Check this out...

http://hotwired.lycos.com/webmonkey/...tutorial2.html

If any of you having problems, please feel free to post here. Happy learning

__________________
webmaster @ http://kongtechnology.com

Finally, I managed to come up with a very simple ColdFusion tutorial...

http://kongtechnology.com/index.asp?im=cf1

Plz bear in mind, this is for beginner
Stay tuned for more advanced tutorials in the very near future

Enjoy...

__________________
webmaster @ http://kongtechnology.com

hi kpyew...

sowi... nak tanya lagi...

camnie... kalau kite buat online system guna CFM... nak control authorised user access sesuatu sistem... (sebab ramai owang nak access satu sistem dlm masa yang sama kan?? )...

sama ada guna temporary Table(dynamic table) atau pon guna setcookie... (itu yg saya tau larrr kan )... cara nyer camner ekk... kasi cth mudah skit...

sebabnyerr... nak pasti kan kite pegang nilai log in pada setiap page...

ok tinkiuuu...

p/s: kalau salah pahaman saya nie... tulun betul kan ekk

Well, use session!

How?

1. Add these lines to your application.cfm, to enable session management and to have a session scoped variable called UserName. Note that sessiontimeout value??

<cfapplication name="testApp" sessionmanagement="Yes" clientmanagement="yes" sessiontimeout="30">
<cfparam name="Session.UserName" default="">

2. Do your login form, with minimal 2 text fields "UserName" and "Password". Also, include JavaScript checking lah...

3. Do the action page. Inside this action page, check whether the UserName and Password is authorized. There are a number of ways, you can do a <cfif>/<cfelse> check or lookup from a "users table":

<cfquery name="qryUser" datasource="testDB">
SELECT *
FROM Users
WHERE UserName = '#form.UserName#'
AND Password = '#form.Password#'
</cfquery>

<cfif qryUser.RecordCount gt 0>
<cfset Session.UserName = qryUser.UserName>
<cfcookie name="UserName" value="#qryUser.UserName#" expires="NEVER">
<cfelse>
Unauthorized... hacker detected :-)
</cfif>

4. There you go. You have finished the login part. If a login is successful, you basically set 2 variables, that's a session variable and a cookie. So, on every other page that you would like to "protect", you basically need to check for the existance of these 2 variables. How?

<cfset boolLogin = false>

<cfif IsDefined("Session.UserName")>
<cfif Session.UserName neq "">
<cfset boolLogin = true>
</cfif>
<cfelse>
<cfif IsDefined("Cookie.UserName")>
<cfif Cookie.UserName neq "">
<cfset Session.UserName = Cookie.UserName>
<cfset boolLogin = true>
</cfif>
</cfif>
</cfif>

<cfif boolLogin eq false>
<cfinclude template="login.cfm">
<cfabort>
</cfif>

You can put this checking in a separate file, or even Custom Tag, so that on every page that you wish to protect, you just need to include it using <cfinclude template="...">

That's it.

Hey, how do you like my CF tutorial at my site?

__________________
webmaster @ http://kongtechnology.com

wah best la tutorial tu..lengkap..

Good, glad u like it
So, did u managed to follow it? (Or did u even try? ) --just want to get some feedbacks, so that I can improve.

Thanks.

__________________
webmaster @ http://kongtechnology.com

The first impression is...your tutorial is very complete...even it is just a beginning to display "hello world".

keep up the good work...!!

I will promote your site to my friends...

kpyew,..

can i copy your tutorial and put it at terato...your name will be there and also your website..this could drive more visitors to your website...can i?...i am trying to collect as much tutorial as can be..it is for all benefits..

__________________

_.·°°··>Webmaster Malaysia _.·°°··>

--------------------------------
http://www.sultantheme.com

napy8gen, sure... not a problem. In fact, I felt really happy that you like it However, I am still adding to the CF tutorial, so along the way, I might modify that first CF tutorial I did...

UnregisteredMan, great Thanks a lot.

__________________
webmaster @ http://kongtechnology.com

thank you very much dear kpyew...


I really appreciate that....this is your named smilies--->
Tabik CF sifu....

__________________

_.·°°··>Webmaster Malaysia _.·°°··>

--------------------------------
http://www.sultantheme.com

err kpyew... nak tanya lagi nih...

ttg session management tuh kan... UserID refer satu field dlm d/b access tuh ker... maksud nyer ader tiga attribute dlm table Users...
i. UserName
ii. Password
iii. UserID

ok...seterusnyerr... ttg <cfapplication> atas tuh... kita save kan sbg application.cfm... camner nak relate ngan coding yg lain tuh... nak guna <cfinclude> ker???

aper yg saya tengah buat nie camnie sebenarnyerr...
1. login form - input : UserID, Password
2. action page - check Authorised User dan paparkan info ttg user tu
3. form pendaftaran - untuk sesi daftar

maknanyerr yg kpyew kasi info atas tuh...
1. login form saya buat cam biasa arr... plus Java Script checking
2. action page - atas sebelum <html> letak coding yg kpyew kasi tuh...
3. form pendaftaran dan form² or action pages yg seterusnyerr... letak coding yg no. 4 tuh ekkk...


errr... betul ker pahaman saya ni kpyew... errr... kalau salah betul kan ekk... sebab nyer error cun ader nie...ehehehe

Ops, sorry. UserName dan UserID sepatutnya merujuk kepada perkara yang sama dalam database. Maksudnya, dalam database yang diperlukan hanyalah UserName dan Password, UserID tak payah.

Session.UserName adalah satu pembolehubah dalam skop session sahaja. Kegunaannya adalah sebagai satu "flag" - jika ia telah di-set, maknanya user telah login, sebaliknya, user belum login (not authorized).

p/s: Post yang terdahulu saya telah mencampuradukkan UserID dan UserName, ... namum, saya telah betulkan tadi. Tolong check balik....

Save sebagai application.cfm dan CF server akan mencarinya secara automatik. Anda tak payah menggunakan <cfinclude>. Save application.cfm pada root aplikasi anda.

Coding yang no. 4 tu bolehlah diletakkan dalam file yang tersendiri. Jadi, dalam page yang penting yang nak dilindungi, guna <cfinclude> untuk memasukkan file tadi. Kenapa form pendaftaran nak dilindungi pula?? Saya rasa tak perlu lah...

Semoga anda berjaya... kalau ada sebarang masalah lagi, postlah kat sini

__________________
webmaster @ http://kongtechnology.com

thanx kpyew...

mende tuh dah settle... cuma nak try test system... error ari tuh pada <cfquery> iaitu :-

<cfquery name="vrfUser" datasource="Staff" dbtype="ODBC">
SELECT UserName, UserID
FROM Staff
WHERE UserName = '#Form.UserName#' << tanda (') UserName (attribute dlm table Staff) dlm btk TEXT...
AND UserID = '#Form.UserID#'
</cfquery>

so... part log in form and action dah settle... =)

ttg nak protect form pendaftaran tuh... tak jadi plak... ahakzzz... coz rasa nyerr aper yg kpyew suggest tuh memang betulll... bakper lak nak protect form kan???..

skang nie plak... aper yg saya tgh buat ialah memastikan nilai UserName perlu dipegang pada setiap action page... bagi menyimpan maklumat pendaftaran beserta UserName ke dlm d/base... hope i'll success

Bring UserName with every action page? --Nope, you do not need to explicitly do that. That UserName is kept in the session already... just use session.UserName to retrieve it...

Session is a session scoped variable which is available to all pages within that session.

__________________
webmaster @ http://kongtechnology.com

err kpyew...

>>> cam yg kat atas tuh ker arr?? tak cube lagi nie ... jap ekk... nak try ... ahakzz

<cfquery name="vrfUser" datasource="Staff" dbtype="ODBC">
SELECT *
FROM Staff
WHERE UserName = '#Session.UserName#'
</cfquery>

=)