Hi Gary,
Continuing our discussion...
At 04:13 PM 3/1/01, Gary Morin wrote:
>I do mean concurrent and not consecutive.
>
>The original use of the code was to whip session variables when the user
>closed the browser, so when a new user opened a fresh browser within a
>session timeout, the session variables would be cleared (which answers the
>earlier question, session variables are common across multiple browser
>instances, doh!!).
>
>And the more elegant way is?....
OK, OK, your code does have the benefit of simplicity for this purpose.
Here's my way: Set your own temporary/memory only cookie after a successful
logon. Check for it in your app.cfm or security code. If the cookie does
not exist, it means the user closed their browser, so you can destroy all
their session (or client) variables, and redirect them to the login
page. It works for both session and client vars.
This way you are not messing with CF's default cookie (which is a critical
key for locating session and client vars), and you are only setting a
cookie once when they first come to your secure section.
Your code referenced below:
><cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
> <cfset cfid_local = Cookie.CFID>
> <cfset cftoken_local = Cookie.CFTOKEN>
> <cfcookie name="CFID" value="#cfid_local#">
> <cfcookie name="CFTOKEN" value="#cftoken_local#">
> </cfif>
>
================================================
Douglas M. Smith - Application Architect
TeraTech - Tools for Programmers(tm)
[EMAIL PROTECTED]
================================================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
