I believe I got this a while back from hal helms website.
<cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
<cfset cfid_local = Cookie.CFID>
<cfset cftoken_local = Cookie.CFTOKEN>
<cfcookie name="CFID" value="#cfid_local#">
<cfcookie name="CFTOKEN" value="#cftoken_local#">
</cfif>
this kills the client/session variables when the browser closes because it
has taken the cookies set by the cfapplication and resets them to expire
when the browser closes.
Shawn Regan
Applications Developer
Pacific Technology Solutions
-----Original Message-----
From: VAN VLIET, SCOTT E (SBCSI) [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 8:49 AM
To: CF-Talk
Subject: RE: Auto logout when leaving the application
I am working on a custom tag that will solve this, and will post it when I
finish.
--
Scott Van Vliet
Senior Analyst
SBC Services, Inc.
ITO Enterprise Tools
Office: 858.886.3878
Pager: 858.536.0070
Email: [EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 8:41 AM
To: CF-Talk
Subject: Re: Auto logout when leaving the application
Good question. I am also interested in this response, but with an added
element. What if a user closes the browser, how do you kill client/session
variables, presumably someone could close the browser thinking they are
"logged out", the next person wanders up and sees the first persons
information.
CC
Brian Fox
<brianfox To: CF-Talk
<[EMAIL PROTECTED]>
@sdccd.cc.ca. cc:
us> Subject: Auto logout when
leaving the application
04/03/02
10:30 AM
Please
respond to
cf-talk
What's the best way of handling security for a website that may be used in
a
kiosk mode? I'm working on a student grade system that does a one time
validation and sets a session variable. Timeout is 15 minutes.
John may log into the system using a lab computer to retrieve his student
grades, become confused, wander to yahoo, read his mail, then leave the
computer as is. Sue may come in to use the same machine, go to the grade
application to get her grades, and still be logged in as John. Is there a
good way to avoid this?
I'm thinking about mangling the referer variable and zapping the session
variables if the referer is not from the application.
i.e. <cfif left(CGI.HTTP_REFERER,X) is not "http://www.gradesrus.com/"; ...
session.auth=0>
That would solve the 'lost' client wandering out of the site. Leaving the
site is equivalent to logging out then (more or less).
What about a javascript warning when a person is going to leave the
application? I'm not a javascript guru, but it seems like an onunload in
the body should be able to give a popup alert and hopefully the ability to
cancel the outside navigation. Anyone ever try it?
Is there a better approach to this?
Thanks!
Brian
______________________________________________________________________
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
