Get a Quote Today!   |   + 1 (301) 424 3903




 
  Community
 
Need Help?
Visit our Training page
Request a Quote or Consultation
SIGN UP FOR THE TERATECH NEWSLETTER
 

ColdCuts

Cut: Starting New Sessions
Cut#: 156 
Cut Date: 01/21/2000 
Cutter: Cameron Childress 
Topic: Session Management 
Overview:

What would be best way to implement session management Application.cfm or Passing UrlToken.? How do you terminate a Session, if the user wants to check out before the timeout. I thought new browsers would change the session state , but it stays the same. How would you begin a new session, if the user pops up a new browser?

 

Cut Code:
You can force the CFID and CFTOKEN to vanish from the browser using the
following code in your application.cfm file:"

<!--- Set up Application Framework --->
<CFAPPLICATION NAME="App_name"
SESSIONMANAGEMENT="Yes"
SETCLIENTCOOKIES="NO"
SESSIONTIMEOUT="#CreateTimeSpan(0,0,20,0)#"
APPLICATIONTIMEOUT="#CreateTimeSpan(2,0,0,0)#">

<!--- Force creation of sessin tracking cookies which expire at browser
close --->
<CFCOOKIE NAME="CFID" VALUE="#Session.CFID#">
<CFCOOKIE NAME="CFTOKEN" VALUE="#Session.CFTOKEN#">

Note that the cfapplication tag does not set cookies, the CFCOOKIE tag does.
CFAPPLICATION by default will set cookies which will not expire at browser
close... CFCOOKIE will (when you don't specify ann expire date).

You can also kill a session entirely (if you are using CF's session mgmt)
with this code:

<CFSCRIPT>
StructClear(Session);
</CFSCRIPT>

And if you really want to destroy any trace of the session, you can reset
the CFID and CFTOKEN in the browser like so:

<CFCOOKIE NAME="CFID" VALUE="0">
<CFCOOKIE NAME="CFTOKEN" VALUE="0">