Oh, I think we might need to back up a few steps...
Whenever you do a <CFAPPLICATION> you create a session. Depending
on the parameters you pass in that <CFAPPLICATION> call, you will
have application, session, and client variable scope available to
you to use.
So usually what you do to check if a user is "logged in" is to set
some session or client variable after they successfully enter a
username/password. You can put a check in your app_globals, or
even your application.cfm that checks for the existance of this flag,
and kick the user to the login script as required:
<CFPARAM NAME="SESSION.LoginToken" DEFAULT="0">
<CFIF SESSION.LoginToken LT 1>
<CFLOCATION URL="../Login/Login.cfm?">
</CFIF>
Okay, now back to your question. CF stores the CFID and CFTOKEN as
a cookie on the client side. If you pass them in the URL (as that
variable URLTOKEN), your site will still maintain sessions if the
user does not have cookies enabled.
SO the URLTOKEN doesn't do anything special, and you shouldn't use
it to check if the user is logged in. Just check for that session
or client variable (LoginToken in the above snip), and you should
be just fine.
I hope this helped. Seemed like you might need a quick primer.
-Erik
> -----Original Message-----
> From: Steve Kelley [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 16, 2001 4:48 PM
> To: Fusebox
> Subject: RE: FuseBox Replacement of Cookies
>
>
> That is helpful, I'll use it in my apps thanks. But I'm still
> failing to
> grasp what I need to understand to apply your technique. If
> CF generates a
> URLTOKEN for each session, how do I use that token, which
> exists whether or
> not you logged in, to equate to "this user has successfully
> logged in"? Do I
> need to store the URLTOKEN in a database and just replace it
> each time the
> user logs in? This then raises Erik Schaareman's issue of
> timing out. On a
> public terminal, until you close the browser, anyone could
> use the account,
> right?
>
> I think part of the void in my understanding relates to
> client and session
> variables. I can't seem to find a list of available variables.
>
> Thanks much for your help.
>
> Steve Kelley
> SRKelley Enterprises, Inc.
> www.HollywoodPaws.com
> [EMAIL PROTECTED]
>
> -----Original Message-----
> From: Steve Nelson [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 16, 2001 6:27 PM
> To: Fusebox
> Subject: Re: FuseBox Replacement of Cookies
>
>
> If you pass a URLtoken in ALL of your urls <a> <form> and <cflocation>
> tags you don't need to use cookies and you can still utilize client
> variables.
>
> What cookies allow you to do is have a "remember me" checkbox for your
> users when they log in. that way they won't need to login
> again the next
> time they come back to your site.
>
> I've found that I get slightly faster performance (very minimal
> difference) by copying client.urltoken over to
> request.urltoken, AND it
> allows me to add additional variables to the URLtoken if necessary.
> This is how I do it:
>
> <cfapplication clientmanagement="yes" name="whatever">
> <cfset request.urltoken=client.urltoken>
>
> <a href="index.cfm?#request.urltoken#">
>
> <form action="index.cfm?#request.urltoken#">
>
> </form>
>
> <cflocation url="index.cfm?#request.urltoken#" addtoken="no">
>
>
> Does that help?
>
> Steve Nelson
> Try my CFML code tester for free!
> http://www.secretagents.com/tools/stomp/
> (804) 825-6093
>
>
> Steve Kelley wrote:
> >
> > I read the section in the Nelson/Girard FB book concerning
> <cfapplication>
> > and the issue of cookies (page 37) and don't quite grasp
> the entire issue.
> I
> > understand how to implement the URLTOKEN, but don't
> understand how to
> > implement this in replace of the cookies I currently use to
> determine if a
> > user has successfully logged in during that session.
> >
> > I'd appreciate someone filling in this gap in my
> understanding. Thanks.
> >
> > Steve Kelley
> > SRKelley Enterprises, Inc.
> > www.HollywoodPaws.com
> > [EMAIL PROTECTED]
> >
> > Archives: http://www.mail-archive.com/[email protected]/
> > Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
>
> --
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
