Session variable problems

Forum|Forum|8 years ago
September 24, 2017
2 replies
800 views

CFBuilder admin storage

Application.cfm

Login,cfm

part of page when i want to use login including.

Hello everyone, please help me understand these sessions' behavior.
The whole problem consists in attempting to pass variables from one page to another.
So after login i don't see the session.user in session struct.
How can i pass this?

Have already tried different browsers.

This topic has been closed for replies.

BKBK

Community Expert

I see no need for the following code:

</cfif>

In fact, there might a problem with the design. When the user comes in at the start, structkeyexists(session, "loggedIn") is No. This code sets session.loggedIn to No. But by doing so, the code makes structkeyexists(session, "loggedIn") to become true. And, because structkeyexists(session, "loggedIn") is true at the next request, session.loggedIn will be Yes! In this way, the user goes from no defined session to a logged-in session without having filled the login form.

I would delete this code. I would then change the logic for showing the form to:

</cfif>

On a different note, tighten your security with:

WHERE login=<cfqueryparam value="#form.login#" cfsqltype="CF_SQL_VARCHAR">

H

haxtbh

Inspiring

You are setting session timeout in the application to 10 seconds. It will time out after this amount of time, which is probably around the time you take to navigate after signing in.

B

bkmzb93163622Author

Participant

It is just a tryings to prevent this misunderstandable actions. Previously it was 20 minuts. All in all it works , but nothing was changed in passing the variables betwenn page, There are no variable " Session.user "

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded