<!--- Process login form --->
<cfquery name="check" datasource="security">
 SELECT user_id
 FROM users
 WHERE user_login='#FORM.login#'
  and user_password='#FORM.password#'
</cfquery>
<!--- If user found set session variable --->
<CFIF check.RecordCount IS NOT 0>
 <CFSET Session.user_id=check.user_id>
 <!--- Get list of permissions --->
 <CFQUERY Name="permissions" Datasource="security">
  select permission_name
  from permissions
  where permission_id in
   (select permission_id
    from user_permissions
    where user_id=#check.user_id#)
 </cfquery>
 <!-- Build a list of user permissions -->
 <CFSET Session.permissions="">
 <CFLOOP QUERY="permissions">
  <CFSET Session.permissions =
   ListAppend(Session.permissions,permission_name)>
 </cfloop>
 <!--- Finished login, send to main menu --->
 <CFLOCATION URL="menu.cfm">
</CFIF>

<html>
<head>
 <title>Invalid Login</title>
</head>

<body>
<B>Invalid Login.</b>
Use the back button to try again.
</body>
</html>