Exit
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0

Session variable problems

New Here ,
Sep 24, 2017 Sep 24, 2017

CFBuilder admin storage
15cdb5dcb6.jpg

Application.cfm

34ed7586e1.jpg

Login,cfm

392afe95fd.jpg

part of page when i want to use login including.

49bc67a960.jpg

Hello everyone, please help me understand these sessions' behavior.
The whole problem consists in attempting to pass variables from one page to another.
So after login i don't see the session.user in session struct.
How can i pass this?

Have already tried different browsers.

752
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Sep 25, 2017 Sep 25, 2017

You are setting session timeout in the application to 10 seconds. It will time out after this amount of time, which is probably around the time you take to navigate after signing in.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Sep 25, 2017 Sep 25, 2017

It is just a tryings to prevent this misunderstandable actions. Previously it was 20 minuts. All in all it works , but nothing was changed in passing the variables betwenn page, There are no variable " Session.user "

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Sep 26, 2017 Sep 26, 2017
LATEST

I see no need for the following code:

<cfif structkeyexists(session, "loggedIn")>

    <cfset session.loggedIn = "yes">

<cfelse>

    <cfset session.loggedIn = "no">

</cfif>

In fact, there might a problem with the design. When the user comes in at the start, structkeyexists(session, "loggedIn") is No. This code sets session.loggedIn to No. But by doing so, the code makes structkeyexists(session, "loggedIn") to become true. And, because structkeyexists(session, "loggedIn") is true at the next request, session.loggedIn will be Yes! In this way, the user goes from no defined session to a logged-in session without having filled the login form.

I would delete this code. I would then change the logic for showing the form to:

<cfif structkeyexists(session, "loggedIn") is "no" or session.loggedIn is "no">

    <cfinclude template="login.cfm">

</cfif>

On a different note, tighten your security with:

    WHERE login=<cfqueryparam value="#form.login#" cfsqltype="CF_SQL_VARCHAR">

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources