cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
0
Upvote

Login page

Dave_Blake
New Here ,
Aug 25, 2006 Aug 25, 2006
I have set up an adminstrator login segment to a website in which a person would access database info and update it. However, in testing accessing the page without first loggin in, the page is still displaying the page contents with the login message when it sould only be showing the error message. Why is my page content still being displayed?

Here's the code:
<cfinclude template="include_CheckAuthority.cfm">
<title>UpdatePrice</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<cfquery name= "Updateprice"
datasource="UticaRenew_accesscf_Price">
SELECT * FROM Price WHERE PriceID = 1
</cfquery>
<cfoutput query= "Updateprice">
<form action="Updateprices.cfm" method="post">
<table width="360" border="1">
<tr align="center" valign="middle">
<td width="111" class="Copy"><div align="right">E85 Price</div></td>
<td width="119"><div align="center">
<input name="E85" type="text" value="#E85#" maxlength="10">
</div></td>
</tr>
<tr align="center" valign="middle">
<td class="Copy"><div align="right">15% Price</div></td>
<td><input name="Fifteen" type="text" value="#Fifteen#" maxlength="10"></td>
</tr>
<tr align="center" valign="middle">
<td class="Copy"><div align="right">20% Price</div></td>
<td><input name="Twenty" type="text" value="#Twenty#" maxlength="10"></td>
</tr>
<tr>
<td colspan="2"><div align="center">
<input name="submit" type="submit" id="ModifyPosting" value="Update Prices">
</div></td>
</tr>
</table>
</form>
</cfoutput>
TOPICS
Getting started
760
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 12 Replies 12
latest latest Jump to latest reply
Guest
Aug 25, 2006 Aug 25, 2006
The page as shown is a self-contained ColdFusion script. There is nothing there that tells it not to execute. I presume you want something like...

<CFIF loggedIn>
code as shown above
<CFELSE>
error - please log in.
</CFIF>
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
inactiveforumnotifier
Explorer ,
Aug 25, 2006 Aug 25, 2006
The page as shown is a self-contained ColdFusion script. There is nothing there that tells it not to execute. I presume you want something like...

<CFIF loggedIn>
code as shown above
<CFELSE>
error - please log in.
</CFIF>
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dave_Blake
New Here ,
Aug 25, 2006 Aug 25, 2006
I created this based on coding that someone else had set up in a tutorial. As I understand it, wouldn't my <cfinclude template="include_CheckAuthority.cfm" statement have the page first use the checkAutority.cfm page code first which verifies if the user is logged in?

Here's the coding for that page along with its comments:

<!--- include_CheckAuthority.cfm --->
<!--- This file is used to check whether or not a user is logged in, and can be included --->
<!--- in any page that needs to be "protected" from the unauthorized user --->

<!--- Initialize our boolean flag to FALSE, saying the user is not yet verified --->
<cfset bLoggedIn = False>

<!--- First, we check the session variable --->
<cfif IsDefined("Session.UserID")>
<cfif Session.UserID neq "">
<!--- if it is not false, we can assume that we have stored the session.userid --->
<!--- so we set logged in to True - meaning the user is verified --->
<cfset bLoggedIn = True>
</cfif>


<cfelse>
<!--- If there is NO session variable, that's OK, we can check for a cookie that we set --->
<!--- to store the user id long term. --->
<cfif IsDefined("Cookie.UserID")>
<cfif Cookie.UserID neq "">
<!--- if there is a cookie, save it into the session variable --->
<cfset Session.UserID = Cookie.UserID>
<!--- set logged in to True, because this user is verified --->
<cfset bLoggedIn = True>
</cfif>
</cfif>
</cfif>

<!--- Check to make sure that the user was verified --->
<cfif bLoggedIn eq False>
<!--- If not, then include an error file -basically saying you are not authorized --->
<!--- to view this page, and then exit processing of the template, so they don't see the rest --->
<cfinclude template="myErrorFile.cfm">
<cfexit>
</cfif>
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Aug 25, 2006 Aug 25, 2006
Do you have an Application.cfm page? If you are going to use session variables, you need to enable them using <CFAPPLICATION> Check out http://livedocs.macromedia.com/coldfusion/5.0/CFML_Reference/Tags5.htm#1097308
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dave_Blake
New Here ,
Aug 25, 2006 Aug 25, 2006
Yes, it came with that coding as well.

Here it is:

<cfapplication name="loginApp" sessionmanagement="Yes" clientmanagement="yes" sessiontimeout="20">
<cfparam name="Session.UserName" default="">
<cfparam name="Session.Password" default="">
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Aug 25, 2006 Aug 25, 2006
Change sessiontimeout:
sessionTimeout = #CreateTimeSpan(days, hours, minutes, seconds)#
Check out the livedocs link I provided.
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dave_Blake
New Here ,
Aug 25, 2006 Aug 25, 2006
That didn't seem to help. Just to verify, I want to make sure you understand what my problem is. When I try to access the page that requires user authentification, it does give my error message that I need to go to the login page. But it also displays the sensitive database information. So what's happening is that it goes through my checkAuthority.cfm template which says I didn't enter a username and to send back the error message, but it also is processing the rest of the page to include the database info which should not be processed. I want the page to stop processing at that point. Hope that helps.
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Aug 27, 2006 Aug 27, 2006
In Response To Dave_Blake
Why not do this instead...


<!--- Check to make sure that the user was verified --->
<cfif bLoggedIn eq False>
<!--- If not, then include an error file -basically saying you are not authorized --->
<!--- to view this page, and then exit processing of the template, so they don't see the rest --->
<cflocation url="myLoginPage.cfm" addToken="no">
</cfif>
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Aug 27, 2006 Aug 27, 2006
Save your current page, without the line <cfinclude template="include_CheckAuthority.cfm"> , as updatePage.cfm. Then do something along the lines of the code below.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dave_Blake
New Here ,
Aug 28, 2006 Aug 28, 2006
With the coding you have above, is that going at the beginning of the updatepage.cfm page itself ?
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dave_Blake
New Here ,
Aug 28, 2006 Aug 28, 2006
Actually, I did the small revision that D.Brown suggested and it seemed to work- it just sent me to my login page. That should solve the issue for me. Thanks for all your help everyone!

Dave
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Aug 28, 2006 Aug 28, 2006
LATEST
With the coding you have above, is that going at the beginning of the updatepage.cfm page itself ?

No. Put it in the usual place for such authentication code, in Application.cfm.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices