[epidemik]

I am working on a login script and wanted to be able to show that the user is logged in with his user name at the top of the page. Thnaks for any help that anyone can help me with.

login code:

<form action="login_process.cfm" method="post">
   Username: <input type="text" name="user_name" value=""><BR>
   Password: <input type="password" name="user_password" value=""><BR>
   <input type="submit" value="Log In"><BR>
</form>

Application.cfm

<!--- Create the application --->
<cfapplication name="MyApp" clientmanagement="Yes"
                    sessionmanagement="Yes"
                    sessiontimeout="#CreateTimeSpan(0,0,15,0)#"
                    applicationtimeout="#CreateTimeSpan(0,2,0,0)#">

<!--- Now define that this user is logged out by default --->
<CFPARAM NAME="session.allowin" DEFAULT="false">

<!--- Now define this user id to zero by default, this will be used later on to access specific information about this user. --->
<CFPARAM NAME="session.user_id" DEFAULT="0">

<!--- Now if the variable "session.allowin" does not equal true, send user to the login page --->
<!---
        the other thing you must check for is if the page calling this application.cfm is the "login.cfm" page 
        and the "Login_process.cfm" page since the Application.cfm is always called, if this is not checked 
        the application will simply Loop over and over. To check that, you do the following call 

--->
<cfif session.allowin neq "true">
      <cfif ListLast(CGI.SCRIPT_NAME, "/") EQ "login.cfm">
      <cfelseif ListLast(CGI.SCRIPT_NAME, "/") EQ "login_process.cfm">
      <cfelse>
      <!--- this user is not logged in, alert user and redirect to the login.cfm page --->
      <script>
              alert("You must login to access this area!");
              self.location="login.cfm";
      </script>
      </cfif>
</cfif>

Login process

<!--- Get all records from the database that match this users credentials --->
<cfquery name="qVerify" datasource="DSN">
    SELECT             user_id, user_name, user_password
    FROM                Members
    WHERE              user_name = '#user_name#'
                     AND user_password = '#user_password#'
</cfquery>

<cfif qVerify.RecordCount>
    <!--- This user has logged in correctly, change the value of the session.allowin value --->
    <cfset session.allowin = "True">
    <cfset session.user_id = qVerify.user_id>
    <!--- Now welcome user and redirect to "members_only.cfm" --->
    <script>
         alert("Welcome <cfoutput>#user_name#</cfoutput>, you have been successfully logged in!");
         self.location="/lounge_cfm/index.cfm";
    </script>
< cfelse>
    <!--- this user did not log in correctly, alert and redirect to the login page --->
    <script>
        alert("Your credentials could not be verified, please try again!!!");
        self.location="Javascript:history.go(-1)";
    </script>
</cfif>

[Craig328]

Welcome back, epidemik. Normally the D.I.C. forums tend to frown on posts like "gimme t3h cod3z" or "do my homework for me" but you have posted relatively well formed code. That said, while you presented your code, you haven't really mentioned what it is that's wrong with it. The page that you say you'd like to display a user's name on when they're logged in appears to be your /lounge_cfm/index.cfm however that page isn't posted here.

However, I can give you specific advice on thing and general advice on the other:

• Your use of <script> tags MIGHT work but they'll almost certainly work when you specify that the browser render that code using Javascript <script language="javascript">
  
• The most common way of retaining a user's name (so you can display it anywhere within you site during their session) is to set such info into a session variable. Once they pass login credentials you can insert some code to add things like their userID, first and last name and other such things to a series of session vars...or create a struct containing user info and then store that struct into a session var itself.

I'm guessing you're not the person that originally wrote this code. It looks a little dated and lacks some necessary security code (CFQUERYPARAM on your qVerify query for starters). Give us an idea what your situation is and perhaps we can explore ways to help you out further.

Good luck!

This post has been edited by Craig328: 04 February 2011 - 06:29 AM

[epidemik]

Oh ok sorry bout that, well I have found a solution in a script that i worked on with one of my professors when I was in school. It's actually working the way I want it to work now. Might just give a peek into it for the rest to make sure my code is update to the latest. Thanks to your response though, and I will watch how i phrase my questions.