Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Kill the Session when the user closes the navigator!
- Thread starter minonees
- Start date
- Thread starter
- #3
You didn't get my point!
Suppose I set the session timeout value to 20 minutes, if the user closes the window after 10 minutes of his login and a new user requests the url on the same PC after 5 minutes of the last user logout process, the new user will be taken directly to the account of the first user without enterin' user ID or Password.
I hope you got my point now. This idea is implemented in hotmail.com ......... I need the solution guys.
With regards
Suppose I set the session timeout value to 20 minutes, if the user closes the window after 10 minutes of his login and a new user requests the url on the same PC after 5 minutes of the last user logout process, the new user will be taken directly to the account of the first user without enterin' user ID or Password.
I hope you got my point now. This idea is implemented in hotmail.com ......... I need the solution guys.
With regards
It would help if you detailed how the session was maintained.
Assming that you are using simple session variables, then
place the following in your Application.cfm file
<cfcookie name="CFID" value="#CFID#">
<cfcookie name="CFTOKEN" value="#CFTOKEN#">
HTTP is a stateless protocol so ColdFusion requires CFID and CFTOKEN to recognise a user, normally these values are stored in permanant cookies however the above code will force ColdFusion to use temporary cookies that are lost when the borwser is closed.
End of problem although technicnally the session is still open the new browser instance is recognised as a different user.
Assming that you are using simple session variables, then
place the following in your Application.cfm file
<cfcookie name="CFID" value="#CFID#">
<cfcookie name="CFTOKEN" value="#CFTOKEN#">
HTTP is a stateless protocol so ColdFusion requires CFID and CFTOKEN to recognise a user, normally these values are stored in permanant cookies however the above code will force ColdFusion to use temporary cookies that are lost when the borwser is closed.
End of problem although technicnally the session is still open the new browser instance is recognised as a different user.
velvetpuppet
Programmer
Alright Thrud ...
I don't think it's a good idea to use cookies 'cos as you know some navigators don't support cookies. do you agree, Thrud? X-)
I don't think it's a good idea to use cookies 'cos as you know some navigators don't support cookies. do you agree, Thrud? X-)
- Status
Similar threads