ansaurus

Question

Answer 1

A:

Seems like you need to add a where clause into your query.

Jason 2009-12-01 20:54:10

I just gave it a try, is this what you mean:<cfquery name="Recordset1" datasource="cfcommentsite">SELECT *FROM usersWHERE users.IDUsers </cfquery> It still does the same thing though, any idea why?

Bridget 2009-12-01 21:17:29

Youi need a right-hand expression in your where clause. Assume you store the userid from the database for the logged-in user in session.userid. SELECT* FROM users WHERE users.IDUsers = <cfqueryparam type="cf_sql_integer" value="#session.userid#">

Ben Doom 2009-12-01 21:25:29

I haven't got a session variable set up in my login for the IDUsers - is there some code you know I can put in to make one? cheers.

Bridget 2009-12-01 22:34:41

Answer 2

+1 A:

Note: if you show all the code (how do you log in, how do you query the dataset), it will help us to help you.

Few very general advices for now.

The reason is becasue you select all (or at least more than one) records. When you do the output only once CF shows only first record from dataset. You can check this by looping over the dataset:

<cfloop query="Recordset1">
<cfoutput>#Recordset1.Username#</cfoutput><br />
</cfloop>

It should show all your records.

As Jason pointed you should select only single record of your user. When you perform login act, save user # (typically primary key, id) in Session scope (say, in Session.userid) and use it in queries later like this (I dont know your query, so this is just to show the idea):

<cfquery datasource="datasourceName" name="Recordset1">
    SELECT Username FROM users WHERE id = <cfqueryparam cfsqltype="cf_sql_integer" value="#Session.userid#" />
</cfquery>

Supposing you have unique id's as PK, you'll get only one record in Recordset1, so your initial output will show correct username.

Sergii 2009-12-01 21:30:06

ok thaks a heap. Do I have to add into my Application.CFC a this.sessionmanagement='true' or something? Do you know the code i'll have to add in?

Bridget 2009-12-01 21:58:32

OK heres my codes: Heres my code for my Login in page:<cfif IsDefined("FORM.Username")> <cfset MM_redirectLoginSuccess="index.cfm"> <cfset MM_redirectLoginFailed="login.cfm"> <cfquery name="MM_rsUser" datasource="cfComment"> SELECT Username,Password FROM users WHERE Username=<cfqueryparam value="#FORM.Username#" cfsqltype="cf_sql_clob" maxlength="45"> AND Password=<cfqueryparam value="#FORM.Password#"

Bridget 2009-12-01 22:26:02

cfsqltype="cf_sql_clob" maxlength="8"> </cfquery> <cfif MM_rsUser.RecordCount NEQ 0> <cftry> <cflock scope="Session" timeout="30" type="Exclusive"> <cfset Session.MM_Username=FORM.Username><br /> <cfset Session.MM_UserAuthorization=""> </cflock> <cfif IsDefined("URL.accessdenied") AND false> <cfset MM_redirectLoginSuccess=URL.accessdenied> </cfif> <cflocation url="#MM_redirectLoginSuccess#" addtoken="no"> <cfcatch type="Lock"> </cfcatch> </cftry>

Bridget 2009-12-01 22:26:37

Bridget 2009-12-01 22:28:19

haha. ok, that looks really complicated, it wouldn't let my add it in the question box..oops, sorry. lol

Bridget 2009-12-01 22:29:10

Oh my... Please try to put the code into the question body. It is not so complex as it seems, see help section. This way it is totally unreadable.

Sergii 2009-12-01 22:55:38

Yes, you need the to have session management enabled. Also see this really informative and useful man page http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=AppEvents_02.html

Sergii 2009-12-01 22:58:27

Is this the correct / all the code i need for the application.cfc file to do what I intend:<cfapplication name = "cfGossip" applicationTimeout = #CreateTimeSpan(999, 0, 0, 0)# loginStorage = "session" scriptProtect = "all" sessionManagement = "yes" sessionTimeout = #CreateTimeSpan(999, 0, 0, 0)# setClientCookies = "yes" setDomainCookies = "yes>Thanks.

Bridget 2009-12-02 02:30:18

Techically yes, but I would not recomment to set such huge expiration periods: 999 days if far from enough, especially for session where it is used to destroy the session when one leaves the site without logging out. Typical session timeout is around 30 minutes (CreateTimeSpan(0,0,30,0)) and application timeout typically discussed in terms of in hours, my personal choise for my needs typically in range from 12 to 48.

Sergii 2009-12-02 06:23:56

ok. thanks - but if the user is on for more than 12 - 48 hours then will they need to login in again to add a comment - because the session variable will no longer work. So will the automatically be loged off ater 12 - 48 hours?

Bridget 2009-12-02 20:59:23

12-48 hours is Application scope lifespan, which should not have anything with user sessions. Specific user information need to be handled using Sessions scope, which should expire quicker because it can be not secure otherwise (imagine someone used your site from public PC and simply closed browser without logging out -- someone can re-open it and access private data).

Sergii 2009-12-03 08:33:49

ansaurus

tags:

views:

answers:

Personalized Welcome Messages

related questions