One of the functions of the Log In User server behavior is that it creates a session variable when the user successfully logs in. The problem is, the session scope is inactive by default, which means that the log-in page won't work. You'll have to activate session management in the ColdFusion Web application framework. Doing so is a simple matter of creating a new file (application.cfm), and entering a single line of code.
Create a new page in code view. Delete all of the code on the page, including any HTML, XML, or other tags or code.
Application.cfm is not a regular Web page, and so it should not have any code on it to begin.
In the first line, type the following code:
[View full width]<cfapplication sessionmanagement="yes" setclientcookies="yes" name="newland_tours" sessiontimeout="#CreateTimeSpan(0, 0, 20, 0)#">
The <cfapplication> tag effectively creates an application and enables the Web application framework. It has several attributes, many of which are optional. One required attribute is name, which is any name you want to give your application. The other attributes used here enable session management, enable the setting of cookies, and create a session timeout.
You'll note that rather than specifying a simple period of time in the sessiontimeout attribute, there is a function, CreateTimeSpan(). This function takes four parameters, standing for days, hours, minutes, and seconds. Thus, the sessiontimeout is set for 20 minutes. In other words, if a user is inactive or leaves the site to browse on other pages for more than 20 minutes, all session variables associated with that user are flushed. In practical terms, it means the user would have to log in again.
Save, close, and upload application.cfm.
At this point you can test the registration and log-in features you've added in this lesson. As mentioned earlier, try to break the application, by entering every variation you can think of.