1

我正在尝试使用以下内容为我网站的管理文件夹启用页面安全性

我的应用程序的结构就像 switch case 语句

index.cfm页面有switch.cfm进一步将代码定义为:

<cfswitch expression="#mode#">
<cfcase value="admin.1"><cfinclude template="1.cfm"></cfcase>
<cfdefaultcase><cfinclude template="login.cfm"></cfcase>
</cfswitch>

现在我application.cfc的定义是这样的

<cfif (NOT structKeyExists( session, "isLoggedIn" )) OR (session.isLoggedIn eq false) AND CGI.query_string contains 'admin'>
<cfinclude template="index.cfm"> - why `index`, it will include the `switch.cfm` and `switch.cfm` has the `defaultcase` of `login.cfm`, so apparently it will include `login.cfm` - **This is why i think it should do**.

现在,当我将我的页面称为:

http://localhost/?mode=admin.1- 它进入它,而不是将用户发送到login.cfm,我错过了什么

4

1 回答 1

1

我相信你的逻辑是错误的......

你在说:

如果未登录,请包含 index.cfm

在 index.cfm 你问的是,

if mode == admin.1 then include 1 else include the login

您正在以正确的模式传递,因此 admin.1 运行。

你可能想要这样的东西:

<cfif (NOT structKeyExists( session, "isLoggedIn" )) OR (session.isLoggedIn eq false) AND CGI.query_string contains 'admin'>
    <cfinclude template="login.cfm">
<cfelse>
    <!--- this should mean the user is logged in --->
    <cfinclude template="index.cfm">
</cfif>

或类似的东西...

于 2015-06-11T10:35:39.857 回答