coldfusion application.cfm和受影响的文件 [英] coldfusion application.cfm and affected files
问题描述
如果我有一个受保护的后端站点,并且希望使用application.cfm文件,那么我该如何判断哪些页面使用了应用程序文件而哪些页面没有使用.
If I have a site where there is a protected back end and I'm looking to use an application.cfm file, how can I tell which pages use the application filesa and which ones do not.
index.cfm
update/application.cfm
update/loginexpired.cfm
update/login.cfm
update/somesecurepage.cfm
update/someothersecurepage.cfm
如果登录正确,我希望updates/login.cfm创建会话.
如果在没有正确登录的情况下访问安全页面update/somesecurepage.cfm和update/someothersecurepage.cfm,则应用程序应转发到update/loginexpired.cfm,但我不希望其他任何页面使用application.cfm.
I want updates/login.cfm to create the session if the login is correct.
If the secure pages update/somesecurepage.cfm and update/someothersecurepage.cfm are accessed without correct login the application should forward to update/loginexpired.cfm but I don't want any of the other pages to use application.cfm.
这是合理的还是应该使用cfinclude?
Is this plausible or should I use cfinclude instead?
推荐答案
-
始终确保使用大写字母"A"命名Application.cfm和Application.cfc文件.这样,如果您从Windows迁移到区分大小写的文件系统,就不会出现ColdFusion无法找到Application.cfm/cfc文件的问题.
Always make sure you name your Application.cfm and Application.cfc files with a capital "A". This way if you move from Windows to a case sensitive file system, you wont have an issue where ColdFusion cannot find your Application.cfm/cfc files.
就您的问题而言,就您当前的结构而言,"update"文件夹中的所有文件都将使用Application.cfm文件.它将在这些文件中的任何其他代码之前执行.如果只希望某些页面重定向到loginexpired页面,则通常创建一个子文件夹,将Application.cfm文件放在该文件夹中,该文件夹包括来自父文件夹<cfinclude template="../Application.cfm" />的Application.cfm文件.然后,在此文件中,您将添加安全检查.在父Application.cfm文件中,您将包含<cfapplication />标记.如果使用会话,请确保在cfapplication标记中启用会话管理. (<cfapplication name="myappname" sessionmanagement="true" />)
As far as your question goes, with your current structure, all files in the "update" folder will use the Application.cfm file. It will be executed before any other code in those files. If you only want certain pages to redirect to a loginexpired page, then I would typically create a subfolder, put an Application.cfm file in that folder that includes the Application.cfm file from the parent folder: <cfinclude template="../Application.cfm" />. Then in this file, you would add your security check. in the parent Application.cfm file you would include the <cfapplication /> tag. If you are using sessions, be sure to enable session management in your cfapplication tag. (<cfapplication name="myappname" sessionmanagement="true" />)
您的站点根目录中确实应该有一个Application.cfm或Applciation.cfc文件.否则,该应用程序将在没有应用程序范围的情况下运行. ColdFusion具有一种未命名"的应用程序,该应用程序无需定义的应用程序名称即可运行.您很可能会遇到不良影响.所有CF应用程序都应使用cfapplication标记或设置了this.name的Application.cfc文件来命名应用程序.
You really should have an Application.cfm or Applciation.cfc file in the root of your site. If you do not, the application will run without an application scope. ColdFusion has a kind of "unnamed" application where this would run without a defined application name. You will most likely encounter undesired effects. All CF apps should have a named application, using the cfapplication tag or a Application.cfc file with this.name set.
如果您将此编写为新应用程序,建议您使用Application.cfc而不是Application.cfm.您将有权访问应用程序,会话和请求生命周期(onApplicationStart/End,onSessionStart/End,onRequestStart/End)以及onError和onMissingTemplate事件处理程序,从而可以更好地控制应用程序的流程.
If you are writing this as a new application, I would suggest you use Application.cfc instead of Application.cfm. You will have access to the application, session and request life cycles (onApplicationStart/End, onSessionStart/End, onRequestStart/End) as well as the onError and onMissingTemplate event handlers giving your more control over the flow of your application.
这篇关于coldfusion application.cfm和受影响的文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
