Thanks. We use that code in CF 4.5.2 after logout or on detecting timeout. The purpose is to delete, really delete, the entire session and all vars associated with that particular user presence.
It's worked well, and we haven't seen any problems with not being able to log back in without closing/opening a browser. thanks, Chris Norloff ---------- Original Message ---------------------------------- from: Bryan Love <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] date: Mon, 9 Sep 2002 12:23:21 -0700 >I'm late on this one, but it's worth the reply I think... > >I noticed you are using StructClear(session)#... >Don't know if it's true in CFMX, but you NEVER want to do this in CF 4.5 or >5.0. There is a variable named session.sessionID that is ONLY created at >the beginning of a session. If you delete it then it's gone until the >browser is closed and a new session begins. I don't know what it is used >for, but occasionally in the past it has caused problems for me (before I >knew about it). > >If you want to use StructClear then store session.sessionID in a temp var >before using StructClear then put it back in the session struct after >clearing. > >+-----------------------------------------------+ >Bryan Love > Macromedia Certified Professional > Internet Application Developer > Database Analyst >TeleCommunication Systems >[EMAIL PROTECTED] >+-----------------------------------------------+ > >"...'If there must be trouble, let it be in my day, that my child may have >peace'..." > - Thomas Paine, The American Crisis > > > >-----Original Message----- >From: Chris Norloff [mailto:[EMAIL PROTECTED]] >Sent: Monday, September 09, 2002 8:19 AM >To: CF-Talk >Subject: Re: Client Vars again > > >To ensure our logged-out (or timed-out) user is completely removed from our >application, we delete: >1. the entire session structure, >2. all the client vars (one at a time), >3. set the cookies to delete, and >4. use non-persistent cookies anyway. > >I know that sounds redundant, but it's been robust for us. > >Chris Norloff > > ><!--- delete the session (all vars, including CFID & CFTOKEN) ---> ><cflock timeout="#variables.lock_timeout#" throwontimeout="Yes" >scope="session" type="EXCLUSIVE"> > <cfset temp = #StructClear(session)#> ></cflock> > ><!--- delete all client vars ---> ><cfset variables.client_var_list = #GetClientVariablesList()#> > <cfloop index="list_element" list="#variables.client_var_list#" >delimiters=","> > <cfset temp = DeleteClientVariable("#list_element#")> > </cfloop> > ><!--- delete cookies ---> ><cfcookie name="CFID" value="empty" expires="NOW"> ><cfcookie name="CFTOKEN" value="empty" expires="NOW"> > >---------- Original Message ---------------------------------- >from: Adrian Lynch <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >date: Fri, 6 Sep 2002 18:53:51 +0100 > >>I've posted this to CF-Talk, sorry for any who get both and don't like >cross >>posts... >> >>Is there anyone out there that's built reliable login/logout functionality >>into their site? Something that works on ALL browser combinations? >> >>This is what we're doing... >>Client vars stored in a DB >>Using the usual code to kill a session on close of the browser >>CFMX, SQL Server 7 >>Testing on most combinations of browser. >> >>Trying to figure out what's going wrong wouldn't be so bad if we could just >>have some consistency in the way it's going wrong. We have... >>Logging in on 2nd, 3rd, 4th, 5th try instead of the 1st >>Not able to log out, trying both reseting the client vars back to their >>original state and deleting them altogether >>Having to change a cflocation to a window.location to get it to log in on >>IE5 (don't ask) >> >>I've just said to the guy I'm building it with, "shall we pass cfid and >>cftoken in all the links and redirects, see if that cures it". What does >>everyone else think. It's not the easiest thing to debug something that you >>can't reliably replicate :O( >> >> >>Adrian Lynch >>Thoughtbubble Ltd >>---------------------- >>United Kingdom >>http://www.thoughtbubble.net >>Ph: +44 (0) 20 7387 8890 >>---------------------- >>The information in this email and in any attachments is confidential and >>intended solely for the attention and use of the named addressee(s) . Any >>views or opinions presented are solely those of the author and do not >>necessarily represent those of Thoughtbubble. This information may be >>subject to legal, professional or other privilege and further distribution >>of it is strictly prohibited without our authority. If you are not the >>intended recipient, you are not authorised to disclose, copy, distribute, >or >>retain this message. Please notify us on +44 (0) 20 7387 8890 >> >> >> > > ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
