I would like to delete an entire session. Cflogout simply ends the session, but the variables remain on the server.

Here is my code I am using to view active sessions (basically shows a table of all users currently logged in)

<!--- Dump all session scopes --->
      <table width="95%" align="center" cellspacing="0" cellpadding="0" bgcolor="#EBE9E9">
            <TR bgcolor="#999999">
                  <TD align="left" valign="top"><img src="../images/topleft.gif"></TD>
                  <TD colspan="5" align="center"><B>Currently Logged In Users</B>&nbsp;<I>(Click to log user out)</I></TD>
                  <td align="right" valign="top"><img src="../images/topright.gif"></td>
                  <TD><B>Cust Code</B></TD>
                  <TD><B>User Name</B></TD>
                  <TD><B>Real Name</B></TD>
                  <TD><B>Login Date</B></TD>
      session.test = true;
      tracker = createObject("java", "coldfusion.runtime.SessionTracker");
      mySession = tracker.getSessionCollection( application.applicationName );
      for (keyname in mySession) {
         WriteOutput("<TR onclick=""parent.Action.location.href = 'action.cfm?ToDo=KillSession&Session=" & keyname & "';"" onMouseover=""this.style.backgroundColor='##FF9999';"" onMouseout=""this.style.backgroundColor='##EBE9E9';"" style=""cursor:pointer; background-color : ##EBE9E9;""><TD>&nbsp;</TD><TD>" & mySession[keyname].custcode & "</TD><TD>" & mySession[keyname].username & "</TD><TD>" & mySession[keyname].name & "</TD><TD>" & DateFormat(mySession[keyname].lastlogin, "MM/DD/YYYY") & "&nbsp;" & TimeFormat(mySession[keyname].lastlogin, "HH:MM") & "</TD><TD>" & mySession[keyname].ip & "</TD><TD>&nbsp;</TD></TR>");

On my page action.cfm, for the ToDo='KillSession', I want to be able to delete the entire structure for the given users session.

My application name is 'Secure', and the key looks like this:   secure_84301870811097497028343

My current code looks like this:  But it appears to do nothing at all, not even error out:

                <cfcase value="KillSession">
                  Deleting session <cfoutput>#URL.Session#</cfoutput><BR><cfflush>
                  <cfset a = StructDelete(session, URL.Session)>

Can anyone tell me what I am doing wrong???
Who is Participating?

Improve company productivity with a Business Account.Sign Up

pinaldaveConnect With a Mentor Commented:
                <cfset a = StructDelete(session, URL.Session)>
instead of
Structclear( URL.Session)
JUSTICEAuthor Commented:
When I do a StructClear, as it says on Livedocs, it leaves a structure out there with the session key, and it has no variables.  Then, when I try to display all sessions, it errors because the Username variable no longer exists.  How do I delete the root structure / key??
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

CFDevHeadConnect With a Mentor Commented:
Are you trying to delete the users current session?
If so I don't think you can do that.

if not and you are just trying to delete a reg. session this should be fine

StructDelete(session, 'secure_84301870811097497028343');
if secure_84301870811097497028343 is also a struct I have found that you need to delete the keys out secure_84301870811097497028343 before deleting secure_84301870811097497028343 out of session
StructDelete(session.secure_84301870811097497028343, 'cfide');
JUSTICEAuthor Commented:
Yes, basically I am trying to force a cflogout for a given user.  

Is there any way to <cflogout> for a passed user name?
I am sorry.  But did you say yes to this question "Are you trying to delete the users current session?"
if so I should explained a little more

Are you trying to delete the users current session that COldFusion assigns to the user?
If so you can not do this while they are still on a cfm page on your site.
JUSTICEAuthor Commented:
OK, I think I am just going to add a bit to my application page that will check a SQL flag.

If set to 1, then do a <cflogout> and re-set flag to 0.

Its a bit more of a pain, but it should work. :)

Thanks all!
Glad we could help
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.