Additionally, on MX if you use J2EE session variables then the session will always be lost when the user closes their browser. "Server Settings\Memory variables". You would then need to auto-log the user back in based on a cookie.. However, be warned that cookies could be modified so you must make sure that you encrypt the user's login ID very securely and don't just rely on cookie.loggedin
Hope that helps Martin Parry Macromedia Certified Developer BeetrootStreet.com -----Original Message----- From: Larry White [mailto:[EMAIL PROTECTED] Sent: 22 November 2004 15:30 To: CF-Talk Subject: Re: Session Issue The session vars are stored on the server and are normally tracked by CF using the cookie CFID/CFTOKEN pair. Simply setting a cookie will not enable CF to track session vars permanently. >Hi, > >I'm using both session vars. and cookies to help with login. Session is used >only for people who dont want to stay logged in permanently and the cookie >is used only if they want to stay permanently logged in. The problem I'm >having is that when the session times out the user has to log in again >whether or not they have the cookie. How do I make sure the user can get the >content they want if they have the cookie regardless of the session timeing >out. Below is my code. Any help is appreciated. > >Phil > ><!--- my code ---> > ><cfif IsDefined("cookie.LoggedIn") EQ "Yes"> ><cflocation url="#cgi.script_name#" ADDTOKEN="No"> ><cfabort> ></cfif> ><cfparam name="form.UserLogin" type="string"> ><cfparam name="form.Password" type="string"> ><cfparam name="form.remember_me" type="string" default="Off"> ><cfquery name="GetUser" Datasource="#mydbname#"> >SELECT * >FROM users >WHERE username = '#Form.UserLogin#' > AND password = '#Form.password#' ></cfquery> ><cfif GetUser.RecordCount EQ 1> ><cfset session.Auth = StructNew()> ><cfset Session.Auth.IsLoggedIn = "Yes"> ><cfset Session.Auth.ContactID = GetUser.user_id> ><cfset Session.Auth.UserName = GetUser.username> ><cfif #form.remember_me# IS "On"> ><CFCOOKIE NAME="LoggedIn" VALUE="Yes" EXPIRES="NEVER"> ></cfif> ><cflocation url="#cgi.script_name#" ADDTOKEN="No"> ><cfelse> ><cfset message="We apologize but that username / password does not match our >records. Please try again."> ><cflocation url="#cgi.script_name#?message=#message#" ADDTOKEN="No"> ></cfif> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Special thanks to the CF Community Suite Gold Sponsor - CFHosting.net http://www.cfhosting.net Message: http://www.houseoffusion.com/lists.cfm/link=i:4:185030 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
