 |
 | Client variable expiration |  |
|
msturner
|
|
We have our server storing the client variable data in our oracle db. Works great. And we have the client variable using the cftoken. Works great. But I THOUGH ... and obviously I thought wrong ... that the cftoken expired with the pc. I thought that when I reboot my cftoken goes away, which would mean the client variables would expire as well. Do I have a setting I am missing some place in the administrator? I knoew sessions are maintained as long as the browser window is open, and cookies expiure when they are set to expire (now .. never) ... what am I missing?
Thanks MST1 |
|||||||||||
|
|||||||||||||
 |
| |
|
steve
HostMySite Developer
|
|
The CFID and CFTOKEN client variables are stored on the clients machine as a cookie, and set to expire 20+ years from now(OR never).
So to remove the CFID and CFTOKEN variables you would have to delete those two cookie variables form the client's machine or possibly use the cfcookie tag to change when they expire. -Steve |
|||||||||||
|
|||||||||||||
|
| |
|
msturner
|
|
OK, I am very confused now.
Session variables are stored in the pc memory and the cftoken identifies the variable, right? Client vairable can be stored in cookies, registry or a db (as we are) and are identified by the ... cfid? ... cftoken? I am very confused. And the CF Dev book did not help me out at all! MST |
|||||||||||
|
|||||||||||||
|
| |
|
steve
HostMySite Developer
|
|
You are correct, the session variables are stored on the server, and the session CFID and CFTOKEN used to identify a specific session are set as cookies on the client's machine.
If you are using client variable storage the same CFID and CFTOKEN are used to identify the Client variables. Regardless of where you store all the client variables the CFID and CFTOKEN will always get set as cookies on the client's machine and the variables themselves will be stored, in this case, a database. The CFID and CFTOKEN are used to retrieve them from the database. On a side note: If you have your browser settings to disable cookies, new CFID and CFTOKENs are generated on every Coldfusion Page load, in turn a new session, so all client and session variables will get reset. You can work around this by placing the CFID and CFTOKEN in the URL. However once the browser is closed the CFID and CFTOKEN variables will be lost on the client's machine and a new CFID and CFTOKEN will be generated when they load your site again. I hope I made some sense this time  |
|||||||||||
|
|||||||||||||
|
| |
|
msturner
|
|
Steve,
THANKS |
|||||||||||
|
|||||||||||||
|
| |
|
byron
Forum Admin
|
|
You may not be able to manipulate the cfid and cftoken cookies. I'm not sure if they will be overwritten on each request.
If you are attempting to recreate the same behavior of session variables, ie having them reset after X mins, perhaps you have a login of some sort, then you can compare the Client.LastVisit and current time, and if it's over x mins, then go to a page that resets/removes client vars as you see fit. If you can reset the cfid and cftoken, you may have to do this on every request. Also be sure you don't remove one cookie value and leave the other, next time the user comes to your site, if they only have the cfid (for example) stored in their cookies, they will get a horrible error, that can only be fixed by manually removing their cfid cookie value. |
|||||||||||
|
|||||||||||||
|
 | Client variable expiration | |
|
||
|
|
|