I've had similar problems when I set up my auto-login feature, but it was mainly because I was using cflocation on the same page I was setting my cookie. I'm pretty sure you can't use cfhttp or cfheader either on the same page, along with a few other tags. Other than that, the only way they could be getting each other's cookies is if CF server recognizes their cfid and cftoken as someone else's. As Eric stated below, these are set from cfapplication and/or being passed in the URL strings...are they perhaps sharing links? For me, at least, it's always the little things...
Tyler Silcox email | [EMAIL PROTECTED] website | www.gslsolutions.com ----- Original Message ----- From: "Maia, Eric" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Friday, November 09, 2001 5:51 PM Subject: RE: Cookies and the old switcharoo I'm still not sure exactly what's going on here, but here are some musings in case you haven't already explored these leads: 1. Are these reps using the same machine to log in, or do they each have a separate machine? Your cookies would only be causing the problem if they are on the same machine. 2. Bear in mind that CF will be setting 4 cookies: cfid, cftoken, repname, repid. (the first two are set automatically by the cfapplication call.) One thing you might try is clear all four cookies on the form page, so you're sure you're starting from a blank slate. (If I remember correctly, the main time I ran into this problem was when I was trying to set client variables and offer users the option of auto-login as a convenience. e.g. on login page, check for "client.rememberme" and if so, bypass the login, just pull user info from db based on client.userid... got all messed up, and people were getting each others' sessions all over the place. I went back to forcing everyone to log in, and it's been fine for over a year.) -----Original Message----- From: Langford, Bryan [mailto:[EMAIL PROTECTED]] Sent: Friday, November 09, 2001 1:50 PM To: CF-Talk Subject: RE: Cookies and the old switcharoo Thanks Eric, Indeed yes they are three separate ".cfm" pages. In the first form, called logon.cfm, a submit leads to the second page called "verification.cfm". Once there, a meta refresh tag <meta http-equiv="refresh" content=".1; URL=nhrepmenu.cfm"> takes you to the menu page called "repmenu.cfm". As for the deletion of existing cookies and locked vars, those are both recent adds in an attempt to combat this problem. I know cookies over write each other, but something is cause people to come up with other peoples cookie, so I thought if I deleted all cookies before setting them, it may clear up some of the issues.. the locking was another attempt to keep each cookie unique to the user. Bryan Langford Analyst National Customer Operations Enterprise Services & Strategic Planning -----Original Message----- From: Maia, Eric [mailto:[EMAIL PROTECTED]] Sent: Friday, November 09, 2001 1:01 PM To: CF-Talk Subject: RE: Cookies and the old switcharoo Are these three different requests? (i.e. they submit the form, and the verification page is run, then another HTTP request takes them to the menu page?) If not, your problem might be trying to set and access the cookies on the same page. Take another look at your app structure and make sure there's a request between setting cookies and reading them. Also, I don't think you're gaining anything by clearing and setting cookies on the same page, or by locking form variables. -----Original Message----- From: Langford, Bryan [mailto:[EMAIL PROTECTED]] Sent: Friday, November 09, 2001 12:42 PM To: CF-Talk Subject: Cookies and the old switcharoo Hey everyone, I am having a problems where I have created a log in page for representatives to take a test. The page creates rep cookies that, by the time the menu page is reached, have jumbled each client's variables to someone else's. For example, Steve and John and Sally log in and hit the menu page and the menu page displays johns name on Sally's computer, Sally might also display "Sally" and and Steve has himself too. But as you can tell this makes for terrible inserts and test taking. So I am looking for some suggestions... here is the code: ------------ Log on Page --------------------------- <cfform action="repverification.cfm" method=post> <h1>Please enter the following information:</h1> <p> <br> <table width="75%" border="0"> <tr> <td width="14%">Name: </td> <td width="86%"> <cfinput type=text name="RepName" size=20 required="Yes" message="please enter your name"> </td> </tr> <tr> <td width="14%">ID:</td> <td width="86%"> <CFinput type=text name="RepID" maxlength="5" message="Your ID must be 5 digits in length" size=20 required="Yes"> <b>(First 5 digits of SSN.)</b> </td> </tr> </table> <p><br> <input type="submit" name="Submit" value="Submit"> </cfform> ------------ This is the verification page's code: -------------- <cfapplication name="PerfTrack"sessionmanagement="Yes"> <cfcookie name="repname" expires="NOW"> <cfcookie name="repid" expires="NOW"> <cflock name="repvars" timeout="60" throwontimeout="Yes" type="EXCLUSIVE"> <CFcookie NAME="repname" VALUE="#form.repname#" EXPIRES="2" > <CFcookie NAME="repid" VALUE="#form.repid#" EXPIRES="2" > </cflock> ---- and the menu just displays their name, this is a basic example so as to pare you a lot of verifying ---- <cfoutput> Welcome Back #cookie.repname# your ID is #cookie.repid# #cookie.cftoken# </cfoutput> Any help would be VERY appreciated. Bryan Langford Analyst National Customer Operations Enterprise Services & Strategic Planning ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists