AFAIK
Sessions are for one server only so if you have cluster servers a
different server cannot access the session details of another server...
However with Client variables (turned off the default location of the
registry to a database such as SQL Server) you can store these in a
central location such as SQL server that all the servers can access.
It is possible to write code that will time the user out such as
sessions do like this..
<CFIF DateDiff("n", Client.LastVisit, Now()) GTE 20>
<!--- Manually log the user out as there session has timed out
--->
<CFLOOP LIST="#GetClientVariablesList()#" INDEX="idxClientVar">
<CFIF NOT DeleteClientVariable("#idxClientVar#")>
<CFSET "Client.#idxClientVar#" = "">
</CFIF>
</CFLOOP>
<!--- Now that they are logged out send them to the index page
--->
<CFLOCATION URL="#Application.Root#index2.cfm" ADDTOKEN="No">
<CFABORT>
</CFIF>
This code will setup a sessions type scenario so that the client will
not be logged in if they try to access the site after 20mins of
inactivity
Session Variables also exist in the shared memory scope and thus require
locking on reads and writes.
-----Original Message-----
From: Gyrus [mailto:[EMAIL PROTECTED]]
Sent: 14 November 2001 18:27
To: CF-Talk
Subject: Re: Session and Client Variables
> Hi Folks, i'm prepping for the cf exam and i'm lacking a good
understanding
> of the difference between client and session variables. It seems that
> they both are capable of doing the same thing. When and why
> should/would i use one or the other? What apps have you used client
> vars for and not session vars for and visa versa and why? Thanks for
> any help.
As I understand it, the key difference is that session variables
timeout. Client variables are tied to a specific client, session
variables are tied to a specific client *and last for a specific period
of time after the last request from that client to a specific
application*. This timeout period is controlled in CF Admin, or in the
CFAPPLICATION tag in application.cfm.
I use session variables mostly for password-protected areas (usually
backend CMS's) that need the finite login time for security reasons. I
never really used client variables. I suppose I could provide the option
to "remember me next time" when users login, and this is a good example
of the difference I suppose:
- Normal login = session variables, and if you leave the app for 20 mins
(or whatever), you will have to login again.
- "Remember me" login = client variables, and as long as the connected
cookies remain on the client, you won't have to login to get into the
app.
hth,
- Gyrus
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
