Coldfusion Login Script

Posted At : 30 August 2008 18:11 | Posted By : Jonny Shaw
Related Categories: Coldfusion Tutorials

Here i am going to show you how to make a login script that will check users against a database for the user name and password.

First of all we will need to make a login form, this is just going to be a basic form with a user name field, password field and a login button.

<form id="Login" action="login_action.cfm" method="post" name="Login">
<table cellspacing="0" cellpadding="0" width="300" align="center" border="0">
<tbody>
<tr>
<td colspan="2">
<div class="style2" align="center"><strong>Login</strong></div>
</td>
</tr>
<tr>
<td>Username</td>
<td><input id="Username" name="Username" type="text" /></td>
</tr>
<tr>
<td>Password</td>
<td><input id="Password" type="password" name="Password" /></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Submit" /></td>
</tr>
</tbody>
</table>
</form>

Now we have the form we need check the form and see if the user exists and that there password is correct. If the details are not correct they will be sent back to the login page.

If the details are correct then we will set there user name as a session variable so that it can be used in the site, and we will send them to the secure page.

<cfquery datasource="Users" name="Login">SELECT * FROM users WHERE username = '#FORM.username#' AND password = '#FORM.username#' <cfif is="" login.recordcount=""><cflocation addtoken="No" url="login.cfm?badlogin=1"><cfelse><cfset session.loggedin="1"><cfset session.username="#Login.username#"><cflocation url="/index.cfm">

As you can see this is a very basic script, but it is all you need to get started. I will soon be covering how to store encrypted passwords in your database and how to add roles to the users.

Comments ( 6 ) | Send | del.icio.us | Digg It! | Linking Blogs | 6070 Views

Related Blog Entries

Comments
[Add Comment]
Esmeralda's Gravatar What about using labels and possibly CSS for styling since it is a simple form?
# Posted By Esmeralda | 27/10/08 14:15
Jonny Shaw's Gravatar well this post is more about the login script than the form
# Posted By Jonny Shaw | 27/10/08 17:08
Patti's Gravatar Thank you for explaining this - just what I was looking for!
# Posted By Patti | 06/11/08 17:39
Robin Ford's Gravatar Hi jonny, I am a bit of a virgin to CF and MySQL. I have created a login screen for an intranet site using DreamWeaver employing CF and MySQL and though the script is created in dreamweaver itself, it fails to login every time. I am getting redirected to the failed login page but despite checking that all is as it should be I can't login. Do you have any suggestions?.......I'm about to call those nice men in their clean white coats!!!!! Thanks in anticipation. 4Dy.
# Posted By Robin Ford | 13/08/09 17:10
Jonny Shaw's Gravatar I would have no idea without seeing the code. Maybe you could post it up.
# Posted By Jonny Shaw | 13/08/09 19:41
Robin Ford's Gravatar Hi Jonny, I really appreciate you helping me with this. I have added the code from dream weaver which you would know is placed at the head of the code page...If there is anything else that you would need please don't hesitate to let me know.

Once again...Many thanks.

The Code in qustion:
<cfif IsDefined("FORM.username")>
<cfset MM_redirectLoginSuccess="Client_contacts.cfm">
<cfset MM_redirectLoginFailed="login_fail.cfm">
<cfquery name="MM_rsUser" datasource="intranet" username="robinford" password="Combat01">
SELECT username,password FROM users WHERE username=<cfqueryparam value="#FORM.username#" cfsqltype="cf_sql_clob" maxlength="15"> AND password=<cfqueryparam value="#FORM.password#" cfsqltype="cf_sql_clob" maxlength="9">
</cfquery>
<cfif MM_rsUser.RecordCount NEQ 0>
<cftry>
<cflock scope="Session" timeout="30" type="Exclusive">
<cfset Session.MM_Username=FORM.username>
<cfset Session.MM_UserAuthorization="">
</cflock>
<cfif IsDefined("URL.accessdenied") AND false>
<cfset MM_redirectLoginSuccess=URL.accessdenied>
</cfif>
<cflocation url="#MM_redirectLoginSuccess#" addtoken="no">
<cfcatch type="Lock"><!--- code for handling timeout of cflock --->
</cfcatch>
</cftry>
</cfif>
<cflocation url="#MM_redirectLoginFailed#" addtoken="no">
<cfelse>
<cfset MM_LoginAction=CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ "">
<cfset MM_LoginAction=MM_LoginAction & "?" & XMLFormat(CGI.QUERY_STRING)>
</cfif>

And thats it.
I understand that there are a couple of issues with this between CF 8 and Dreamweaver CS3 and am still researching as to what solutions may be available.

Many many thanks.

Rob.
# Posted By Robin Ford | 15/08/09 13:05
[Add Comment]

Archives By Subject

Advertising (4) [RSS]
Blog Design (1) [RSS]
CFProject Scripts (2) [RSS]
Coldfusion Charts (3) [RSS]
Coldfusion Functions (5) [RSS]
Coldfusion Overview (1) [RSS]
Coldfusion Tutorials (16) [RSS]
For Sale (2) [RSS]
Image Manipulation (1) [RSS]
Java (1) [RSS]
JavaScript (4) [RSS]
PHP (1) [RSS]
Railo (4) [RSS]
SQL (1) [RSS]
Useful Tools (3) [RSS]

Recent Comments

Simple Coldfusion Upload Script
Alban said: Here is the error I get on the cffile line: String index out of range: -1 [More]

Coldfusion 8 Functions
Mark said: Can Cold Fusion do math functions similar to say Excel? I need to make several calculations, and if ... [More]

BlogCFC on Railo
iphone clone said: Thanks for sharing [More]

Coldfusion Protx VSP Form Integration Kit
confinedspace said: @Dom: Cheers for that - helped me out. Just one thing to note, I would add "all" as a thir... [More]

Coldfusion to PHP?
Jonny Shaw said: PHP is very similar to most other OOP languages, which i am quite familiar with, so it wasn't really... [More]

Recent Entries

No recent entries.
ColdFusion Blog | ColdFusion Hosting | ColdFusion Q & A