Improve company productivity with a Business Account.Sign Up

x
?
Solved

Notifying the user that a session has expired

Posted on 2006-10-20
5
Medium Priority
?
435 Views
Last Modified: 2013-12-24
Is there an onSessionEnd event or something similar that fires when a CF session expires where I can notify the user that the session timed out?  Unfortunately my host is only running CF 5 so I need something that will work on that version.

Thank you!
0
Comment
Question by:g8torjoe
  • 2
  • 2
5 Comments
 
LVL 12

Expert Comment

by:mkishline
ID: 17774862
I haven't seen anything along those lines, but you can probably rig up a hack pretty easy. In the Application.cfm file just have something like:

<!--- If people are trying to get to the login page, don't show them the message --->
<cfif SCRIPT_NAME NEQ "login.cfm" AND (NOT isDefined('session') OR NOT isDefined('session.loggedin'))>
  <cfset session.msg = "Your session has expired, please login again." />
  <cflocation url="login.cfm" />
</cfif>

<!--- login.cfm --->
<cfif isDefined('session.msg')><cfoutput>#session.msg#</cfoutput><cfset StructDelete(session,'msg') /></cfif>
Login form info
0
 
LVL 39

Expert Comment

by:gdemaria
ID: 17775256

 coldfusion MX has an  end of session event.  You need to use  application.cfc   instead of  application.cfm   to use it though

0
 
LVL 4

Expert Comment

by:Oneiroid
ID: 17785702
What I like to do is just set an additional variable in my Application.cfm:
<cfparam name="application.TimeOut" default="0">

When the user logs in, set application.TimeOut = 1.

If the session expires / doesn't exist, check if TimeOut equals one. If so, launch your notification. If it still equals 0, do not launch your notification because a login never occured.

Additionally, when the user logs out, set application.TimeOut = 0 again so that the user does not get an erroneous time out message later. Also set application.TimeOut = 0 when notification of an exipred session is given so that the user does not keep getting that message.

Example - session expired:

<cfif session.UserID eq "">
      <cfif application.TimeOut is 1>
            <cfset message = "Your session has timed out.">
            <cfset application.TimeOut = 0>
      </cfif>
      <cfinclude template="login.cfm">
</cfif>

Example - logout:

<cfif isdefined("logout")>
      <cfset session.UserID = "">
      <cfset application.TimeOut = 0>
      <cfset message = "You have successfully logged out.">      
      <cfinclude template="login.cfm">
</cfif>
0
 
LVL 39

Expert Comment

by:gdemaria
ID: 17786097

 Oneiroid, application scope variables are shared by all users.

  If you set the value of application.time-out to 1 for user A, then it will be 1 for user B, C, D, etc.    If user B sets it to 0, then it will change for A, C, D, E, etc...   Application scope variables are not a good choice for user specific values.

  Session variables also time-out and are specific to only one user.

  There is no need to set a flag "time-out" you can simply check to see if the session variable is no longer available.

  <cfif NOT structKeyExists(session,"username")>
     <cflocation url="login.cfm">
   </cfif>

 or like mkishline  shows above..

0
 
LVL 4

Accepted Solution

by:
Oneiroid earned 1500 total points
ID: 17786369
> application scope variables are shared by all users.
Yes, sorry for that. gdemaria, you are correct.

> Session variables also time-out and are specific to only one user.
I believe this is was the Author is asking about: TimeOut event on a session variable.

I did, however, come across a rather creative approach for this problem here:
http://www.experts-exchange.com/Web/WebDevSoftware/ColdFusion/Q_21612933.html?query=coldfusion+session+timeout&clearTAFilter=true

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
When you have multiple client accounts to manage, it often feels like there aren’t enough hours in the day. With too many applications to juggle, you can’t focus on your clients, much less your growing to-do list. But that doesn’t have to be the cas…
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question