Here are the two things you can do to clear a session and clear a session when the browser closes.
1. <cflock timeout="30" name="logOut"> <cfscript> StructClear(session); </cfscript> </cflock> This will clear the users session. 2. right after the code you use to start the application you should put the below code... <!--- This causes the session to expire when the browser is closed. ---> <cfif IsDefined( "Cookie.CFID" ) AND IsDefined( "Cookie.CFTOKEN" )> <cfset localCFID = Cookie.CFID> <cfset localCFTOKEN = Cookie.CFTOKEN> <cfcookie name="CFID" value="#localCFID#"> <cfcookie name="CFTOKEN" value="#localCFTOKEN#"> </cfif> Nathan Stanford www.cftipsplus.com -----Original Message----- From: Tangorre, Michael T. [mailto:[EMAIL PROTECTED]] Sent: Monday, December 03, 2001 12:03 PM To: CF-Talk Subject: Expriing a session Hi everyone. I am having no luck expiring a users session. Here is what I am attemnpting: User logs in.. All is fine, a session variable is set to "loggedin". When the user clicks "log out" I call a template that sets the value of the session var to "loggedout" and then redirect them to a new page. The problem is that if they hit the browsers back button they can still get to the page they were viewing when they logged on. I have tried using cflocation to send them to the enw page and I even check for the value of the sesison var before displaying the page that is protected via the login... Any ideas? Michael T. Tangorre ============================ Resident Assistant - Brick Web Applications Developer A.U. Webteam Slave :-) AIM: CrazyFlash4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists