If you're going to use sessions without cookies, you're going to have to pass the CFID and CFTOKEN from template to template via the url. You're also going to have to make sure that, since you are exposing the urltoken, that you take steps to see to it that users sharing links don't also share sessions. Maybe run a referrer test or something, and issue a new urltoken if the referrer is blank or from another site.
I'm not a big fan of session management unless its absolutely necessary. My early experiences with clients hosting on shared servers taught me not to count on it (CF failover restarts wash out all session vars). On a dedicated, stable box the problem doesn't exist, but old habits die hard. There also are some things you can't do if storing cart data in memory. Truly real-time inventory control, in particular. If you store cart data in a db, when a user puts something in a cart you can decrement available inventory from the db and hold the item for the consumer during the shopping process, just like a cart in a real store. Just my .02. Plenty of opinions on the other side of the fence, of course ;D ----------------------------------------- Matt Robertson [EMAIL PROTECTED] MSB Designs, Inc. http://mysecretbase.com ----------------------------------------- ----- Original Message ----- From: "Michael T. Tangorre" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, October 30, 2001 6:27 PM Subject: sessions and shopping carts Hey everyone. I am working on my first shopping cart to get the ideas downa nd in place, and I am working towards a cookieless shopping cart, so I need to use sessions more than ever now. I have a few concerns though. I was thinking of approaching it this way, but I am not experienced enough to know what the downsides are, so I am open for suggestions and tips. Mike ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
