Do you want to remember your members?
By: Pablo Varando

Do you want to remember your members?

By this I mean, on your login form, have you ever wanted to have a "Remember me" checkbox, allowing the member to not have to enter their username and password every time the come to your web site? The trick to this is using ColdFusion Cookies! No, Not chocolate chip cookie, ColdFusion cookie! (They taste even better then they sound! :) Let me show you an example:

First let me explain what cookies are, cookie are files that are stored in your browser to allow you to put and get information for later us (Think of your browser cookie area as a cookie jar and all the cookies you get online are different types of cookies. Now, defining and using a cookie in ColdFusion is actually quite simple. Let me show you how you define a cookie and how you read a cookie.

To define a cookie, you do this:
<cfcookie name="MyCookie" value="Hello">

To read a cookie, you do this:
<cfoutput>
   #cookie.MyCookie#
</cfoutput>

Now, cookies have a lot of settings you can use, but in this example we'll take it one step further, you will be using the "Expire" variable setting. This will allow you to tell the cookie when it expires and is no longer usable. In this tutorial we will set that value to NEVER, because we never want the cookie to expire (We want it to ALWAYS be accessible).

The first thing we must do it to create the login.cfm page, this will be the form that users will enter their username/password to log into the site.

The first thing we need to do is to see if the cookies exist, to achieve this we will use:

<cfif IsDefined("cookie.username")>
    <!--- a cookie exist, so let's put in this username automatically into the form --->
    <cfset username = cookie.username>
<cfelse>
    <!--- a cookie DOES NOT exist, so let's put a blank value in the username field --->
    <cfset username = "">
</cfif>

Next let's see if the password exists in the cookies (It's suggested that you dont save the password, but some of you MIGHT want that feature, so Im implementing the code either way :)

<cfif IsDefined("cookie.password")>
   <!--- a cookie exist, so let's put in this password automatically into the form --->
    <cfset password = cookie.password>
<cfelse>
    <!--- a cookie DOES NOT exist, so let's put a blank value in the password field --->
   <cfset password = "">
</cfif>

<cfoutput>
<form action="login_process.cfm" method="post">
   <table width="500" border="0">
      <tr>
        <td width="500" colspan="2"></td>
      </tr>
      <tr>
        <td width="250">Username:</td>
        <td width="250"><input type="text" name="username" value="#username#"></td>
      </tr>
      <tr>
        <td width="250">Password:</td>
        <td width="250"><input type="password" name="password" value="#password#"></td>
      </tr>
      <tr>
        <td width="250">Remember Me</td>
        <td width="250"><input type="checkbox" name="RememberMe" value="Yes"
                                   <cfif IsDefined("cookie.username") OR
                                   IsDefined("cookie.password")> CHECKED</cfif>></td>
      </tr>
      <tr>
        <td width="250"></td>
        <td width="250"><input type="submit" name="Process" value="Login"></td>
      </tr>
   </table>
</form>
</cfoutput>

The next thing we need is the page "login_process.cfm" this is where the magic takes place, not only do you actually authenticate your users to verify their members, but you also remember or forget their login information. Let's see the code:

<cfquery name="qVerify" datasource="YourDSN">
    SELECT        ID
    FROM           MEMBERS
    WHERE         meber_username = '#FORM.username#'
                AND member_password = '#FORM.password#'
</cfquery>

<cfif qVerify.RecordCount>
   
   <!--- this user is good, before actually logging them in, see if their information will be saved for next time --->
     <cfif IsDefined("RememberMe")>
         <!--- members wants their information remembered, so set the cookies --->
          <cfcookie name="username" value="#form.username#" expires="NEVER">
          <cfcookie name="password" value="#form.password#" expires="NEVER">
    <cfelse>
          <!--- member does NOT want their information remember, EXPIRE their cookies NOW so they are deleted for good! --->
          <cfcookie name="username" value="#form.username#" expires="NOW">
          <cfcookie name="password" value="#form.password#" expires="NOW">
    </cfif>

    <!--- now that you're done with the cookie, follow the REGULAR login procedures as you regularly do --->
</cfif>

That's pretty much it, you can now give your users the "ability" to not have to enter their login details everytime! :)

Questions? Comments? Let me hear from you!

About This Tutorial
Author: Pablo Varando
Skill Level: Intermediate 
 
 
 
Platforms Tested: CF4,CF5,CFMX
Total Views: 71,901
Submission Date: May 13, 2003
Last Update Date: June 05, 2009
All Tutorials By This Autor: 47
Discuss This Tutorial

  • I think you should store the username and password in the CLIENT scope (set to be stored in CF's memory) instead of the COOKIE

  • Pablo: Love the tutorial! How do we know the browser is allowing the cookie to be set on the clinet's computer? Ca you provide some guidance on how to do this Many Thanks

  • This is a great tutorial and I agree that password should not be remembered. Then again certain applications do not require strict security measures. Having said that it was great to see that you included this option. BroChild

  • You have to enable the cookies in the application.cfm, use the SETCLIENTCOOKIES to yes.

  • What needs to be set in the application file to make this all work? I'm having a problem getting both my session management and my cookies to work.

Advertisement

About
Resources
Social
Sponsored By...
Powered By...

© 2002-2012 EasyCFM, LLC. All rights reserved.
You are 1 of 881 active visitors.