Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Session Variable not being destroyed
- Thread starter barrylowe
- Start date
if you CFPPLICATION tag has got the setclientcookies=yes then the session will not expire until the timeout specified in the cfapplication passes. at this point the session will timeout and the user will have to log back into your system again.
a way of deleteing a session before it timesout is to use this:
<CFSCRIPT>
StructClear(#Session#);
</CFSCRIPT>
in a cflock of course. this will clear the session structure, and mean the user has to log in again !
hope this helps !
a way of deleteing a session before it timesout is to use this:
<CFSCRIPT>
StructClear(#Session#);
</CFSCRIPT>
in a cflock of course. this will clear the session structure, and mean the user has to log in again !
hope this helps !
Will struct clear actually destroy the session variable(s)?
Currently, on our site, when a user logs out their session variables are nullified. But now my superiors want the session to actually be destroyed on the server, on logout
To insure security as well as free up memory.
Is there anyway to do this or something close to it?
Currently, on our site, when a user logs out their session variables are nullified. But now my superiors want the session to actually be destroyed on the server, on logout
To insure security as well as free up memory.
Is there anyway to do this or something close to it?
SidianConsulting
Programmer
Put this code in your application.cfm page (after your cfapplication tag):
<cfif IsDefined("Cookie.CFID"
AND IsDefined("Cookie.CFTOKEN">
<cfset cfid_local = Cookie.CFID>
<cfset cftoken_local = Cookie.CFTOKEN>
<cfcookie name="CFID" value="#cfid_local#">
<cfcookie name="CFTOKEN" value="#cftoken_local#">
</cfif>
This will change the cfid and cftoken to "session" cookies, which will be deleted from the user's computer when they close their browser. If they don't log out beforehand, it won't matter, since their session won't be valid when they come back.
Note, this method will not delete the session variables that are associated with the cfid and cftoken from the memory of the server; it will only delete the cookies from the user's browser when it is closed; their session will time out when whatever timeout value is reached for sessions, depending on whether you are setting it in application.cfm or in the CF administrator.
-Tek
<cfif IsDefined("Cookie.CFID"
AND IsDefined("Cookie.CFTOKEN"><cfset cfid_local = Cookie.CFID>
<cfset cftoken_local = Cookie.CFTOKEN>
<cfcookie name="CFID" value="#cfid_local#">
<cfcookie name="CFTOKEN" value="#cftoken_local#">
</cfif>
This will change the cfid and cftoken to "session" cookies, which will be deleted from the user's computer when they close their browser. If they don't log out beforehand, it won't matter, since their session won't be valid when they come back.
Note, this method will not delete the session variables that are associated with the cfid and cftoken from the memory of the server; it will only delete the cookies from the user's browser when it is closed; their session will time out when whatever timeout value is reached for sessions, depending on whether you are setting it in application.cfm or in the CF administrator.
-Tek
- Status
Similar threads
- Locked
- Question