Absolutely - A very similair thing also happened on an Intranet project I was working on. We couldn't figure out why users sessions were expiring so quikly - sometime not at all and sometime every few minutes.
The user would then log back in which would then cause another user to be logged out (or so it would appear) - What we found by displaying the current user id in the page was that they were then miraculously becoming the other user. How did this happen ? The person who sent out the link to all the users sent something like http://theintranet/index.cfm?cfid=9999&cftoken=9999 So, everyone became each other. OMG ! With a bit of fiddling around, we held an IP address as a client variable, then if the user looking at the page didn't match the IP address we would clear their cookies and redirect them back to the homepage with a BRAND NEW CFID mixture. Thus overwriting the cookie in the browser. However, they also had to remove and recreate the favourites link to the intranet as the next time they visited the same would have happened. Now, there's a handy function URLSessionFormat which intelligently maintains state for user with cookies disabled. However, as spiders don't allow cookies the function will ultimately give the spider a url with cfid or a j2ee format string e.g. http://mywebsite.com/index.cfm;jsessionid=1230be920b90$B7h$298?page=/ind ex.cfm . J2EE variables are a much better option. I don't know if anyone's poste this link for you but it works like a charm, creating per session cookies which most users will allow as they expire once the browser has closed http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_17915 Good luck Martin -----Original Message----- From: Webmaster at FastTrack On Line [mailto:[EMAIL PROTECTED] Sent: 09 October 2005 05:39 To: CF-Talk Subject: Re: CFID Hi Martin, Thanks for your input. Oh my, wouldn't this be bit of a security issue? Jenny ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:220496 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
