I am making this tutorial very brief so you do not have to hear me
       very long. Quick and to the point. This CFLOGIN tutorial will help
       you keep you pages of login and logout and session management all
       set to 1 page included in the Application.cfm file. The following
       code is all to be placed in your Application.cfm file. Read each
       comment I have included and it will explain (without a lot of detail)
       exactly what is taking place. Although this code is fully functional
       as it is written now, I do recomend you include a few scripts such as
       invalid_login and other obvious scripts which should be included in a login.
                                                                             -Wesley Geddes-

<!-- Underneath is the SQL which I used in MYSQL to create the table -->
CREATE TABLE table_name (
                id integer auto_increment Primary Key,
                user varchar(20),
                pass varchar(20),
                admin integer

<!-- Variables which need to be defined -->
<cfparam name="URL.logout" default="0">
<cfparam name=
"invalid_login" default="0">
<!-- Define the datasource (DSN) name -->
<cfset dsource = "login">

<!-- Code will not be executed unless #FORM.username# IS NOT "" -->
<cfif structKeyExists(form,"username")>

    <!-- Check Username, Password, and Level of Administration -->
    <cfquery name="check_user" datasource="#dsource#">
            SELECT user, pass, admin
            FROM table_name
            WHERE user = '#FORM.username#' and pass = '#FORM.password#'

    <!-- If there is a valid User then Login user -->
    <cfif check_user.recordcount is not 0>
        <!-- Log them in with a timeout of 30 minutes (1800 sec) and set level of Admin-->
        <cflogin idletimeout="1800">
                    name =
                    password =
                    roles =

        <!-- If an invalid Login Attemp, Set invalid to 1 for invalid login script -->
        <cfset invalid_login = 1>


<!-- If index.cfm?logout=1 is clicked then Log The User Out -->
<cfif URL.logout is 1>
    <cflocation url=

<!--- Simple index.cfm file that logs you in --->
<cfif GetAuthUser() is "">
    <form name="form1" method="post" action="index.cfm">
        User: <input name="username" type="text" id="username"><br>
        Pass: <input name="password" type="text" id="password"><br>
        <input type="submit" name="Submit" value="Submit">

    <p>User: <cfoutput>#GetAuthUser()#</cfoutput></p>
    <a href="index.cfm?logout=1">Logout</a>

About This Tutorial
Author: Wesley Geddes
Skill Level: Intermediate 
Platforms Tested: CFMX
Total Views: 152,271
Submission Date: February 06, 2005
Last Update Date: June 05, 2009
All Tutorials By This Autor: 1
Discuss This Tutorial
  • I want to pass the info from cookies ,why so using URL's that will be visible to all.

  • Sorry about the length of time for answer.......just moved back to Houston area. Set the page for no cache. Try that. Also in the Application......include session details.

  • I've tested your code...but having problem with the logout.After the user clicked the logout link..why they still can access the page by clicking the back button. thank you..

  • thanks for the tutorial man keep it up

  • The whole reason this tutorial was written was because the only other cflogin tutorial posted for cflogin is http://tutorial67.easycfm.com/ A beginer CF programer will not and does not understand that tutorial. It is set on a much higher level than beginer. Mine is here so a noobie can understand exactly what is going on and why it is working. A tutorial serves no purpose if the end user must go define or lookup certain tags that are included in the tutorial. The level of this tutorial is not "Easy", its "Very Easy". Nothing has to be referenced or looked up to be understood. Please keep in mind this is for a Very Early Bird CF Developer. Thanks for your comments though.

  • I belive in whatever code snipplet you write you should set the example on how it should look, ALL of it, not just a part. there are alot of new people looking around these tutorials and i think setting them on the right path coding wise will save them headaches later.

  • Make sure you read the top in the comments. Here Ill quote them for you.... "Although this code is fully functional as it is written now, I do recomend you include a few scripts" This was written just so people can understand how cflogin works. The main and only part that people should understand from here is...

  • First of all i think your login is fine and all but it is quite lengthy and can be shortened ALOT. first you need to use cfqueryparam in your queries, if you opt not someone could exploit your database that way. another thing, with the release of cf7 u can use the built in form validator in cfform to validate that the forms are filled in. but like i said its not bad for a beginner.

  • Hey guys, if you view my tutorial....please rate it. Thanks everybody! :)

  • Thanks Gavy for the comments. I am currently writing an online university for the Federal Department of Education which somewhat matches what you are preparing. The only other thing of course is the courses. What exactly are you wanting to do with the cookies? Are you saying instead of passing variables through #URL.name# you would like them to be stored in cookies? Please explain. Thanks again! More tutorials to come soon :)


Sponsored By...
Mobile App Development (IOS, Android, Cordova, Phonegap, Objective-C, Java) - Austin, Texas Mobile Apps - Touch512, LLC.