In <C1D731ADC100D41180EE00B0D021A05A0AEB@BLUEMOUNTAIN>, Rich Wild
([EMAIL PROTECTED]) in a fit of unbridled passion, wrote:
> Hi all,
>
> I think I probably have this wrong.
>
> Here we go though....
>
> I'm storing all my client vars in a database - and I have set the CF Admin
> to purge all of these after 1 day - however, it ain't happenin...
>
> What this means is that past CFIDs and CFTOKENs can be reused, which kinda
> dents my security a little :(
>
> Has anyone got any advice on how to get the var storage DB to rid itself of
> the data?
>
> Without me doing it manually that is ;)
Well, you could expire the CFID and CFTOKEN cookies immediately, or if
you are storing your client variables in a datasource, I would think
that deleting them programatically would also work. There are two
tables, cdata and cglobal, both with a cfid column. The CFID column is
in the format of <cfid>:<cftoken>. On a whim, I just tried adding
another column to this table (a date column) to see if I could modify
it. CF didn't like it much. :)
HTH,
-R
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
