I've created an administrative site for a client which allows them to control their content for a site. It has the standard login/application.cfm structure. They have asked me to add the capability for them to get an email if they forget their password... I put a link on the login screen but everytime I click the link - I get the login screen again... what do I need to do so that I get directed to the emailReminder screen?
Here is the code for application.cfm
<!--- Application.cfm --->
<!--- variables used throughout Admin Site --->
<cfset DSN = "vivian"> <!--- dsn value --->
<cfset encryptKey = "vande"> <!--- encryption key value (used for passwords) --->
<cfset BImagePath = "../images/background/">
<cfset PImagePath = "../images/photo/">
<cfset CImagePath = "../images/bookcovers/">
<!--- Name of application and session management --->
<CFAPPLICATION NAME="VivianAdmin" SESSIONMANAGEMENT="Yes">
<!--- set the messages of no permission or required fields --->
<cfset No_Permission = "You don't have access to this site.">
<cfset Required_Items = "You need to enter a user id and password.">
<!--- set the sesssion.loggedOff variable --->
<CFLOCK TIMEOUT="3" NAME="#Session.CFID#" TYPE="EXCLUSIVE">
<cfparam name="Session.LoggedOff" default="Yes">
</CFLOCK>
<!--- If user is not logged in, force him to login now --->
<CFLOCK TIMEOUT="3" NAME="#Session.CFID#" TYPE="EXCLUSIVE">
<CFIF Session.LoggedOff EQ "Yes" OR (NOT (ISDEFINED("Session.User"
))>
<CFIF ISDEFINED("Form.UserLogin" and ISDEFINED("Form.UserPassword">
<!--- take the inputed password and encrypt it
<cfset pwd = '#TRIM(Form.UserPassword)#'>
<cfset EncPass = encrypt(pwd,encryptKey)>--->
<!--- perform query to see if they are in the database --->
<CFQUERY NAME="GetUser" DATASOURCE="#DSN#">
select *
from Administrators
where LoginName = '#Trim(FORM.UserLogin)#'
</CFQUERY>
<CFIF GetUser.RECORDCOUNT GT 0>
<!--- take the password and see if same as one logged in with --->
<cfset currentPass = #GetUser.Password#>
<cfset DecPass = decrypt(currentPass,encryptKey)>
<CFIF #DecPass# IS #TRIM(Form.UserPassword)#>
<!--- this is a valid login --->
<CFSET Session.LoggedOff = "No">
<CFSET Session.User = "#GetUser.LoginName#">
<CFELSE>
<!--- don't have permission --->
<CFSET MESSAGE = "#Variables.No_Permission#">
<CFINCLUDE TEMPLATE="login.cfm">
<CFABORT>
</CFIF> <!--- password similar to stored value --->
<CFELSE>
<!--- don't have permission --->
<CFSET MESSAGE = "#Variables.No_Permission#">
<CFINCLUDE TEMPLATE="login.cfm">
<CFABORT>
</CFIF> <!--- end query if table has user id--->
<CFELSE>
<!--- <CFSET MESSAGE = "#Variables.Required_Items#"> --->
<CFINCLUDE TEMPLATE="login.cfm">
<CFABORT>
</CFIF> <!--- end of form values not defined --->
</CFIF>
</CFLOCK>
Here is the code for application.cfm
<!--- Application.cfm --->
<!--- variables used throughout Admin Site --->
<cfset DSN = "vivian"> <!--- dsn value --->
<cfset encryptKey = "vande"> <!--- encryption key value (used for passwords) --->
<cfset BImagePath = "../images/background/">
<cfset PImagePath = "../images/photo/">
<cfset CImagePath = "../images/bookcovers/">
<!--- Name of application and session management --->
<CFAPPLICATION NAME="VivianAdmin" SESSIONMANAGEMENT="Yes">
<!--- set the messages of no permission or required fields --->
<cfset No_Permission = "You don't have access to this site.">
<cfset Required_Items = "You need to enter a user id and password.">
<!--- set the sesssion.loggedOff variable --->
<CFLOCK TIMEOUT="3" NAME="#Session.CFID#" TYPE="EXCLUSIVE">
<cfparam name="Session.LoggedOff" default="Yes">
</CFLOCK>
<!--- If user is not logged in, force him to login now --->
<CFLOCK TIMEOUT="3" NAME="#Session.CFID#" TYPE="EXCLUSIVE">
<CFIF Session.LoggedOff EQ "Yes" OR (NOT (ISDEFINED("Session.User"
))><CFIF ISDEFINED("Form.UserLogin"
and ISDEFINED("Form.UserPassword"><!--- take the inputed password and encrypt it
<cfset pwd = '#TRIM(Form.UserPassword)#'>
<cfset EncPass = encrypt(pwd,encryptKey)>--->
<!--- perform query to see if they are in the database --->
<CFQUERY NAME="GetUser" DATASOURCE="#DSN#">
select *
from Administrators
where LoginName = '#Trim(FORM.UserLogin)#'
</CFQUERY>
<CFIF GetUser.RECORDCOUNT GT 0>
<!--- take the password and see if same as one logged in with --->
<cfset currentPass = #GetUser.Password#>
<cfset DecPass = decrypt(currentPass,encryptKey)>
<CFIF #DecPass# IS #TRIM(Form.UserPassword)#>
<!--- this is a valid login --->
<CFSET Session.LoggedOff = "No">
<CFSET Session.User = "#GetUser.LoginName#">
<CFELSE>
<!--- don't have permission --->
<CFSET MESSAGE = "#Variables.No_Permission#">
<CFINCLUDE TEMPLATE="login.cfm">
<CFABORT>
</CFIF> <!--- password similar to stored value --->
<CFELSE>
<!--- don't have permission --->
<CFSET MESSAGE = "#Variables.No_Permission#">
<CFINCLUDE TEMPLATE="login.cfm">
<CFABORT>
</CFIF> <!--- end query if table has user id--->
<CFELSE>
<!--- <CFSET MESSAGE = "#Variables.Required_Items#"> --->
<CFINCLUDE TEMPLATE="login.cfm">
<CFABORT>
</CFIF> <!--- end of form values not defined --->
</CFIF>
</CFLOCK>
