RE: Session variables and cookies
I think what many people need to understand is this: The web is state-less. There is nothing in the internet at large that is meant to follow you from page to page, and maintain if you are logged in or not. Anything you do to build a shopping cart, log a user in, is in essence somewhat of a hack. There isn't a magic wand for making all cases work at once. Sure, the majority of your users will have cookies enabled. You will need to write code to check for the existence of a cookie, and if its not there stick a CFTOKEN into the URL. Sessions are really a mash-up of ways to try and make the user state persist from request to request, but I don't think there is a way to accommodate 100% of users session states. The best bet would be to write your application in such a way as to provide, perhaps, a limited subset of functions without a session. And maybe gently ask the user to upgrade or enable cookies if they want to use the site to its fullest =) Just my $.02 Chris Peterson -Original Message- From: Curt Schryver [mailto:[EMAIL PROTECTED] Sent: Thursday, May 24, 2007 2:57 PM To: CF-Talk Subject: Session variables and cookies Okay, I've searched the archives but want to get it straight. I've built a shopping cart using session variables. But, it looks like if a user has cookies turned off, the cart won't retain the contents. Is this correct? I've also read about using URLSessionFormat, but seen some posting that it can mess things up if cookies are enabled. Can anyone give a quick overview of best practices when using session variables? Thanks a lot! Curt ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:279139 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Session variables and cookies
You will need to pass the cfid/token with every request if cookies are expected to be off. "This e-mail is from Reed Exhibitions (Gateway House, 28 The Quadrant, Richmond, Surrey, TW9 1DN, United Kingdom), a division of Reed Business, Registered in England, Number 678540. It contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any form of distribution, copying or use of this communication or the information in it is strictly prohibited and may be unlawful. If you have received this communication in error please return it to the sender or call our switchboard on +44 (0) 20 89107910. The opinions expressed within this communication are not necessarily those expressed by Reed Exhibitions." Visit our website at http://www.reedexpo.com -Original Message- From: Curt Schryver To: CF-Talk Sent: Thu May 24 19:57:28 2007 Subject: Session variables and cookies Okay, I've searched the archives but want to get it straight. I've built a shopping cart using session variables. But, it looks like if a user has cookies turned off, the cart won't retain the contents. Is this correct? I've also read about using URLSessionFormat, but seen some posting that it can mess things up if cookies are enabled. Can anyone give a quick overview of best practices when using session variables? Thanks a lot! Curt ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:279138 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Session variables and cookies
> Okay, I've searched the archives but want to get it straight. I've built a > shopping cart using session variables. But, it looks like if a user has > cookies turned off, the cart won't retain the contents. Is this correct? Yes, if you are not passing the CFID and CFTOKEN with a request, and they have cookies turned off, there is nothing that tells the server who is accessing the application, so the session will be dropped. > I've also read about using URLSessionFormat, but seen some posting that it > can mess things up if cookies are enabled. The way it's supposed to work is that if a user has cookies turned off, the CFID/CFTOKEN will be appended to the url; if they do have cookies enabled, the CFID/CFTOKEN won't be appended. So, it shouldn't mess anything up - in fact it's designed to address the issue you're dealing with. > Can anyone give a quick overview of best practices when using session > variables? You'll probably want to consult the Livedocs or a good CF book like CFWACK for the best overview. -- Josh - Original Message - From: "Curt Schryver" <[EMAIL PROTECTED]> To: "CF-Talk" Sent: Thursday, May 24, 2007 11:57 AM Subject: Session variables and cookies > > I've also read about using URLSessionFormat, but seen some posting that it > can mess things up if cookies are enabled. > > Can anyone give a quick overview of best practices when using session > variables? > > Thanks a lot! > Curt > > ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:279137 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Session variables and cookies
Okay, I've searched the archives but want to get it straight. I've built a shopping cart using session variables. But, it looks like if a user has cookies turned off, the cart won't retain the contents. Is this correct? I've also read about using URLSessionFormat, but seen some posting that it can mess things up if cookies are enabled. Can anyone give a quick overview of best practices when using session variables? Thanks a lot! Curt ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:279134 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Session Variables and Cookies
On 12/21/00, Mark Smeets penned: >From the looks of it, you don't need Last User and Current User and the >cookie part is it. As far as I can remember from the book those are just >little "cutesy" pieces of code. > >I guess another question I have is, do I just simply have to say yes to >session and client management and I can start storing my variables or do I >need to set this up? Basically, what Ben does there is check to see if session.rollcount is defined. If it's not,then this is the first time the site has been accessed (for this session) and he sets a test cookie and a query string (session.addtoken) which is client.cfid and client.cftoken. Every link on the site should have: page.cfm?#session.addtoken# appended to the end. On the first click, the client.cfid and client.cftoken will be passed as a query string, assuring that the session will remain active even if cookies are off. session.rollcount will then be defined and he checks for the test cookie. If the test cookie exists, then cookies are active and he sets session.addtoken as an empty value, which will make your link look like page.cfm?. If not, then cookies are not active and the link remains page.cfm?cfid=53534&cftoken=46373872828, or whatever, thus keeping the session alive for the next click and so on and so on. So, to answer your question. If you want people with cookies disabled to be able to store session variables, such as items in a shopping cart, then yes, you need to pass cfid and cftoken as a query string on every click. If not, then no you don't. Or you could simply bypass all the checks and pass the query string anyway. The values of cfid and cftoken will have the same values of the cfid and cftoken cookies if they are set. -- Bud Schneehagen - Tropical Web Creations _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ ColdFusion Solutions / eCommerce Development [EMAIL PROTECTED] http://www.twcreations.com/ 954.721.3452 ~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Session Variables and Cookies
Hello, Brief question (I apologize for the length) about this and I want to see if I understand this code correctly. I'm currently learning out of the WACK book (I wonder if Ben hates that colorful name some of us refer to his book as) and I've basically gone through chapter 27, Session Variables and Cookies. (Page 656 in my book) I have a little bit of experience with cookies but none as far as SV's goes, the chapter has opened my eyes to many many many possibilities but I guess since I'm a bit more practical, the application.cfm code has me a bit confused, I guess if someone can confirm that my explanation is correct, I'll be happy :) That's no big deal, you're pretty much just setting a "permission" for the site, what you can accept etc...but my real question I guess is what comes next. I'm not entirely sure WHAT is actually needed to set Session Variables and what isn't. >From the looks of it, you don't need Last User and Current User and the cookie part is it. As far as I can remember from the book those are just little "cutesy" pieces of code. I guess another question I have is, do I just simply have to say yes to session and client management and I can start storing my variables or do I need to set this up? Merry Christmas and a Happy New Year to all, I'm definetly thankful for this list and some of the people on it for increasing my knowledge, you guys all rule...Santa Forta? :) Mark Smeets/stranger0/ICQ #1062196 "Mr. West, not every situation requires your patented approach of shoot first, shoot later, shoot some more and then when everybody's dead try to ask a question or two" - Wild Wild West A Stranger's Domain (Redesigned and New) http://24.113.34.178/stranger Official Splitting Adam Homepage http://www.splittingadam.com/ Over the Wall Productions and Web Designs http://www.solarcourt.com/ _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
