-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> >I'm still trying to decipher in my own mind why it would be so
> >important to lock session variables. Application variables I can
> >understand, because if one person changes the value, the value
> >will change for everyone. But what about sessions? If I have
> >session.foo in my application, there could be 100 people that have
> >session.foo set to 100 different values. How would person 1
> >changing the value of session.foo affect the other 99 people?
> >
> perhaps the user has 3 or 4 browser windows open, or multiple
> frames hitting session vars at the same time..
Precisely. Also, in our particular case, we have images stored
outside of the server's webroot & use CFCONTENT to serve them up to
the user (helps keep direct linking to a minimum, since we check the
HTTP referrer for each image). In that case, tho, with a page of
thumbnails, the user can create 17 CFM requests in one page request,
and they all execute side-by-side. Thus locking Session is a
necessity.
The more likely case is the multiple browser scenario. And I can
assure, based on the precepts of Murphy's Law, if you DON'T lock your
session vars, some user WILL find a way to get simultaneous accesses
to their own session & bring down your server. Locks are kind of
like seatbelts -- "It's not just a good idea...."
Best regards,
Zac Bedell
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBOYloBQraVoMWBwRBEQI1AACfT1HxXfbWrkFnhovFqB942PDOcQEAniku
zfz69e9z5fJ0nVE3TAzVJ78w
=s56P
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
