Prev: Consuming the Gunbroker API
Next: err.io.short_read
From: coldfuse228 on 2 Feb 2007 18:05
Hi BKBK, right now, I am trying to create an audit table that keeps track of
when a user logs in, what a user does after login and also when the user logs
out. In Application.cfm, I'm going to set a variable called
'Session.isUserFirstTime' with default value of zero. After user logs in,
"isUserFirstTime" will be set to 1and I will insert a row to my audit table
that user has logged in. My <cfif> condition will prevent any additional
inserts to the database.
I would like your thoughts on what I am going to do and potential pitfalls
that might occur. I know all users will access the same application.cfm, so
will there be any potential mixup of data or variables ("isUserFirstTime")?
Thank you so much for your help. I have pasted code below.

<cfparam name="Session.isUserFirstTime" default=0>
<cfif (Len(Trim(getAuthUser())) NEQ 0) AND Session.isUserFirstTime eq 0>
<cfset session.isUserFirstTime = 1>
<cfinvoke
component="components.login"
method="auditUserLogin"
returnVariable="result">
<cfinvokeargument name="user" value="#getAuthUser()#">
<cfinvokeargument name="userAction" value="Logged in successfully">
<cfinvokeargument name="DSN" value="#DSN#">
</cfinvoke>
</cfif>

From: BKBK on 3 Feb 2007 01:21
[i]> My only concern now is that if there are 10 different users
> who are going to hit this application.cfm code section with
> "<cfif Len(Trim(getAuthUser())) NEQ 0><cfset session.userID="282828">..."
> code, is there going to be any mixing up of information.[/i]

Yes, there is going to be mix-up of information. However, that would happen no
matter where you put the code. The problem is that you are giving every user a
static, hard-coded ID.

If there is no need for a user ID, then don't use one. Usually, if there is a
need for it, then it has to be unique.

[i]> Like for example, "John" might have just logged in and gone
> through <cflogin></cflogin> block, but then right before we get
> to setting the session.userID, "Mary" might intervene and
> then the session.userID gets mixed up. [/i]

That could happen with a variable in a scope higher up, for example, with
application.userID. However, sessions are distinct, not shared between users.
Even though John and Mary share the same session.userID value of 282828,
Coldfusion doesn't mix up their respective values. It maintains the sessions in
parallel. For example, the code

<cfif getAuthUser() is "John">
<cfset session.userID = session.userID+1>
</cfif>

would raise John's session.userID to 282829, but Mary's would still be at
282828.

The main trouble with setting a static, hard-coded session.userID is that you
couldn't then use it to make a distinction like [i]"if session.userID equals
such and such, then do such and such"[/i]. If you need unique IDs, then use,
for example

<cfset session.userID = createUUID()>



From: BKBK on 3 Feb 2007 02:21
[i]> isUserFirstTime[/i]

Since an hour ago?
Since last week?
First time ever?

You may have to cross-check with the database, as in this example



<cfif (Len(Trim(getAuthUser())) NEQ 0) AND Session.isUserFirstTime eq 0>
<cfquery name="userFreq" datasource="myDSN">
SELECT Max(loginDate) as lastLoginDate
FROM loginTbl
WHERE user_name = '#getAuthUser()#'
</cfquery>
<cfif userFreq.recordcount EQ 0><!--- first time ever --->
<cfset session.isUserFirstTime = 1>
<!--- code should include update of loginTbl--->
<cfinvoke
component="components.login"
method="auditUserLogin"
returnVariable="result">
<cfinvokeargument name="user" value="#getAuthUser()#">
<cfinvokeargument name="userAction" value="Logged in successfully">
<cfinvokeargument name="DSN" value="#DSN#">
</cfinvoke>
<cfelseif userFreq.lastLoginDate LT dateAdd("d",-1,now())><!--- first time in
past 24 hrs--->
<cfset session.isUserFirstTime = 1>
<!--- code should include update of loginTbl--->
</cfif>
</cfif>

From: coldfuse228 on 3 Feb 2007 17:48
Hi BKBK, thank you so much for your help, I'm going to dig into my code Monday morning, and think this through again. I hope I can talk to you soon again.
-C
From: BKBK on 4 Feb 2007 06:57
Till then. Good luck.


First  |  Prev  |  Next  |  Last
Pages: 1 2 3
Prev: Consuming the Gunbroker API
Next: err.io.short_read