SSI login with ColdFusion

[BLITZZ]

I've seen a few posts in here asking for a way to use SSI.php with ColdFusion and think this might work?

I'm an amateur developer (just starting), please someone correct me if I'm wrong and this is not secure.  I believe it is.


basic php login page code:

Code Select Expand

<?php
require('yourpath\ssi.php');

global $context;

if ($context['user']['is_guest'])
   {
      ssi_login();
   print
 '<h5>Access Denied</h5>
 Sorry, you must register in our forum before accessing this page.';
   }


else
   {
     //set an admin password for extra security so page can't be called with username or user id or whatever else your using to authenicate
 $adminpw = "mypassword"
 //set a username varable
 $un = $context['user']['name'];
 //the include must be made with an http call in order to pass a variable. A local path will produce an error.   http://yourdomain.com/fullpath
 include("http://yourdomain.com/members/yourcfpage.cfm?pass=$adminpw&user=$un"); 
   }


?>


your included cfpage code:

Code Select Expand

<!--- Check to see if your admin password was passed--->
<cfif NOT Isdefined("URL.pass")>
<p>You are not authorized to view this page!</p>
<cfabort>
</cfif>
<!--- Check to see if your admin password correct--->
<cfif URL.pass is "mypassword" >
<!--- Your ColdFusion Page content with passed variables--->
<cfoutput>
#URL.un#
</cfoutput>
<cfelse>
<p>You are not authorized to view this page!</p>
<cfabort>
</cfif>

You may then query the members table to get more user info, or just pass it along in the include tag like above. Unlike other redirect methods posted on this board, the variables stay hidden.
good to go?