Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1434
  • Last Modified:

ColdFusion Error: Session.SessionID Not Defined?

I'm getting errors "Element SESSIONID is undefined in SESSION."

How is this possible? I was under the impression that a Session.SessionID is ALWAYS defined on each request?
0
davidsanderson
Asked:
davidsanderson
  • 5
  • 4
1 Solution
 
gdemariaCommented:
you have session management turned on in your cfapplication tag?

If you're using application.cfc (instead of .cfm)  are you doing this command in onApplicationStart or onApplicationEnd  or onSessionEnd ?   Session variables are not available directly in these functions
0
 
davidsandersonAuthor Commented:
Yes I have session management turned on.

I'm using application.cfc. I'm not calling session.sessionid in this file at all. It does get called outside of this file though.
0
 
erikTsomikSystem Architect, CF programmer Commented:
is there something in your code that clears session variables
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
gdemariaCommented:
do you have clear the session structure (perhaps for logout?)

I would start by placing a test at the start of onRequestStart to see if the session.sessionID is defined there (before the bulk of your code is executed)

What version of Coldfusion are you using?   I think session.sessionID started with MX ?
0
 
davidsandersonAuthor Commented:
Yes, when the login times out, it calls a function that clears the session variables, but then it redirects them (cflocation) back to the login page. This would be another request, correct? So a new sessionid would be defined?

I'm using CF 8.

By the way, I can't reproduce this error, several users are getting this error though.
0
 
gdemariaCommented:
I have never felt comfortable clearing all session variables because some are used by the system and we can't predict when they are re-created or used.

Coldfusion places cookies to maintain the session, they don't use the session variables directly for session management, they are more like an FYI for us developers.   I am referring to CFID, CFTOKEN and sessionID.    I suspect if you were to kill the cookies, the session may be recreated, but I can't say that clearing out the session variables only would cause them to be recreated (because the cookies still exist).

I have always just cleared the variables that I use.   To make this easier, I add a structure within session to manage this...   session.login.userID  and then just delete the login structure and leave the rest of the session alone..
0
 
davidsandersonAuthor Commented:
I can't really recode the whole app to use a different session variable structure. This app is HUGE.

I could just do away with the StructClear(Session) statement but I don't want any old session data hanging around if the user logs out.

Any other suggestions?
0
 
gdemariaCommented:
ok, didn't know if you were starting out or what.

You can loop over the session structure and avoid those key variables ...


<cfloop item="kk" collection="#session#">
  <cfif listFindNoCase("cfid,cftoken,sessionID",kk) eq 0>
    <cfset "session.#kk#" = "">
  </cfif>
</cfloop>

Open in new window

0
 
davidsandersonAuthor Commented:
That looks good. Should I also include urltoken since that's another built-in variable?
0
 
gdemariaCommented:
sure, makes sense...

And if there are any that you are maintaining that you don't want to lose, perhaps the session start date/time or something..
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now