Wednesday, August 4, 2010

How to write CFID and CFTOKEN as per-session cookies?

Cookies are normally saved to the client's hard drive in a text file. To ensure that a user's session ends when they close their browser, save the cfid and cftoken values as per-session cookies instead. Per-session cookies aren't written as a text file to the users's computer; they are stored in memory and are deleted when the browser is closed. If a new browser window is opened and they revisit the same ColdFusion web site, the cfid and cftoken values that previously identified them no longer exist, causing ColdFusion to create a new session for that user.


<cfif not IsDefined("cookie.cfid")>
<cflock scope="session" type="readonly" timeout="5">
<cfcookie name="cfid" value="#session.cfid#">
<cfcookie name="cftoken" value="#session.cftoken#">



1 comment:

  1. I want to accomplish the opposite, how do i do it?

    I want the TOKEN and ID to remain after user closes browser so that when he revisits page i can use #session.UsersInfo# and it knows his old info