Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsGeneralPHPASPPerlColdFusionFlashHTML, CSS, ScriptsBrowsers

Webmaster Forum / ColdFusion / Advanced Techniques / January 2008


Tip: Looking for answers? Try searching our database.

not getting session variables

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
wam4 - 30 Jan 2008 14:30 GMT
I must be missing something. I thought once you set the session variable in the
in the application.cfc file and then used cfset on the main page to set the
session variable to something it remained active till you logged out/ended the
session/browser closed,etc.  But mine aren't carrying over from one page of the
form to the next page.  I also need them to remain if a person goes out of the
folder containing the application.cfc page.  Do I need to use <cfset session.id
= "#form.variable#"> on all the pages or does the application.cfc file need to
have this somewhere in my onRequestStart function?   If a person goes out of
the folder containing the .cfc file and returns to the maintenance page
shouldn't the session variable still remain active?  Any help is greatly
appreciated. Wendy

<!--- application.cfc page ----->
<cfcomponent>
    <cfset This.name = "dashboardApplication">
    <cfset This.sessionManagement = "True">
    <cfset This.loginstorage = "session">
    <cfset This.sessiontimeout = "#createtimespan(0,1,0,0)#">
    <cfset This.applicationtimeout ="#createtimespan(0,2,0,0)#">

<cffunction name="OnRequestStart">
       <cfargument name = "request" required="true"/>
       <cfif IsDefined("Form.logout")>
           <cflogout>
       </cfif>
       
        <cflogin>
        <cfif NOT IsDefined("cflogin")>
            <cfinclude template="loginorg.cfm">
            <cfabort>
        <cfelse>
            <cfif cflogin.name IS "" OR cflogin.password IS "">
                <cfoutput>
                    <h2>You must enter text in both the User Name and Password
fields.
                    </h2>
                </cfoutput>
                <cfinclude template="loginorg.cfm">
                <cfabort>
            <cfelse>
                <cfquery name="loginQuery" dataSource="hrapps_papaya">
                SELECT emplid,passwd
                FROM km_personal
                WHERE
                    emplid = '#cflogin.name#'
                    AND passwd = '#cflogin.password#'
                </cfquery>
               
                <cfif loginQuery.emplid NEQ "">
                    <cfif loginQuery.emplid EQ "8888">
                    <cfloginuser name="#cflogin.name#" Password = "#cflogin.password#"
                        roles="user,admin">
                    <cfelse>
                    <cfloginuser name="#cflogin.name#" Password =
"#cflogin.password#"
                        roles="user">
                    </cfif>
                <cfelse>
                    <cfoutput>
                        <H2>Your login information is not valid.<br>
                        Please Try again</H2>
                    </cfoutput>    
                    <cfinclude template="loginorg.cfm">
                    <cfabort>
                </cfif>
            </cfif>    
        </cfif>
    </cflogin>
    </cffunction>
</cfcomponent>

< !---   first page after user successfully logs in - maintenance ---->

<cfif Isdefined ("SESSION.emplid")>
    <cfset SESSION.emplid = "#FORM.j_username#">
</cfif>

<!--- update page --->
<!--- I don't have the above as I thought the session variables would carry
over --->
Reply to this Message
Ian Skinner - 30 Jan 2008 14:42 GMT
That is the way sessions generally work.  Do sessions work at all on the
site?  Is it possible that they have been disabled in the ColdFusion
Administrator.  They can be turned off there.
Reply to this Message
wam4 - 30 Jan 2008 15:09 GMT
Ian,  Session variables are enabled in the administrator and set for 2 days
before timing out.  So what you are telling me is that I need to use client
variables instead?  Or will these "disappear' if a user goes out the folder
containing the application.cfc and then back in to continue updating?
Reply to this Message
Ian Skinner - 30 Jan 2008 15:22 GMT
> Ian,  Session variables are enabled in the administrator and set for 2 days
> before timing out.  So what you are telling me is that I need to use client
> variables instead?  Or will these "disappear' if a user goes out the folder
> containing the application.cfc and then back in to continue updating?

No, I'm saying that for some reason in your application, session
variables are not working like they work for 99.9% of the rest of us.

But I do not know enough about your configuration or code to be able to
offer more then the most general advice.

You are looking at this application in a browser with cookies enabled,
correct?  Without cookies or a 'cookieless session implementation' of
your code, session variables will not persist from one request to another.

In order for CF to know what request belongs to what session state, it
needs the CFID & CFTOKEN OR JSESSION values normally stored in cookies.
 They can also be passed back and forth in URL variables if a system
design as choose to do so.  Without these values returned with a
request, every request is a new session.

The basic question here is do session work at all for you anywhere but here?
Reply to this Message
wam4 - 30 Jan 2008 16:07 GMT
I have my cookies set to accept all in my browser and at one time I did notice
the cfid and cftoken's being transfered in the URL. I must have changed
something.  

In the application.cfc file I added <cfset this.setClientCookies = true>  and
I'm using <cfoutput>session = #SESSION.emplid#<br></cfoutput> at the top of my
page to verify that I am getting the session variable on the first page.  
That's been working fine.

I guess what I'm trying to figure out is if I can retain those session
variables if the user goes out of the folder and back in to the maintenance
page so they can continue working.  If not, then how do I force them to log
back in. Right now the cflogin allows them to go out and come back without
logging back in.
thanks,
Reply to this Message
Ian Skinner - 30 Jan 2008 16:29 GMT
>  I guess what I'm trying to figure out is if I can retain those session
> variables if the user goes out of the folder and back in to the maintenance
> page so they can continue working.  If not, then how do I force them to log
> back in. Right now the cflogin allows them to go out and come back without
> logging back in.
>  thanks,

Yes, the session will normally persist even if you leave the
'application' for which it is set.  Of course the session timeout is
ticking away.  While the user is using another section of the site that
is a different or undefined application or even completely different web
sites, the session timeout is not being reset.  If it expires before
they return then the session will no longer exist.

But as long as the user returns to the application before the session
expires, session variables will still exist.  And as long as the browser
returns the required session ID's they will be able to access the
previous session state.

Under normal circumstances, anyway.
Reply to this Message
wam4 - 30 Jan 2008 17:33 GMT
Thanks Ian,  that helped me figure this out.
Wendy
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.