When using cflocation you can set the attribute for addtoken="false"
Dan On Sat, Apr 12, 2008 at 1:02 PM, Les Mizzell <[EMAIL PROTECTED]> wrote: > I have a client that's switching payment methods over to Barclay card > for their site. > > I've gotten everything to work pretty well up to the last step. The page > *submitting* the payment must be an "approved url" that's set in the > Barclay Card store admin. > > It's got to be exactly the same every single time. So, no URL variables > allowed. Period. > > The problem? CFID and CFTOKEN. Once somebody logs in: > > <!--- If the username and password are correct ---> > <cfif getLOGIN.recordCount eq 1> > <cfset SESSION.auth = structNew()> > <cfset SESSION.auth.isLoggedIn = "Yes"> > <cfset session.userID = "#getLOGIN.cusnum#"> > <cflocation url="enroll_app1.cfm" addtoken="no"> > </cfif> > > CFID and CFTOKEN persist across the entire site, and I'm simply haven't > found a way to eliminate them so the site still works - but if they're > present on my submitting URL, it no longer matches the "approved url", > and the payment submission fails. > > Ideas? > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:303239 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
