• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Session variable problems

New Here ,
Sep 24, 2017 Sep 24, 2017

Copy link to clipboard

Copied

CFBuilder admin storage
15cdb5dcb6.jpg

Application.cfm

34ed7586e1.jpg

Login,cfm

392afe95fd.jpg

part of page when i want to use login including.

49bc67a960.jpg

Hello everyone, please help me understand these sessions' behavior.
The whole problem consists in attempting to pass variables from one page to another.
So after login i don't see the session.user in session struct.
How can i pass this?

Have already tried different browsers.

Views

688

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Sep 25, 2017 Sep 25, 2017

Copy link to clipboard

Copied

You are setting session timeout in the application to 10 seconds. It will time out after this amount of time, which is probably around the time you take to navigate after signing in.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Sep 25, 2017 Sep 25, 2017

Copy link to clipboard

Copied

It is just a tryings to prevent this misunderstandable actions. Previously it was 20 minuts. All in all it works , but nothing was changed in passing the variables betwenn page, There are no variable " Session.user "

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Sep 26, 2017 Sep 26, 2017

Copy link to clipboard

Copied

LATEST

I see no need for the following code:

<cfif structkeyexists(session, "loggedIn")>

    <cfset session.loggedIn = "yes">

<cfelse>

    <cfset session.loggedIn = "no">

</cfif>

In fact, there might a problem with the design. When the user comes in at the start, structkeyexists(session, "loggedIn") is No. This code sets session.loggedIn to No. But by doing so, the code makes structkeyexists(session, "loggedIn") to become true. And, because structkeyexists(session, "loggedIn") is true at the next request, session.loggedIn will be Yes! In this way, the user goes from no defined session to a logged-in session without having filled the login form.

I would delete this code. I would then change the logic for showing the form to:

<cfif structkeyexists(session, "loggedIn") is "no" or session.loggedIn is "no">

    <cfinclude template="login.cfm">

</cfif>

On a different note, tighten your security with:

    WHERE login=<cfqueryparam value="#form.login#" cfsqltype="CF_SQL_VARCHAR">

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation