Stephen,
i'm confused of all this but i think that cfid and cftoken is not a perfect
way to save the user session.
You tell me:
"...Client variables should be used to store information gathered by the
user eg. shopping cart content, ..."
But imagine i store shopping cart content of a user into a client variables
and i give the bokkmark to a friend, we will have the same shopping cart
content.
I undestant the utility of cfid and cftoken but i don't undestant why can i
have the cfid and cftoken of another user simply puting them into a url. I
think this breaks the concept of a continuous session for a visitor to a
site.
The first time an user visits the website he have a cfid and a cftoken, and
i think is no necessari to pass by url to keep this.
So if this is true, why is a good think pass by url cfid and cftoken?
If we pass by url we have the problem of bookmarks because the bookmark
will store the cfid and cftoken too and this will make that many users
using the same bookmark will use the same cfid and cftoken and will have
the same session and client variables.
In the stats problem i will find the way to have the querystrings in stats
information.
Thanks for all.
Toni
At 11:32 08/05/01 +0100, you wrote:
>Tony,
>
> >
> > I read many things about cfid and cftoken but i don't undestant the
> > advantages that they can give me.
> >
> > Imagine that in a website you have the cfid and cftoken: 111-1111111
> > and i have 222-2222222
> >
> > If i call one url like this:
> > http://mydomain.com/index.cfm?cfid=111&cftoken=1111111 i will have this
> > numbers and all your client variables so this is not very secure for
> > storing important variables. Is that right?
> >
> > What are the advantages of use cfid and cftoken (urltoken)?
> > I know is very dificult to know the cfid and cftoken of another user but
> > what about the bookmarks? If you pass me your bookmark like:
> > http://mydomain.com/index.cfm?cfid=111&cftoken=1111111
> >
> >
>
>cfid and cftoken are for maintaining user sessions. They provide the
>required references to session and client variables that allow you to create
>a continuous session for a visitor to your site/application. Client
>variables should be used to store information gathered by the user eg.
>shopping cart content, application login information etc. during their
>session on your site. They aren't intented for long term storage of
>information.
>
>
> > Another problem is:
> > In the stats of my web site i have that the most visited page is
> > http://mydomain.com/index.cfm and i will not know which fuseaction is the
> > most visited.
> >
>You need to look at your statistics package and work out if it can give you
>statistical information on query strings. You might find that your stats
>package is not capable of reporting this kind of information.
>
>Regards
>
>Stephen
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
