unset cookie

[LongHorn]

I have an application that uses the login form to authenticate user. On the form I also have a guest button,
if a user is logged on as guest, I don't want the app to read the cookie data already on the computer. Because someone else may come to my computer, log on as guest, and the app will assume it's me. How do I prevent this?

Thanks,
Longhorn

 

[GunJack]

Hey Longhorn,

Do you want to expire the login after so much time has passed without activity? If so, you probably want to use session variables to store your login information since they expire automatically. If you need to use cookie variables though, I would recommend setting a cookie variable to store the login time. Then on each request, I would check to see how much difference there is between the current time and this variable. If it's greater than your allowed limit, just expire the cookies with the line below and send them to a login page.

<cfcookie name=&quot;var1&quot; value=&quot;1&quot; expires=&quot;now&quot;>
<cfcookie name=&quot;var2&quot; value=&quot;1&quot; expires=&quot;now&quot;>
<cfcookie name=&quot;var3&quot; value=&quot;1&quot; expires=&quot;now&quot;>
.....

Hope this helps,
GJ