 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion GroupsGeneralPHPASPPerlColdFusionFlashHTML, CSS, ScriptsBrowsers |
Webmaster Forum / ColdFusion / Advanced Techniques / January 2006Very strange <cflogin> stuff
OK, this is very strange. When startup my browser, and go to the login screen, type my username and password, and post the form, it doesn't get in <cflogin>. The session variables I want to set are not set, and things go wrong. However, if I logout using <cflogout>, and try again, it works like a charm?! When I close the browser then after the session has timed out, and restart it, and try to login again, then I bump into the same problem... My Application.cfc: <cfcomponent> <cfset This.name="blablabla"> <cfset This.Sessionmanagement="True"> <cfset This.loginstorage="session"> <cfset This.sessionTimeout=CreateTimeSpan(0,0,30,0)> <cffunction name="OnRequestStart"> <!--- init variables ---> <cfset foo=initRequest()> <cfset request.preview=0> <!--- logout ---> <cfif StructKeyExists(URL,"logoutrequest")> <cflogout> </cfif> <!--- login ---> <cflogin> <cfif StructKeyExists(URL,"loginrequest") AND NOT IsDefined("cflogin")> <cfinclude template="style/header.cfm"> <cfinclude template="login/login.cfm"> <cfinclude template="style/footer.cfm"> <cfabort> <cfelseif IsDefined("cflogin")> <cfif cflogin.name EQ "" OR cflogin.password EQ ""> <cfset URL.er=2> <cfinclude template="style/header.cfm"> <cfinclude template="login/login.cfm"> <cfinclude template="style/footer.cfm"> <cfabort> <cfelse> <cfquery name="getuserinfo" datasource="#request.dsn.site#"> SELECT userid, username, password, isadmin, partnerid, username, firstname, surname, email FROM users WHERE username = '#cflogin.name#' AND password = '#Hash(cflogin.password)#' AND isactive=1 </cfquery> <cfif getuserinfo.RecordCount NEQ 1> <!--- user/pass combination not found in the database! ---> <cfset URL.er=1> <cfinclude template="style/header.cfm"> <cfinclude template="login/login.cfm"> <cfinclude template="style/footer.cfm"> <cfabort> <cfelse> <cfset roles="user"> <cfif getuserinfo.isadmin> <cfset roles=ListAppend(roles,"admin")> </cfif> <cfif getuserinfo.partnerid GT 0 OR getuserinfo.isadmin> <cfset roles=ListAppend(roles,"partner")> </cfif> <cfloginuser name="#cflogin.name#" Password="#cflogin.password#" roles="#roles#"> <cfset foo=setSession(getuserinfo)> </cfif> </cfif> </cfif> </cflogin> <cfif cgi.script_name contains "/admin/" AND NOT isUserInRole("admin")> <cflocation url="#request.site.root#/index.cfm" addtoken="No"> <cfelseif cgi.script_name contains "/partner/" AND NOT isUserInRole("partner")> <cflocation url="#request.site.root#/index.cfm" addtoken="No"> </cfif> <!--- set partner options ---> <cfif IsUserInRole("partner")> <cfset foo=setPartnerIPs()> </cfif> <!--- URL.preview ---> <cflock scope="session" timeout="10" type="exclusive"> <cfif StructKeyExists(URL,"preview")> <cfif IsNumeric(URL.preview)> <cfset session.preview=URL.preview> </cfif> <cfelseif NOT StructKeyExists(session,"preview")> <cfset session.preview=0> </cfif> <cfset request.preview=session.preview> </cflock> <!--- update page viewcount ---> <cfset foo=updatePageViewCount()> <!--- copy session to request ---> <cfset foo=copySessionToRequest()> <!--- get URL variables from script name ---> <cfset foo=transformSlashesToURL()> <!--- get user's ads ---> <cfset foo=getUserAds()> <!--- display header ---> <cfif NOT StructKeyExists(URL,"print")><cfinclude template="style/header.cfm"></cfif> </cffunction> <cffunction name="onSessionStart" returnType="void"> <cflock name="AppLock" timeout="5" type="Exclusive"> <cfif NOT StructKeyExists(Application,"sessions")> <cfset Application.sessions=0> </cfif> <cfset Application.sessions = Application.sessions+1> </cflock> </cffunction> <cffunction name="onSessionEnd" returnType="void"> <cfargument name="SessionScope" required=True/> <cfargument name="ApplicationScope" required=True/> <cflock name="AppLock" timeout="5" type="Exclusive"> <cfset ApplicationScope.sessions = ApplicationScope.sessions-1> </cflock> <cfif StructKeyExists(SessionScope,"user")> <cfif StructKeyExists(SessionScope.user,"userid")> <cfquery name="logoutuser" datasource="jpgames"> UPDATE users SET isloggedin=false WHERE userid=#SessionScope.user.userid# </cfquery> </cfif> </cfif> </cffunction> <cffunction name="initRequest" access="private" output="no"> <cfset request.dsn = StructNew()> <cfset request.colors = ArrayNew(1)> <cfset request.site = StructNew()> <!--- settings ---> <cfset request.dsn.site = "jpgames"> <cfset request.site.root = "http://www.jpgames.net/staging"> <cfset request.site.name = "jpgames.net"> <cfset request.colors[1] = "##FCFFE0"> <cfset request.colors[2] = "##EBFDCC"> <cfset request.colors[3] = "##FCFFF0"> <cfset request.priorityhours = 48> <cfset request.lastrequiredupdate = 1137024000> <!--- /settings ---> <cfmodule template="scripts/parts/Date.cfm" createnowinseconds="blabla"> <cfset request.nowinseconds=nowinseconds> <cfquery name="getsettings" datasource="#request.dsn.site#"> SELECT settingid, settingvalue FROM settings </cfquery> <cfset request.settings=ArrayNew(1)> <cfloop query="getsettings"> <cfset request.settings[settingid]=settingvalue> </cfloop> </cffunction> <cffunction name="setSession" access="private" output="yes"> <cfargument type="query" name="getuserinfo" required="true"> HALLO! <cflock scope="session" timeout="10" type="exclusive"> <cfif NOT StructKeyExists(session,"user")> <!--- user logged in correctly, set session variables ---> <cfset session.user=StructNew()> <cfset session.user.userid=getuserinfo.userid> <cfset session.user.username=getuserinfo.username> <cfif getuserinfo.partnerid GT 0> <cfset session.preview=getuserinfo.partnerid> <cfelse> <cfset session.user.ispartner=false> </cfif> <cfset session.user.firstname=getuserinfo.firstname> <cfset session.user.surname=getuserinfo.surname> <cfset session.user.email=getuserinfo.email> <cfquery name="updateuserinfo" datasource="#request.dsn.site#"> UPDATE users SET lastlogindate=#request.nowinseconds#, isloggedin=true WHERE username = '#getuserinfo.UserName#' AND userid = #getuserinfo.UserID# </cfquery> </cfif> </cflock> </cffunction> <cffunction name="copySessionToRequest" access="private" output="no"> <cflock scope="session" timeout="10" type="readonly"> <cfif StructKeyExists(session,"user")> <cfset request.user=StructNew()> <cfset request.user=Duplicate(session.user)> </cfif> </cflock> </cffunction> <cffunction name="setPartnerIPs" roles="partner" access="private" output="no"> <cfquery name="getpartnerips" datasource="#request.dsn.site#"> SELECT ipaddress FROM partnerips </cfquery> <cfset partneriplist=ValueList(getpartnerips.ipaddress)> <cfif ListFind(partneriplist,cgi.remote_addr) GT 0> <cfset session.clickedgame=true> </cfif> </cffunction> <cffunction name="updatePageViewCount" access="private" output="no"> <cfquery name="getid" datasource="#request.dsn.site#"> SELECT pagecountid, viewcount FROM pagecounts WHERE page='#cgi.script_name#' </cfquery> <cfif getid.recordcount GT 0> <cfquery name="updatepagecount" datasource="#request.dsn.site#"> UPDATE pagecounts SET viewcount=viewcount+1 WHERE pagecountid=#getid.pagecountid# </cfquery> <cfset request.pageview=getid.viewcount+1> <cfelse> <cfquery name="createpagecount" datasource="#request.dsn.site#"> INSERT INTO pagecounts (page, viewcount) VALUES ('#cgi.script_name#',1) </cfquery> <cfset request.pageview=1> </cfif> </cffunction> <cffunction name="transformSlashesToURL" access="private" output="no"> <cfif cgi.path_info CONTAINS ".cfm"> <cfset plus=2> <cfelse> <cfset plus=0> </cfif> <cfif ListLen(cgi.path_info,"/") EQ 2+plus> <cfif ListGetAt(cgi.path_info,1+plus,"/") EQ "show"> <cfset URL.show=ListLast(cgi.path_info,"/")> <cfelseif ListGetAt(cgi.path_info,1+plus,"/") EQ "start"> <cfset URL.start=ListLast(cgi.path_info,"/")> </cfif> <cfelseif ListLen(cgi.path_info,"/") EQ 5+plus> <cfif ListGetAt(cgi.path_info,1+plus,"/") EQ "typeid_a"> <cfset URL.typeid_a=ListGetAt(cgi.path_info,2+plus,"/")> <cfset URL.sortby_a=ListGetAt(cgi.path_info,4+plus,"/")> <cfset URL.term_a=""> <cfelseif ListGetAt(cgi.path_info,1+plus,"/") EQ "typeid_g"> <cfset URL.typeid_g=ListGetAt(cgi.path_info,2+plus,"/")> <cfset URL.sortby_g=ListGetAt(cgi.path_info,4+plus,"/")> <cfset URL.term_g=""> </cfif> <cfelseif ListLen(cgi.path_info,"/") EQ 6+plus> <cfif ListGetAt(cgi.path_info,1+plus,"/") EQ "typeid_a"> <cfset URL.typeid_a=ListGetAt(cgi.path_info,2+plus,"/")> <cfset URL.sortby_a=ListGetAt(cgi.path_info,4+plus,"/")> <cfset URL.term_a=ListGetAt(cgi.path_info,6+plus,"/")> <cfelseif ListGetAt(cgi.path_info,1+plus,"/") EQ "typeid_g"> <cfset URL.typeid_g=ListGetAt(cgi.path_info,2+plus,"/")> <cfset URL.sortby_g=ListGetAt(cgi.path_info,4+plus,"/")> <cfset URL.term_g=ListGetAt(cgi.path_info,6+plus,"/")> </cfif> <cfelseif ListLen(cgi.path_info,"/") EQ 7+plus > <cfif ListGetAt(cgi.path_info,1+plus,"/") EQ "typeid_a"> <cfset URL.typeid_a=ListGetAt(cgi.path_info,2+plus,"/")> <cfset URL.sortby_a=ListGetAt(cgi.path_info,4+plus,"/")> <cfset URL.term_a=""> <cfset URL.startrow=ListGetAt(cgi.path_info,7+plus,"/")> <cfelseif ListGetAt(cgi.path_info,1+plus,"/") EQ "typeid_g"> <cfset URL.typeid_g=ListGetAt(cgi.path_info,2+plus,"/")> <cfset URL.sortby_g=ListGetAt(cgi.path_info,4+plus,"/")> <cfset URL.term_g=""> <cfset URL.startrow=ListGetAt(cgi.path_info,7+plus,"/")> </cfif> <cfelse And here's my login.cfm: <table> <tr> <td>user:</td> <td><input type="text" id="j_username" name="j_username" size="25" maxlength="100" class="formfield"<cfif StructKeyExists(form,"j_username")> value="#form.j_username#"</cfif>></td> </tr><tr> <td>pass:</td> <td><input type="password" id="j_password" name="j_password" size="25" maxlength="50" class="formfield"></td> </tr><tr> <td> </td> <td><input type="submit" value="Log In" class="submitbutton"></td> </tr></table> Oh, I stripped the login.cfm to improve readibility, and was a bit enthusiastic ;) I think I solved the problem however. I posted the form to #cgi.script_name#?#cgi.query_string#, which contained the ?loginrequest=1 again. This would create a loop in <cflogin>... OK, I got some more: it only occurs when I return to the website after a session timeout, and in that timedout session I was logged in. So this is the bad scenario: - Go to site - Login (Everything is ok) - Close browser - Wait for timeout - Restart browser and go to website - Login (Does not reach <cflogin>) If, before closing the browser, I manually logout, everything is just fine. How can this be? Should I let the CFID and CFTOKEN cookies expire sooner or something?? I have a similar problem, maybe it's related: Myscenario: - Go to site - Login (Everything is ok) - After an hour user timesout - user gets sent to login screen - Login ( Does not reach <cflogin> ) - They can only log back in if they close and reopen the browser This is what the livedocs say about <cflogin>: "The body of this tag executes only if there is no logged-in user." If it times out, apparantly it thinks that there still is a logged-in user... Well, there you go, I fixed it. It turned out that, although the loginstorage="session", the cflogin remains after session times out. If you just set <cflogin idletimeout="nrofseconds"> to be the same as the session timeout, all goes well! |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.