At 02:18 PM 11/1/2001, you wrote: ><CFIF NOT Compare(variables.ReferTest,"0") OR NOT >Compare(cgi.http_referer,"")> > <!--- uh. oh. Reset the session ID ---> ></CFIF>
Aha ! therein lies the problem... how does one go about resetting the session ID.. there is no CF function resetSessionID(), I could redirect to another page without adding the URLToken, but CF is just going to set it in a cookie anyway (presuming for the moment that the user has cookies enabled), I could redirect and clear the cookies, but I have a feeling that CF will set the cookie anyway just before it goes out (I haven't tested this though). I could not use cookies for session management at all, but in my environment with html pages as well as my cf it may cause confusion for users (I originally used cookies only but had many problems with people's cookies being unreliable... dunno why, I put it down to browser wierdness, by passing URLToken wherever possible it... solidifies the whole process). ---------- James Sleeman Innovative Media Ltd Phone: (03) 377 6262 http://www.websolutions.co.nz/ CAUTION: The information contained in this email message is confidential and may be legally privileged. If the reader of this message is not the intended recipient you are notified that any use, dissemination, distribution or reproduction of this message is prohibited. If you have received this message in error please notify the sender immediately and destroy the original message and any attachments. Views expressed in this communication may not be those of Innovative Media Ltd. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
