput>#rsWeblogin#</cfoutput>" /></td>
                  </tr>
                  <tr>
                    <td height="35" class="text_bold"><input name="salesman_id" type="hidden" id="salesman_id" value="<cfoutput>#rsWeblogin.SALESMAN_ID#</cfoutput>" /></td>
                    <td height="35"><input type="submit" name="submit" id="submit" value="Submit" /></td>
                  </tr>
                </table>
              </form>

...................................................................... ...................................................................... ..

<cfparam name="FORM.email" default="1">
<cfquery name="rsWeblogin" datasource="INSORB">
SELECT *
FROM dbo.WEBLOGIN
WHERE E_MAIL = <cfqueryparam value="#FORM.email#" cfsqltype="cf_sql_clob" maxlength="64">
</cfquery>
<cfif IsDefined("FORM.email")>
    <cfset MM_redirectLoginSuccess="index.cfm">
    <cfset MM_redirectLoginFailed="login.cfm">
    <cfquery name="MM_rsUser" datasource="INSORB">
    SELECT E_MAIL,PSWD FROM dbo.WEBLOGIN WHERE E_MAIL=<cfqueryparam value="#FORM.email#" cfsqltype="cf_sql_clob" maxlength="64"> AND PSWD=<cfqueryparam value="#FORM.pswd#" cfsqltype="cf_sql_clob" maxlength="15">
    </cfquery>
    <cfif MM_rsUser.RecordCount NEQ 0>
      <cftry>
        <cflock scope="Session" timeout="30" type="Exclusive">
          <cfset Session.MM_Username=FORM.email>
          <cfset Session.MM_UserAuthorization="">
        </cflock>
        <cfif IsDefined("URL.accessdenied") AND true>
          <cfset MM_redirectLoginSuccess=URL.accessdenied>
        </cfif>
        <cflocation url="#MM_redirectLoginSuccess#" addtoken="no">
        <cfcatch type="Lock">
          
        </cfcatch>
      </cftry>
    </cfif>
    <cflocation url="#MM_redirectLoginFailed#" addtoken="no">
    <cfelse>
    <cfset MM_LoginAction=CGI.SCRIPT_NAME>
    <cfif CGI.QUERY_STRING NEQ "">
      <cfset MM_LoginAction=MM_LoginAction & "?" & XMLFormat(CGI.QUERY_STRING)>
    </cfif>
</cfif>

...................................................................... ...................................................................... ..

Any help would be greatly appreciated!

This topic has been closed for replies.

J

jaimeyunkerAuthor

Participant

The userID and the repID are both unique to the user, but are used for different identification purposes. Both fields are in the same user login table...

I was able to solve the problem by adding <cfset Session.RepID=MM_rsUser.SALESMAN_ID> and adding the SALESMAN_ID field to the <cfquery>

Now it works great!

Thank you for all your responses!

R

Ron_Stewart

Inspiring

I don't have anything definitive to offer other than a couple of questions based on what I see on your login form:

1. What is rsWeblogin that you are using to initialize the password field PSWD on the form? I would have expected the password field to be left empty in generating the form...

2. The use of "#rsWeblogin#" to initialize the PSWD field, coupled with the use of "#rsWeblogin.salesman_ID#" to initialize the hidden field strike me as odd; that second one would lead me to believe rsWeblogin is a structure of some sort, and I'm not sure what you would be getting crunched into the password field as a result...

Maybe one of those might give you some sort of clue?

In addition, if the password field is left empty on the form itself, you may well not be getting a FORM.pswd variable coming through the submittal. You may need to either check that it is defined (probably best) or cfparam it to a known value that would never be used for a "real" password (problematic for all sorts of reasons) before using it in the authentication logic.

--

/ron

D

Dan_Bracuk

Inspiring

On whatever page is throwing the error, cfdump your form before any other code is executed.

Element PSWD is undefined in FORM.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded