Douglas, Is that right? Maybe I misunderstood your message, but it doesn't seem correct to me that opening a new window would open a new session with new CFID and CFTOKEN values. This is a big point of confusion in my office, where some folks think of a session as an uninterrupted series of page hits to a single site from a single browser window on a single computer. In CF terms, though, any hit from a single computer will get the same session vars until they expire.
Please correct me if I'm wrong. Matthieu -----Original Message----- From: Douglas Brown [mailto:[EMAIL PROTECTED]] Sent: Friday, July 26, 2002 2:33 PM To: CF-Talk Subject: Re: Setting and evaluating session variables Well he is saying that if he opens a new window and types in a URL that does not go to his splash screen that it is not redirecting. If he opens a new window, it should be a different session with different CFID & CFTOKEN values. Basically... In application.cfm <CFAPPLICATION NAME="myApp" CLIENTMANAGEMENT="Yes" SESSIONMANAGEMENT="Yes" SESSIONTIMEOUT="#createTimeSpan(1, 0, 0, 0)#"> <cfparam name="session.initialized" default="false"> <cfif session.initalized eq "false"> <cflocation url="splash1.cfm" addtoken="no"> </cfif> splash1.cfm <cfif not(isDefined("session.initialized"))> <cfset session.initialized = "true"> </cfif> splash2 You wont need anything, because application.cfm will handle it... Douglas Brown Email: [EMAIL PROTECTED] ----- Original Message ----- From: "Cornillon, Matthieu" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Friday, July 26, 2002 10:51 AM Subject: RE: Setting and evaluating session variables > Hi. I think that I see the problem that you are having. My explanation may > seem overly simple at first, but bear with me. > > Session variables are stored on the CF server. A given set of session > variables is tied to a given user by two key values: CFID, and CFTOKEN. > These values are sent to your machine as cookies when you access any page on > the server. Now, as long as you are accessing the server from that machine, > and as long as you have cookies enabled and don't replace them, the session > variables will stay set for the default expiration time (which is probably > set to something like 2 hours in your CF Administrator). > > So, the reason that you're getting weird behavior is that > session.initialized is staying set for at least 2 hours from the time you > first hit that page during a given day. This makes testing really hard, > right? I think that your application is set up properly, but you are having > trouble testing it. I recommend this: > > Create a page called wipeout.cfm or something that erases all the cookies > and session variables that you don't want to keep. I keep a link to this on > the link bar in IE, so that I can return to "regular user" state whenever I > need to. The statements you'll need are: > > <CFCOOKIE expires="NOW" name="COOKIENAME" value="invalid"> > <CFLOCK scope="SESSION" timeout="30" type="EXCLUSIVE"> > <CFSET dummy=StructClear(session)> > </CFLOCK> > > Repeat the CFCOOKIE line for as many cookies as you need to erase. The > CFSET statement will wipe out all session variables in one shot. > > Also, your test for the value of Session.Initialized should not be for it's > value, but for its existence: > > <CFIF not IsDefined("Session.Initialized")> > <CFLOCATION... > > This should let you test your system without pulling your hair out at what > seems like completely inconsistent behavior. > > Now, however, I want to make sure that you aren't going for something > different than what I think. I want to map out a path of use and how it > would work under your current layout (assuming a two-hour expiration time > for session variables): > > July 27th > > 10:15 AM > User opens www.yahoo.com > > 10:17 AM > User opens your site (www.yoursite.com/mySecondPage.cfm) > She gets bounced to the splash page, since session.initialized wasn't set > yet. > > still 10:17 AM(later in that minute) > User returns to www.yoursite.com/mySecondPage.cfm, which now is allowed to > completely load, since session.initialized is now set. > > 10:18 AM > After looking at www.yoursite.com/mySecondPage.com, user is so wowed that > she goes for a stroll to contemplate the meaning of life. Since the work is > super-duper high security, though, she immediately closes the browser and > shuts down her computer. > > 12:17 PM > User has returned from her walk, ready to surge forward with her work. She > has already turned on her machine, logged in, and launched IE. She promptly > goes to the page that inspired this (nearly!) two-hour sojourn: > www.yoursite.com/mySecondPage.com. That page will load WITHOUT going to the > splash page. Why? Because session.initialized has still not expired > (although it's one minute away from doing so), and the CF server knows to > look for it under the CFID and CFTOKEN values stored on your user's machine. > > 12:18 PM > User decides that she is no longer so wowed by your page, and immediately > browses to www.someothersite.com. She stays away from your site until 4:01 > PM. > > 4:01 PM > User once again types in www.yoursite.com/mySecondPage.com. This time, she > gets bounced to the splash page. Why? Because the two-hour session > variable has expired. > > If this is the behavior you want, then you're all set. I just wanted to > make sure that you weren't under operating under any misconceptions about > how it would work. > > Hope this is helpful, > Matthieu > > -----Original Message----- > From: Yexley Robert D Contr Det 1 AFRL/WSI > [mailto:[EMAIL PROTECTED]] > Sent: Friday, July 26, 2002 10:28 AM > To: CF-Talk > Subject: Setting and evaluating session variables > > > <cfQuestion > type="Rookie"> > > I'm trying to write my first web app in CFMX, and am having some trouble > figuring out how session variables work. I'm basically just trying a few > things to test setting them and testing for their values, stuff like that. > So, what I've done, is I've added a section in my Application.cfm file to > establish my needed session variables, and initialize them to nothing (""). > One of those session variables is called SESSION.initialized, and it's > value, again, gets set to "". The very first line of the splash page of my > app has the line <cfSet SESSION.initialized = "True"> which is intended to > initialize a users session in the application. I do this ONLY on that first > splash page for the app. Now, at the bottom of my Application.cfm file, I > have the following statement: > > <cfif SESSION.initialized is not "True"> > <cfLocation URL="mySplashPage.cfm" addToken="No"> > </cfif> > > Now, if I understand the way this works correctly, what I'm expecting, is > that if I open a new browser window, and I try to circumvent that splash > page by typing something like http://www.mysite.com/mySecondPage.cfm > <http://www.mysite.com/mySecondPage.cfm> into the address line of the > browser, the line above that checks that session variable should get > executed at the beginning of the request for that page. Now, at this point, > since during this browser session I have *not* navigated to mySplashPage.cfm > yet, that the SESSION.initialized variable has not been set to "True" yet, > so this condition would evaluate to FALSE, and should execute the > <cfLocation> tag to redirect the browser to the mySplashPage.cfm document, > so that it *will* set that variable to "True". Am I correct in that > thinking? If not, how does this work? > > I thought I had this working properly the other day, but it doesn't seem to > be working right today, because I'm not getting redirected like I would > expect. And, on a side note to that, has anyone had any problems with this > <cfLocation> tag with a Mozilla browser? The other day when I was trying > this, I kept getting an error from Mozilla that said something like > "Redirection limit exceeded for this URL". Has anyone else experienced > this? If so, is it a browser problem that Mozilla can't be redirected? Is > there a workaround for it? > > Thanks in advance for your help. > > </cfQuestion> > > ::YEX:: > > /* > || Robert D. Yexley > || Oracle Programmer/Analyst > || Easylink Services Corporation > || Professional Services > || Contractor - Wright Research Site MIS > || Det-1 AFRL/WSI Bldg. 45 Rm. 062 > || (937) 255-1984 > || [EMAIL PROTECTED] > || <)))>< > */ > > <<Robert D. Yexley (E-mail).vcf>> > > > ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
