473,549 Members | 2,813 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Please help: Losing Request Scope Variable Values

113 New Member
Hi there,

I've recently been updating a site to use locking on application level variables, and I am trying to use a commonly used method which copies the application struct into the request scope. Application variables are then accessed in this manner Request.App.<Va r>.

To begin with I had a simple functioning login system inside a subdirectory named admin, this subdirectory had it's own application.cfm , I wasn't sure whether to duplicate the method i used in the root application.cfm so i removed the admin/application.cfm and declared the vars i wanted in the root application.cfm .

Everything worked fine and I was able to log into the admin section as before, only when i tryed to navigate to a page in admin section my security component which deals with logging in etc, lost it's variable values.

I'm not sure why it is losing the information, and was hoping someone could point me in the right direction please?

Here is the relevant code:

/Application.cfm :

Expand|Select|Wrap|Line Numbers
  1. <cfapplication name="myApp" sessionTimeout="#CreateTimeSpan(0, 0, 20, 0)#" sessionmanagement="yes" clientmanagement="yes">
  3. <!--- initialise objects --->
  4. <cfsetting showdebugoutput="no">
  5. <cfimport taglib="taglib" prefix="func">
  7. <!--- Create an exclusive lock for the Application scope and
  8.    set a default value for Application.Initialized. --->
  9. <cflock scope="Application" timeout="10" type="exclusive">
  10.   <cfparam name="Application.Initialized" default="false">
  11.   <!--- Create a Request variable to hold the value so you don't
  12.     need a read lock to get it in the next block of code. --->
  13.   <cfset Request.Initialized = Application.Initialized>
  14. </cflock>
  16. <!--- If Request.Initialized is false, then the Application scope
  17.    has been reset and the variables need to be set. --->
  18. <cfif NOT Request.Initialized>
  19.   <!--- Create an exclusive Application scope lock and set the values. --->
  20.   <cflock scope="Application" timeout="10" type="exclusive">
  21.     <cfscript>
  22.       Application.Initialized = true;
  23.           <!--- define app level vars --->
  24.     </cfscript>
  25.   </cflock>  
  26. </cfif>
  28. <!--- Create a read-only lock for the Application scope
  29.    and duplicate it into Request.App. --->
  30. <cflock scope="Application" timeout="10" type="readonly">
  31.   <cfset Request.App = Duplicate(Application)>
  32. </cflock>
  34. <!--- Create a read-only lock for the Session scope
  35.    and duplicate it into Request.Ses. --->
  36. <cflock scope="Session" timeout="10" type="readonly">
  37.   <cfset Request.Ses = Duplicate(Session)>
  38. </cflock>
  40. <func:initSecurity> <!--- Instantiates security component --->
/taglib/initSecurity.cf m

Expand|Select|Wrap|Line Numbers
  1. <!--- init registration session --->
  2. <cflock scope="Session" timeout="10" type="readonly">
  3.     <cfscript>
  4.         if(NOT isDefined("Request.Ses.security")) {
  5.             Request.Ses.security = createObject("component","com.security");
  6.         }
  7.     </cfscript>
  8. </cflock>


<!--- security component --->
Expand|Select|Wrap|Line Numbers
  1. <cfcomponent >
  2.     <!--- define vars --->
  3.     <cfscript>
  4.         // datasource
  5.         This.dsn = Request.App.dsn;
  6.         // member details
  7.         This.memberid = "";
  8.         This.loggedIn = 0;
  9.         This.password = "";
  10.         This.username = "";
  11.         This.roles = "";
  12.         // referal info
  13.         This.returnURL = "";
  14.     </cfscript>
  15.     <cffunction name="validate" access="public" output="true" hint="validates username and password">
  16.         <cftry>
  17.             <cfquery name="validate" datasource="#This.dsn#">
  18.                 SELECT id,username,password,roles
  19.                 FROM cms_security
  20.                 WHERE username = '#This.username#'
  21.                 AND password = '#hash(This.password)#'
  22.             </cfquery>
  23.         <cfcatch type="database">
  24.             <p>Sorry, cannot validate user.</p>
  25.             <cfabort>
  26.         </cfcatch>
  27.         </cftry>
  28.         <cfscript>
  29.             if (validate.recordCount EQ 1) {
  30.                 This.roles = validate.roles;
  31.                 login();
  32.             }
  33.         </cfscript>
  34.         <!---
  35.         <cfif This.returnURL NEQ "">
  36.             <cfset tmpURL = This.returnURL>
  37.             <cfset This.returnURL = "">
  38.             <cflocation url="#tmpURL#" addtoken="no">
  39.         </cfif>
  40.         --->
  41.     </cffunction>
  42.     <cffunction name="login" access="private" output="false" hint="sets values for user session">
  43.         <cfscript>
  44.             This.loggedIn = 1;
  45.             This.password = "";
  46.         </cfscript>
  47.     </cffunction>
  48.     <cffunction name="logout" access="public" output="false" hint="clears security session, logging user out">
  49.         <cfscript>
  50.             This.memberid = "";
  51.             This.loggedIn = 0;
  52.             This.password = "";
  53.             This.username = "";
  54.             This.name = "";
  55.             This.roles = "";
  56.             // referal info
  57.             This.returnURL = "";
  58.         </cfscript>
  59.     </cffunction>
  60.     <cffunction name="protect" access="public" output="true" hint="checks user list of roles against one allowed role">
  61.         <cfargument name="roles">
  62.         <cfargument name="redirectURL" default="../index.cfm">
  63.         <cfif NOT isDefined("Request.Ses.security") OR Request.Ses.security.loggedIn EQ 0>
  65.         <cflocation url="#redirectURL#" addtoken="no">
  66.             <cfdump var="#Request#"> <!--- Has lost security object at this point --->
  67.         </cfif>
  68.         <cfset roleFound = false>
  69.         <cfdump var="#Request.Ses#">
  70.         <cfloop list="#Request.Ses.security.roles#" index="sessionRole">
  71.             <cfif listFindNoCase(roles,sessionRole) GT 0><cfset roleFound = true></cfif>
  72.         </cfloop>
  73.         <cfif roleFound EQ false><cfdump var="#This.roles#"><!---<cflocation url="#redirectURL#" addtoken="no">---></cfif>
  75.     </cffunction>
  76.     <cffunction name="protectGeneral" hint="protects page from un-logged-in users">
  77.         <cfargument name="redirectURL" default="../index.cfm">
  78.         <cfif NOT isDefined("Request.Ses.security")>
  79.             <cflocation url="#redirectURL#" addtoken="no">
  80.         </cfif>
  81.         <cfif Request.Ses.security.loggedIn NEQ 1>
  82.             <cflocation url="#redirectURL#" addtoken="no">
  83.         </cfif>    
  84.     </cffunction>
  85.     <cffunction name="findUsername" access="public" output="false" hint="checks to see if username is in db">
  86.         <cfargument name="dsn" required="yes">
  87.         <cfargument name="theUsername" required="yes">
  89.         <cftry>
  90.             <cfquery name="get" datasource="#dsn#">
  91.                 SELECT username
  92.                 FROM cms_security
  93.                 WHERE username = '#theUsername#'
  94.             </cfquery>
  95.             <cfreturn get.username>
  96.          <cfcatch type="database">
  97.             <p>Sorry, cannot find username.</p>
  98.             <cfabort>
  99.         </cfcatch>
  100.         </cftry>
  101.     </cffunction>
  102.     <cffunction name="setNewPassword" access="public" output="false" hint="sets new password">
  103.     <cftry>
  104.         <cfquery name="set" datasource="#This.dsn#">
  105.             UPDATE cms_security
  106.             SET
  107.             password = '#hash(This.password)#'
  108.             WHERE id = #This.id#
  109.         </cfquery>
  110.         <cfset This.password="">
  111.     <cfcatch type="database">
  112.         <p>Sorry, setting of new password failed.</p>
  113.         <cfabort>
  114.     </cfcatch>
  115.     </cftry>
  116.     </cffunction>
  117. </cfcomponent>

The admin section has the following structure:

/admin/display/login.cfm - Login form
/admin/display/dologin.cfm - Shown on login

I wasn't sure where to put the code to test the user so i have tryed in the index.cfm and the display/* files.

This code checks for the logged in user:
[CODE"]<cfset Request.Ses.sec urity.protect(" staff")>[/code]

The security object and it's variables exist when the /admin/index.cfm page is run I have checked with cfdump.

It's just when i try to access one of the function pages

/admin/news/index.cfm?actio n=add

the values stored in the security object get reset somehow.

Has anyone any ideas?


Apr 10 '08 #1
5 6119
16,027 Recognized Expert Moderator MVP
If you're calling <cflocation>, then wouldn't the page have been redirected before you got to cfdump:
Expand|Select|Wrap|Line Numbers
  1. <cflocation url="#redirectURL#" addtoken="no">
  2. <cfdump var="#Request#"> <!--- Has lost security object at this point --->
Apr 10 '08 #2
113 New Member
If you're calling <cflocation>, then wouldn't the page have been redirected before you got to cfdump:
Expand|Select|Wrap|Line Numbers
  1. <cflocation url="#redirectURL#" addtoken="no">
  2. <cfdump var="#Request#"> <!--- Has lost security object at this point --->
Ah heheh, thanks acoder a rather silly mistake!
Jun 11 '08 #3
16,027 Recognized Expert Moderator MVP
No problem! Is it April 11th or June 11th? :p
Jun 11 '08 #4
113 New Member
No problem! Is it April 11th or June 11th? :p
Heheh definately June, something not quite right on this forum!
Jun 11 '08 #5
1 New Member
May I ask a very basic question to you? Why are you setting request variables when you already have the variables set either in application or session? These two are global for either the period of time the application is running and the user session is active. I strongly suggest refraining from using request variables except when it is specifically for that page and only that page. Do not reinvent the wheel they say when it has already been done ie: do not push global variables to local variable status. Think about how the coldfusion server handles a datasource at the application level vs. at a local variable level. If you guessed it, so much caching going on for even one application. Cannot reuse cached queries for other users of same application. Request and local variables die once you leave that page and that will even generate more caching especially at the datasource, unique caching for every page that runs a query. Just some thoughts for you to think about.
Aug 11 '10 #6

Sign in to post your reply or Sign up for a free account.

Similar topics

by: Russ Perry Jr | last post by:
I'm using "ID" and "Value" in the generic sense here... Let's say one page I had a <html:select> with a collection like this: <html:options collection="items" property="key" labelProperty="value"/> In this case "key" is what I mean by "ID", and "value" is what I mean by "Value" -- the "Value" is shown to the user, but the "ID" is what I...
by: Michele Simionato | last post by:
I have read with interest the recent thread about closures. The funny thing is that the authors are arguing one against the other but I actually agree with all of them and I have a proposal that may be of some interest. To refresh your memory, I report here some quotation from that thread. Jacek Generowicz: > I sumbit to you that...
by: thomas | last post by:
I'm having a bit of trouble using Request.QueryString(). I want to click on the link to browse all <artist> records in an xml file begining with a particular letter. Any ideas where I'm going wrong? index.html ======= <html> <body> <p>browse by artist</p>
by: rked | last post by:
I get nameSPAN1 is undefined when I place cursor in comments box.. <%@ LANGUAGE="VBScript" %> <% DIM ipAddress ipAddress=Request.Servervariables("REMOTE_HOST") %> <html> <head> <meta http-equiv="Content-Type" content="text/html;
by: milkyway | last post by:
Hello, I have an HTML page that I am trying to import 2 .js file (I created) into. These files are: row_functions.js and data_check_functions.js. Whenever I bring the contents of the files into this HTML file, all is OK but whenever the functions are separated (as it is now), when I run the page, I get the following error: Line 73,...
by: Joe Molloy | last post by:
Hi, This isn't a mission critical question but I thought I'dl throw it out there for your feedback as it's a bit curious. I have developed a shopping cart for an application I'm working on which is loosely based on the e-commerce example in the quickstarts tutorial. In the cart display I have provided functionality so that when a user...
by: Adrian Parker | last post by:
We have a website that works everywhere but on a few PCs on this one site.. Asp.Net 1.1 Server = Windows 2003 Client = XP In the web.config we use - cookieless="false" in the browser settings they have "Always allow session cookies" set to true When the browser connects to the website the first page sets a session variable called...
by: 60325 | last post by:
This is the page where I collect the data in drop-down boxes with values of 1-10 and send it to a submitted page to do calculations. Example: Employee1 TeamScore(1-10) Employee2 TeamScore(1-10) Employee3 TeamScore(1-10) Employee4 TeamScore(1-10) Then I submit this page with all the values in TeamScore for every employee and...
by: TF | last post by:
Hello all, I made a ASP.NET 2.0 site that shows possible "recipes" for paint colors stored in an access dbase. Basically, 1000 colors are stored with specific RGB values in separate columns. A user sees all the colors listed on the page with hyperlinks that open the "mixes" page. The mixes page goes through each record, compares it with...
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.