Make a variable available once a person is logged in 1

[rmz8]

How do I make a variable available throughout an entire site once a person is logged in. For example, throughout the site, the UserName and Password values are used constantly to validate a user and in queries. However, right now I am passing the UserName and Password variables as URL parameters. This means that a user's Password is viewable. Is there anyone I can make it so that once a user has logged in with a UserName and Password, those variables will be created with the values they entered and I can reference to them. Can I use Application.cfm? I thought about passing them as hidden form values, but this is tough. Here is my login code (you can see how the UserName and Password form values are passed through the URL--and how every template references to those URL values--is there any way to conceal them or reference to them globally?):

==============================================

<html>
<head>
<title>ZEAL network's GATSBY: Login</title>
<meta http-equiv=&quot;Content-Type&quot; content=&quot;text/html; charset=iso-8859-1&quot;>
<script language=&quot;JavaScript&quot;>
<!--
function MM_openBrWindow(theURL,winName,features) { //v2.0
window.open(theURL,winName,features);
}
//-->
</script>
</head>

<body bgcolor=&quot;#FFFFFF&quot;>
<cfif isDefined(&quot;Form.UserName&quot>
<cfset TimeOut = &quot;#Now()#&quot;>
<cfquery datasource=&quot;LHS&quot; name=&quot;Check&quot;>
SELECT * FROM users WHERE UserName = '#Form.UserName#' AND Password = '#Form.Password#'
</cfquery>
<cfif #Check.RecordCount# IS 0>
<!--- If we have an invalid request --->
<cfinclude template=&quot;includes/header.html&quot;>
<H4><FONT FACE=&quot;Arial, Helvetica, sans-serif&quot;>Sorry, the UserName and/or Password
combination you have entered is not correct. Please <A HREF=&quot;javascript:history.go(-1)&quot;>go
back and try again</A> or <A HREF=&quot;tools/send_password/index.cfm&quot;>have your
password e-mailed to you</A>.</FONT></H4>
<cfinclude template=&quot;includes/footer.html&quot;>
<cfelse>
<!--- Or there must have at least one match --->
<cfset Session.Auth = &quot;Yes&quot;>
<cfset Session.Admin = &quot;Form.UserName&quot;>
<cflocation url=&quot;index.cfm?UserName=#Form.UserName#&amp;Password=#Form.Password#&quot; addtoken=&quot;Yes&quot;>
</cfif>
<cfelse>
<font face=&quot;arial&quot;>
<cfinclude template=&quot;includes/header.html&quot;>
<H2>
<u>Login</u></H2></font>
<font face=&quot;arial&quot;><FONT SIZE=&quot;2&quot;><B>TIP:</B><I> Throughout GATSBY you will see
small question marks next to some options. Click them for specific help at any
time.</I></FONT></font><font face=&quot;arial&quot;><cfoutput> <font size=&quot;2&quot;>
<cfform method=&quot;post&quot; action=&quot;login.cfm&quot;>
</cfform>
</font></cfoutput><cfoutput><font size=&quot;2&quot;>
<cfform method=&quot;post&quot; action=&quot;login.cfm&quot;>
<TABLE BORDER=&quot;0&quot; WIDTH=&quot;50&quot;>
<TR>
<TD HEIGHT=&quot;2&quot; WIDTH=&quot;11&quot;><I><B><FONT SIZE=&quot;2&quot; FACE=&quot;Arial, Helvetica, sans-serif&quot;><A HREF=&quot;##&quot; onClick=&quot;MM_openBrWindow('help/username.html','','scrollbars=yes,width=200,height=200')&quot;>?</A></FONT></B></I></TD>
<TD HEIGHT=&quot;2&quot; WIDTH=&quot;69&quot;><B><FONT FACE=&quot;Arial, Helvetica, sans-serif&quot; SIZE=&quot;2&quot;>UserName:</FONT></B></TD>
<TD HEIGHT=&quot;2&quot; WIDTH=&quot;16&quot;>
<cfinput type=&quot;text&quot; name=&quot;UserName&quot; REQUIRED=&quot;Yes&quot; MESSAGE=&quot;A UserName is required.&quot;>
</TD>
</TR>
<TR>
<TD HEIGHT=&quot;22&quot; WIDTH=&quot;11&quot;><I><B><FONT SIZE=&quot;2&quot; FACE=&quot;Arial, Helvetica, sans-serif&quot;><A HREF=&quot;##&quot; onClick=&quot;MM_openBrWindow('help/password.html','','scrollbars=yes,width=200,height=200')&quot;>?</A></FONT></B></I></TD>
<TD HEIGHT=&quot;22&quot; WIDTH=&quot;69&quot;><B><FONT FACE=&quot;Arial, Helvetica, sans-serif&quot; SIZE=&quot;2&quot;>Password:</FONT></B></TD>
<TD HEIGHT=&quot;22&quot; WIDTH=&quot;16&quot;>
<cfinput type=&quot;Password&quot; name=&quot;Password&quot; REQUIRED=&quot;Yes&quot; MESSAGE=&quot;A Password is required.&quot;>
</TD>
</TR>
<TR>
<TD HEIGHT=&quot;22&quot; COLSPAN=&quot;3&quot;>
<INPUT TYPE=&quot;submit&quot; VALUE=&quot;Login&quot; NAME=&quot;submit&quot;>
</TD>
</TR>
</TABLE>
<FONT FACE=&quot;Arial, Helvetica, sans-serif&quot; SIZE=&quot;2&quot;><a href=&quot;tools/update_password/index.cfm&quot;>Click
here to change your GATSBY Password.</a><br>
<a href=&quot;tools/send_password/index.cfm&quot;>Forgot your Password? Use GATSBY's
Password retrieval tool!</a></FONT>
</cfform>
<cfinclude template=&quot;includes/footer.html&quot;>
</font> </cfoutput> </font>
</cfif>
</body>
</html>

==============================================

Happy Holidays! Thanks in advance.

Ryan ;-]

 

[rmz8]

Haha,

When there are crippling ice storms, the last thing you should be worrying about is your Tek-Tips obligations . Thanks a lot, though. Yes, I did make the query verify the user using the session variables and setup an IF statement to redirect. Once the user is logged in and clicks on logout, here is what happens:

======LOGOUT.CFM======

<cfset session.un = &quot;&quot;>
<cfset session.pword = &quot;&quot;>
<cflocation url=&quot;login.cfm&quot;>

======LOGOUT.CFM======

Here is the index file, which should transfer the user to the login page if the record count of the query to match the session variables is 0:

======INDEX.CFM======

<html>
<head>
<title>ZEAL network's GATSBY: Home</title>
<meta http-equiv=&quot;Content-Type&quot; content=&quot;text/html; charset=iso-8859-1&quot;>
</head>

<body bgcolor=&quot;#FFFFFF&quot;>
<cfif isdefined(&quot;Session.UN&quot AND isdefined(&quot;Session.PWord&quot>
<!--Authorization check -->
<cfif isDefined(&quot;Session.Auth&quot is NOT TRUE>
<cflocation url=&quot;login.cfm&quot;>
<cfelse>
<!--Run query to get user information -->
<cfquery datasource=&quot;LHS&quot; name=&quot;getUser&quot;>
SELECT RealName FROM Users WHERE (UserName = '#Session.UN#' AND Password = '#Session.PWord#')
</cfquery>
<cfif getuser.recordcount EQ 0>
<cflocation url=&quot;index.cfm&quot;>
<cfelse>
<!--Run query to get user's classes -->
<cfoutput>
<cfquery datasource=&quot;LHS&quot; name=&quot;getClasses&quot;>
SELECT ID,ClassName FROM Classes WHERE (#Session.Teacher# = Classes.Teacher)
</cfquery>
</cfoutput><cfinclude template=&quot;includes/header.html&quot;><font face=&quot;arial&quot; size=&quot;2&quot;>Welcome to ZEAL network's GATSBY, <cfoutput query=&quot;getUser&quot;>#RealName#</cfoutput>.
Click a class that you teach from the list below to view current assignments or
to add a new assignment.</font><cfoutput query=&quot;getClasses&quot;>
<ul>
<li><b><a href=&quot;list_assignments.cfm?Class=#getClasses.ID#&quot;><FONT FACE=&quot;Arial, Helvetica, sans-serif&quot; SIZE=&quot;2&quot;>#getClasses.ClassName#</FONT></a></b>
</ul>
</cfoutput><cfinclude template=&quot;includes/footer.html&quot;></cfif>
</cfif>
<cfelse>
<cflocation url=&quot;login.cfm&quot;>
<A HREF=&quot;logout.cfm&quot;>LOGOUT</A>
</cfif>
</body>
</html>

======INDEX.CFM======

When I logout, and then try to type in the URL to access the index page, I should be transferred to LOGIN.CFM (since record count = 0 because there is no user with a null UserName and Password), however the page just makes Internet Explorer &quot;contemplate&quot; with out doing anything! The computer is thinking very hard and the progress bar is &quot;struggling&quot; to move up. What is that about?

Ryan ;-]

 

[KevinFSI]

Hmmm. Not sure about that one. Anyone else have any ideas? Kevin
slanek@ssd.fsi.com

 

[rmz8]

After that whole long post I figured it out. I placed the browser in a never ending loop...Look at where the CFLOCATION is set to in the IF statement in INDEX.CFM! The value is set to INDEX.CFM, so it just kept trying to access that page. Now it works, however!

Ryan ;-]

 

[KevinFSI]

Cool. I'm glad it's working out! Kevin
slanek@ssd.fsi.com