Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

application.cfm and non cfm files 1

Status
Not open for further replies.
varnix

varnix

Programmer
Jan 7, 2002
94
US
Is there a way to setup the application.cfm so that it will activate for non-cfm files as well?

Basically, I have an application.cfm that will call a login script if the user has not already logged in. I would like to put this same application.cfm in a directory that contains my images to protect them.

But so far its not working, is this even possible?

Thanks!
 
Sort by date Sort by votes
if you have an application file that is in a folder "above" or it "covers" the folder that contains the image folder - your images should be safe. In other words if you have the following set up that contains an Application.cfm the login check than, it would automtically someone for typing the address direclty into the address bar:

ROOT FOLDER
Application.cfm
--------IMAGES FOLDER
--------Image1.jpg
--------Image2.jpg


HTH..
 
Upvote 0 Downvote
I had already thought of and tried your suggestion, for example

- contains an application.cfm declaring the session info and is accessible to the public

- contains an application.cfm and redirects the user to a login.cfm if they are not already logged in.

So, if I go to or to any HTM or CFM file located under that directory, I am automatically redirectd to the login.cfm page. BUT if I go to any non-CFM or HTM page, such as or image.gif, that image file will open without having to login to the application.

I know that on a Linux server I can use the .htaccess to redefine how certain types of files are processed by the server.

Is there something similar that we can do with the application.cfm under coldfusion?
 
Upvote 0 Downvote
There is no "clean" method to restrict access to your .jpg files using the application.cfm template when a user manually enters the url to a .jpg file.

Your best bet is to let your web server handle the security.
 
Upvote 0 Downvote
I stand corrected... I had forgotten that images could be called directly without going through the coldfusion server...hmm interesting.

I am curious as to tooled's remark on letting the Web server handle the security...wonder what he means by that...
 
Upvote 0 Downvote
For one possible answer to "wonder what he means by that"... check out this thread thread232-553910 .

Basically you place all your images in a directory that's not under the web root (or a dircetory that's under web root, but set up with permissions to not allow anonymous browsing)... then use a "viewer" .CFM page in your
Code: 
<img>
tags to load images in your pages.

This way, you can get to your images, but no one else can.

I don't know if that's what Tooled had in mind... but it's certainly one solution.



-Carl
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sirnose1
  • Locked
  • Question
CFIF for CFmail
Replies
0
Views
671
sirnose1
sirnose1
RosieGp
  • Locked
  • Question
How to read string of 0s and 1s 1
Replies
3
Views
725
LyndonOHRC
LyndonOHRC
ccorry
  • Locked
  • Question
FrameMaker 2015 hyperlinks in book files don't work
Replies
0
Views
208
ccorry
ccorry
HansKok
  • Locked
  • Question
Error after only changing text and not codes
Replies
0
Views
564
HansKok
HansKok
MDEJAKE
  • Locked
  • Question
autosuggest (cfc and jquery) help
Replies
0
Views
280
MDEJAKE
MDEJAKE

Part and Inventory Search

Sponsor

Back
Top