macromedia.coldfusion.cfml_general_discussion
[Top] [All Lists]

Imature session log out

Subject: Imature session log out
From: "man jackals"
Date: Tue, 14 Aug 2007 17:02:32 +0000 UTC
Newsgroups: macromedia.coldfusion.cfml_general_discussion
I got the code belo. problem is that it logs out before the session ends

 <!--- login.cfm begin --->
        <cfif CGI.SCRIPT_NAME CONTAINs "logout.cfm" >
                <cfoutput><cflocation url="#Application.webRoot#index.cfm" 
addtoken="no"></cfoutput>
        </cfif>

        <cfif CGI.Script_Name   CONTAINs "login.cfm" > 
                <cfset session.requestedpage= 
"#Application.webRoot#Login/Member/index.cfm">
        <cfelseif CGI.SCRIPT_NAME CONTAINs "logout.cfm" >
                        <cfset session.requestedpage= 
"#Application.webRoot#index.cfm"> 
     <cfelse>       
                <cfif CGI.query_string is "" >
                        <cfset session.requestedpage= '#cgi.SCRIPT_NAME#'>
                <cfelse>
                        <cfset session.requestedpage= '#cgi.SCRIPT_NAME#' & 
'?#CGI.query_string#'>
                </cfif>
        </cfif>

        <cfparam name="request.NewUserMsg" default="">

        <cfif isdefined("url.NewUser")>
                <cfset request.NewUserMsg = "Thanks for Registering. Please 
Login to add a 
Picture to your Profile">
        </cfif>
        <cfparam name="request.loginMessage" default="">
 <form name="form1" method="post" action="">
   <p>username 
     <input name="j_username" type="text" id="j_username">
 </p>
   <p>password 
     <input name="j_password" type="text" id="j_password">
 </p>
 </form>

 <!--- login.cfm ends--->

 <!--- application.cfc begins--->
 <cfcomponent name="Application" displayname="Application Component for the 
Login Security Tutorial" >
        <cfset This.name = "LoveZoneAfrica">
        <cfset This.applicationTimeout = CreateTimeSpan(0,0,0,45)>
        <cfset This.sessionManagement = "true">
        <cfset This.sessionTimeout = CreateTimeSpan(0,0,0,30)>
        <cfset This.clientManagement = "false">
        <cfset This.loginstorage="session">   
        
        <cffunction name="onApplicationStart" returntype="boolean" 
output="true">
                <cfset Application.configured = 1>
                <cfset Application.datetimeConfigured = TimeFormat(Now(), 
"hh:mm tt") & "  " 
& DateFormat(Now(), "mm.dd.yyyy")>
                <cfset Application.currentSessions = 0>
                <!--- Begin Setting up request variables here. --->
                <cfscript>  
                        request.app = structNew();
                        Application.dsn = "LoveZoneAfrica";
                        Application.webRoot = 
"#getPageContext().getRequest().getContextPath()#/LoveZoneAfrica/";
                        Application.machineRoot = "/LoveZoneAfrica/";
                        Application.cfcRoot = "LoveZoneAfrica.com";  
                        Application.settings    = structNew();
                </cfscript>
                <cfreturn true>
        </cffunction>
        
        <cffunction name="onRequestStart" returntype="boolean" output="true" >
            <cfargument name="requestname" required=true/>  
 <cfif  isDefined("form.j_username") and  isDefined("form.j_password")>
                <cfif  len(form.j_username) and   len(form.j_password)>         
                        <cfscript>
                                // create the Security object
                                Security = 
createObject("component","#Application.cfcRoot#.security");
                                // store authenticate method of security object 
as roles variable. 
                                
LogQry=Security.authenticate(form.j_username,form.j_password);
                        </cfscript>
                                <cfif LogQry.recordcount>   <!--- User has 
Successfully logged in 
#GetValidUser# --->  
                                        <!--- Update the LastLogin timestamp. 
--->
 
                                        
<cfscript>Update_LastLogin=Security.LastLogin(form.j_username); </cfscript>
                                        <cfset request.User.LoggedIn = "1"> 
                                        <cfset request.User.User_Id = 
LogQry.customer_id>
                                        <cfset request.User.Username = 
form.j_username>
                                        <cfset request.User.LastLogin = 
LogQry.LastLogin_Date  >
                                        <cfset request.User.Ispaidup = 
LogQry.Ispaidup  >
                                <cfelse>
                                        <!--- Password /Username was wrong, so 
if Session.user structure is there 
destroy it --->
                                         <cfif  structKeyExists(Session,"User")>
                                                <cflock scope="SESSION" 
throwontimeout="Yes" timeout="7" 
type="EXCLUSIVE"> 
                                                        <cfset clearStruct = 
StructDelete(Session, "User")>
                                                </cflock>
                                         </cfif>
                                </cfif>
                                <!--- If there are any problems with the 
username and/or password the 
request.User structure will not be created. --->
                                <cfif NOT isDefined("request.User.LoggedIn")>
                                        <cfset request.loginMessage ="Invalid 
Username or Password">
                                <cfelse>
                                        <!--- If the login procedure is passed 
duplicate the request structure 
into the Session scope. --->
                                        <cflock scope="SESSION" 
throwontimeout="Yes" timeout="107" 
type="EXCLUSIVE">
                                                <cfset Session.User = 
Duplicate(request.User)>
                                        </cflock>
                                        <cflock name="lck_currentSessions" 
throwontimeout="Yes" timeout="107" 
type="EXCLUSIVE">
                                                <cfif NOT 
isDefined("Application.sessionData")>
                                                        <!--- Increment the 
number of current sessions. --->
                                                        <cfset 
Application.currentSessions = Application.currentSessions + 1>
                                                        <cfset 
Application.sessionData = ArrayNew(1)>
                                                        <cfset Arraysize = 0>
                                                        <cfset  
Application.sessionData[Arraysize+1] = form.j_username>
                                                <CFELSE>
                                                        
                                                        <!---check to see 
wether this "Username" appears in the 
Application.sessionData.
                                                                If so, ignore. 
If no then append the name to the array so we have a 
unique list of usernames--->
                                                        <cfset Arraysize = 
ArrayLen(Application.sessionData)>
                                                        <cfset Application.temp 
= ArrayNew(1)>
                                        <cfif Arraysize>
                                                                <cfloop index = 
"LoopCount" from = "1" to = "#Arraysize#">
                                                                <cfset 
#ArrayAppend(Application.temp, 
Application.sessionData[LoopCount])#>
                                                                </cfloop>
                                                                <cfset 
Isloggedin = ListFind(ArrayToList(Application.temp), 
form.j_username)>
                                        <cfif Isloggedin is 0>
                                                        <cfset  
Application.sessionData[Arraysize+1] = form.j_username>
                                                <!--- Increment the number of 
current sessions. --->
                                                        <cfset 
Application.currentSessions = Application.currentSessions + 1>
                                        </cfif>
                                        <cfelse>
                                        <!--- Increment the number of current 
sessions since twas empty. --->
                                        <cfset Application.currentSessions = 
Application.currentSessions + 1>
                                        <cfset  
Application.sessionData[Arraysize+1] = form.j_username>
                                </cfif>
                        </cfif>
        </cflock>
                                                        
        </cfif>
        <cfelse>
                <cfset request.loginMessage ="Invalid Username or Password">
                <!--- Destroy the user sesssion structure --->
                <cflock scope="SESSION" throwontimeout="Yes" timeout="7" 
type="EXCLUSIVE"> 
                        <cfset clearStruct = StructDelete(Session, "User")>
                </cflock>
        </cfif>
 </cfif>
                                        
                        <!--- Check to see if a user is logged in on *every* 
cfm page request 
except the logout.cfm. --->
                        <cfif cgi.SCRIPT_NAME   CONTAINs "logout.cfm">
                        <cfelse>
                                        <cflock scope="SESSION" 
throwontimeout="Yes" timeout="7" type="READONLY">
                                                <cfif NOT 
isDefined("Session.User.LoggedIn")>
                                                        <cfinclude 
template="#Application.webRoot#Admin/Security/login.cfm">
                                                        <cfabort>
                                                </cfif>
                                        </cflock>
                         </cfif>
                <cfreturn true>
        </cffunction>

 <cffunction name="onSessionEnd" returntype="void">
                <cfargument name="SessionScope" required="true">
                <cfargument name="ApplicationScope" required="true">
                <cflock name="lck_currentSessions" throwontimeout="Yes" 
timeout="7" 
type="EXCLUSIVE">
                        <!---
                                If the users session ID is still hanging around 
(the user is getting 
automatically logged out due to timeout)
                                delete the session data from the Application 
scope and decrement the 
current sessions value.
                        --->
                        <cfset sessionPosition = 
ListFind(ArrayToList(arguments.ApplicationScope.sessionData), 
arguments.SessionScope.sessionid)>
                        <cfif sessionPosition neq 0>
                                <cfset 
ArrayDeleteAt(arguments.ApplicationScope.sessionData, 
sessionPosition)>
                                <cfset 
arguments.ApplicationScope.currentSessions = 
arguments.ApplicationScope.currentSessions - 1>
                        </cfif>
                </cflock>
                <!--- <cflog file="#this.name#" type="information" 
text="Session ended. 
Number of active sessions now: #arguments.ApplicationScope.currentSessions#"> 
--->
        </cffunction>
 </cfcomponent>
 <!--- application.cfc ends--->


<Prev in Thread] Current Thread [Next in Thread>