Strictly speaking you don't need to use cfid and cftoken either as cookies or URL variables.

If you want to hide these, you can use your own session management code to create and destroy the cfid and cftoken values above the call to cfapplication, and in OnRequestEnd.cfm.

Something like this:

<cfif isDefined('url.mysession')>
   <!--- Insert code to figure out what cfid and cftoken are here --->
   <cfcookie name="cftoken" value="#cftokenvalue#">
   <cfcookie name="cfid" value="#cfidvalue#">
</cfif>

<cfapplication name="myapp" sessionmanagement="yes">


In OnRequestEnd.cfm you would do something like this:


<cfcookie name="cfid" expires="NOW">
<cfcookie name="cftoken" expires="NOW">

That still requires that you use a url variable, or a cookie, but depending on which browser your clients are using, you might be able to use <cfheader> to set a http header that gets returned by the browser. That would eliminate the need for both cookies and url variables.

Spike

Taco Fleur wrote:

No, he knows exactly what I was referring to.


Cheers. Now let's go and beat him up!!!

-----Original Message-----
From: Knott, Brian [mailto:[EMAIL PROTECTED] Sent: Tuesday, 5 August 2003 2:28 PM
To: CFAussie Mailing List
Subject: [cfaussie] RE: Silly!!



You don't need to maintain connection if its just a CF site. You can browse it like any normal site. You need to maintain state for applications like login site and shopping carts. Maybe this is what he is referring to.

-----Original Message-----
From: Taco Fleur [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 5 August 2003 2:20 PM
To: CFAussie Mailing List
Subject: [cfaussie] RE: Silly!!



Thanks,

I am starting to feel a bit more confident now, however the part where
you say "I think" sort of leaves me still hanging ;-))



-----Original Message-----
From: Knott, Brian [mailto:[EMAIL PROTECTED] Sent: Tuesday, 5 August 2003 2:22 PM
To: CFAussie Mailing List
Subject: [cfaussie] RE: Silly!!



I think your right. With no session or cookie how could the application know who you are next time you request a page. HTTP is a connectionless protocol thus the browser needs to identify itself via cookie or CFID when it requests the next page.

Brian Knott

-----Original Message-----
From: Taco Fleur [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 5 August 2003 2:12 PM
To: CFAussie Mailing List
Subject: [cfaussie] Silly!!



I almost feel silly asking this...
But I have to...

This is how I think it all works (but I could be wrong and my ASP
colleague could be right)...

To maintain a session the client either needs to accept a cookie or the
CFID and CFTOKEN need to be passed by the url, otherwise you can't
maintain state.. Is this correct?


My colleague thinks that you can maintain state without a cookie or
passing the CFID and CFTOKEN, is he right?
If so, I will shoot myself...

Taco

------------------------------------------------------------------------
----

This email, together with any attachments, is intended for the named recipient(s) only and may contain privileged and confidential
information.
If received in error, please inform the sender as quickly as possible and
delete this email and any copies from your computer system network.


If not an intended recipient of this email, you must not copy,
distribute or

rely upon it and any form of disclosure, modification, distribution
and/or publication of this email is prohibited.


Unless stated otherwise, this email represents only the views of the
sender
and not the views of the Queensland Government. ------------------------------------------------------------------------
----



--- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/

---
You are currently subscribed to cfaussie as:
[EMAIL PROTECTED]
To unsubscribe send a blank email to
[EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/

------------------------------------------------------------------------
----

This email, together with any attachments, is intended for the named recipient(s) only and may contain privileged and confidential
information.
If received in error, please inform the sender as quickly as possible and
delete this email and any copies from your computer system network.


If not an intended recipient of this email, you must not copy,
distribute or

rely upon it and any form of disclosure, modification, distribution
and/or publication of this email is prohibited.


Unless stated otherwise, this email represents only the views of the
sender
and not the views of the Queensland Government. ------------------------------------------------------------------------
----



--- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/

---
You are currently subscribed to cfaussie as:
[EMAIL PROTECTED]
To unsubscribe send a blank email to
[EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/

---------------------------------------------------------------------------- This email, together with any attachments, is intended for the named recipient(s) only and may contain privileged and confidential information. If received in error, please inform the sender as quickly as possible and delete this email and any copies from your computer system network.

If not an intended recipient of this email, you must not copy, distribute or rely upon it and any form of disclosure, modification, distribution and/or publication of this email is prohibited.

Unless stated otherwise, this email represents only the views of the sender and not the views of the Queensland Government. ----------------------------------------------------------------------------

---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/





-- Stephen Milligan Consultant for hire http://www.spike.org.uk



---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/

Reply via email to