Consider - in both your processes - what might happen if those variables
(dare I say "session" itself) did not exist at all during the time that
code ran. Personally, I might do something like cfparam'ing
session.isLoggedIn to false - right before I test to see if it's true.
It's a var with a dedicated purpose, and sure to exist that way. But I
digress because I'm sleepy...
Again, this array may not be the one that's badly indexed in YOUR error.
It's a candidate because it's code that can be called off hours by
things without cookies.
Anywhoo, above is the type of question I ask myself - as I step through
the evaluation process. "what if it's not there?"
Your goal is to help your app recover gracefully from all unexpected
exceptions, not to give robots or non members a better experience! Wrap
it in a try/catch and throw a custom error, so you'll have some more
evidence later.
More stream of consciousness stuff. Probably could have organized all
that better,
Al
On 11/27/2013 7:01 PM, Matthew Creech wrote:
If certain session variables are present that get created when you log in. The
sessions time out after 10 mins, and when you log out, I use StructClear to
empty the session scope.
On Nov 27, 2013, at 9:58 PM, Alan Holden <[email protected]> wrote:
"if you are not logged in"... by what measure? How does your app determine that?
On 11/27/2013 6:55 PM, Matthew Creech wrote:
That thought has crossed my mind, but I'm not really sure what to do about it.
We can't guarantee all our clients have static IPs so I cant filter by IP. But
we do have logic in our application.cfm page that immediately kicks you back to
the login page if you are not logged in.
On Nov 27, 2013, at 9:37 PM, Alan Holden <[email protected]> wrote:
Have you considered the effects of non-users (even non-humans for that fact)
hitting your app all hours of the night?
Scripts, tasks & bots (benign or otherwise) could present an issue to an
application - which assumes that all user agents will present request headers that
are compatible with cookies, sessions and the like - but has no exception case to
handle those which don't.
Something crawling, testing or even attacking your http environment could
present such a situation.
More random thoughts,
Al
On 11/27/2013 4:13 PM, [email protected] wrote:
Those arrayindexoutofbounds errors were happening almost every second at all
hours of the night, and our app is only used during regular business hours in
the US.
--
--
online documentation: http://openbd.org/manual/
http://groups.google.com/group/openbd?hl=en
---
You received this message because you are subscribed to the Google Groups "Open
BlueDragon" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
--
online documentation: http://openbd.org/manual/
http://groups.google.com/group/openbd?hl=en
--- You received this message because you are subscribed to a topic in the Google Groups
"Open BlueDragon" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/openbd/NAWPX-qFrVA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
[email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
--
online documentation: http://openbd.org/manual/
http://groups.google.com/group/openbd?hl=en
--- You received this message because you are subscribed to a topic in the Google Groups
"Open BlueDragon" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/openbd/NAWPX-qFrVA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
[email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
--
online documentation: http://openbd.org/manual/
http://groups.google.com/group/openbd?hl=en
---
You received this message because you are subscribed to the Google Groups "Open BlueDragon" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
