I inherited an application this week and I have to make some changes to it. I noticed that the previous programmer closes the session when the user logs out by deleting the struct key in the session scope, and by expiring the cookie NOW, which I'd expect, pretty standard, that.
But he also has a CFAPPLICATION tag there too. I havent' seen that before and I wondered if that was an accepted way to log a user out and kill his session. I would have thought it would kill everyone's session wouldn't it - all the users on the application would be logged out simultaneously wouldnt they?
Here's what is in the logout routine:
<!---Logout --->
<cfif
isDefined("url.logout")>
<cfset
structdelete(SESSION,"loggedin")>
<cfapplication
name="appname" sessionmanagement="Yes"
sessiontimeout="#CreateTimeSpan(0,0,0,0)#">
<cflocation
url="">
</cfif>
Cheers
Mike Kear
AFP Webworks
Windsor, NSW, Australia
