Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsGeneralPHPASPPerlColdFusionFlashHTML, CSS, ScriptsBrowsers

Webmaster Forum / ColdFusion / Advanced Techniques / September 2007


Tip: Looking for answers? Try searching our database.

CFLOGIN  VS CFFORM

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
TheScarecrow - 10 Sep 2007 15:07 GMT
I am wondering what the difference between using CFLOGIN and a CFFORM for a login page? Is one better than the other?
Reply to this Message
Dan Bracuk - 10 Sep 2007 15:44 GMT
The difference?  I'm trying to see a similarity.
Reply to this Message
Ian Skinner - 10 Sep 2007 15:51 GMT
> I am wondering what the difference between using CFLOGIN and a CFFORM for a login page? Is one better than the other?

One creates a front end user interface and the other causes back end
logic to be run if one there is no <cfloginuser...> in effect.

<cfform...> creates forms (html, dhtml or flash) with optional client
and|or server interaction for validation and other effects.

<cflogin...> is a specific purpose 'if' block.  If a user is not logged
in with a <cfloginuser...> tag, run the code inside the <cflogin...>
block, otherwise skip it.

Other then that, they are very similar:-)
Reply to this Message
TheScarecrow - 10 Sep 2007 16:04 GMT
Is one more secure than than the other?
Reply to this Message
Ian Skinner - 10 Sep 2007 16:19 GMT
> Is one more secure than than the other?

Ummmm.... I supose so????  A <cflogin...> without a <cfform...> - or
some other method of user input - would be VERY secure because a user
will never be able to login!

They are completely different things, we are not even comparing apples
and oranges we are comparing apples and pulsars!

A <cfform...> is neither secure or insecure.  It is simply one way to
make a user interface.  What you do with the data provided by the
interface and how you protect yourself from malevolent input is what
will determine if an application is secure or not.

<cflogin...> is just a fancy "IF" statement.  What you put inside that
if statement to evaluate the input provided by the user will determine
how secure the application is or is not.

In and of themselves neither provide any security nor do they create
security holes.  They just are.  It's what the developer puts inside
them that will determine how secure an application is.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.