?
Solved

How do I extend a users session and session variables in ColdFusion?

Posted on 2010-01-12
10
Medium Priority
?
504 Views
Last Modified: 2013-12-20
I have a ColdFusion application that has a form that uses session variables to prepopulate a form based on the user login ID and also store form input, in case of an error, the user will not lose the form data. However, I've now been requested to extend the session and login session time so that the user who begins to fill out the form, gets distracted by a phone call that takes over an hour, will not lose his/her data when they come back to continue filling out the form. Can someone help me to understand how this is done in CF?

Thank you.
0
Comment
Question by:Elizabeth2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 19

Expert Comment

by:erikTsomik
ID: 26297470
you can try something like this
<cflock scope="session" type="readonly" timeout="5">
<cfset Variables.session =
Duplicate(session)>
</cflock>

http://coldfusion.sys-con.com/node/41649
0
 
LVL 52

Accepted Solution

by:
_agx_ earned 200 total points
ID: 26297831
Erik, that does not actually do anything to extend the session.  

Aside from increasing the session timeout, one option I've used is to capture information in the Appplication.cfc's onSessionEnd event and store it in db tables. There are pro's and con's to that approach (separate 'work' tables are needed, etc.)  Depending on the size of the form, client variables might be an option. But I have very little experience with those.
0
 
LVL 19

Expert Comment

by:erikTsomik
ID: 26297860
i would just store the values in the application scope
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 36

Assisted Solution

by:SidFishes
SidFishes earned 300 total points
ID: 26298071
I use a scheme similar to what agx suggests and store form data on the fly via both ajax calls and multiple form pages. Since your user is logging in, this works pretty well and can allow for resuming form submission days later. In my case I present a "Cart In Progress" message on next login with the option to continue or start new. I have 60 day clean up script that removes carts that are older which is run via the scheduler

Basically all you need is to assign the userid and a time to whatever the form data is and you can recall it on next log in ..however this doesn't change the session expiration time and the user -does- have to re-login in

to change session expiration, either modify the default in cfadmin or change it in your application.cfm/cfc



0
 

Author Comment

by:Elizabeth2
ID: 26298082
Thank you both for your suggestions. Unfortunately, I know just enough to get myself in trouble. I'm not sure I know "how" to do either of these suggestions.

Attached is my Application.cfm. Could I just extend the session timeout from "20" to "120?" And then extend the cflock timeout of "15" to "120?" Would that accomplish the goal of allowing a user to come back an hour later and continue to fill out his form?

Are there any pitfalls to extending the session timeout? These clients use these forms several times per day, so I'm thinking they would be best left unchanged, but I told my boss I'd check into extending the sessions. If I could give a good reason why not to change the current settings, that would avoid any additional complications that I may not know how to handle.

What do you think?

elizabeth
<cfapplication name='xxxxxxx' clientmanagement='yes' sessionmanagement='yes' setclientcookies='yes' setdomaincookies='no' sessiontimeout="#CreateTimeSpan(0,20,0,0)#">


<!--- Finds the number of sessions being currewnt in use, and displays them where ever using the page <cfinclude template="/users_count.cfm"> --->
<cflock timeout="15" scope="APPLICATION" type="EXCLUSIVE"> 
    <cfif NOT isDefined("Application.UsersInfo")>
          <cfset Application.UsersInfo = StructNew()>
    </cfif> 
</cflock>
<cflock name="#CreateUUID()#" timeout="15" type="EXCLUSIVE">
      <cfset user_cfid = Evaluate(CFID)>
      <cfset user_time = Now()>
</cflock>
<cflock scope="APPLICATION" type="EXCLUSIVE" timeout="15">
 <cfif NOT StructKeyExists(Application.UsersInfo, user_cfid)>
  <cfset temp = StructInsert(Application.UsersInfo, user_cfid, user_time)>
 </cfif>
</cflock>
<cflock scope="APPLICATION" type="EXCLUSIVE" timeout="15">
 <cfloop collection="#Application.UsersInfo#" item="itmUser">
  <cfif
   Evaluate(DateDiff("n", StructFind(Application.UsersInfo, itmUser), Now())) GT 10>
    <cfset StructDelete(Application.UsersInfo, itmUser)>
  </cfif>
 </cfloop>
</cflock>

<!--- Logs user out once browser is closed --->
<cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
  <cfset Variables.cfid_local = Cookie.CFID> 
  <cfset Variables.cftoken_local = Cookie.CFTOKEN> 
  <cfcookie name="CFID" value="#Variables.cfid_local#"> 
  <cfcookie name="CFTOKEN" value="#Variables.cftoken_local#"> 
</cfif>

Open in new window

0
 
LVL 36

Assisted Solution

by:SidFishes
SidFishes earned 300 total points
ID: 26298217
you don't need to extend cflock only sessiontimeout and that is the easiest and simplest way to get what you want done.

The only downside is that clients leaving desk while session is still active could reveal private data. (but then that can happen if it is set @ 20 min and they walk away at 10)

Encourage clients to logout when done and make them aware of the risks but you should be good to go (server service  will need a restart for setting to take affect)
0
 
LVL 36

Assisted Solution

by:SidFishes
SidFishes earned 300 total points
ID: 26298324
btw the -reason- you don't need to extend cflock is that is only used while setting application variables so there is no conflict.

Adding a cflock exclusive could prevent any other access to that variable during the lock time.

fyi cflock timeouts are specified in seconds not minutes like createtimespan and in most cases should not take more than a second or 2 to release

0
 
LVL 52

Assisted Solution

by:_agx_
_agx_ earned 200 total points
ID: 26298457
+1 .  I totally with SidFishes' answers

(Just to a tiny clarification, cflock has no absolutely effect on session timeouts.  So that is why you don't need to change the lock value.)
0
 
LVL 52

Expert Comment

by:_agx_
ID: 26298464
> I totally with SidFishes' answers

   Argh.  Trying to do too many things at once.  That should read "I totally _AGREE_ with SidFishes' answers"
0
 

Author Closing Comment

by:Elizabeth2
ID: 31676346
Great help! Thank you so much
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
Objective of This Article In 1990’s, when I was a budding software professional, I had a lot of confusion about which stream or technology, I had to choose to build my career. In those days, I had lot of confusion like whether to choose System so…
The purpose of this video is to demonstrate how to properly insert a Vimeo Video into a WordPress site or Blog. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp…
The purpose of this video is to demonstrate how to update a WordPress Site’s version. WordPress releases new versions of its software frequently and it is important to update frequently in order to keep your site secure, and to get new WordPress…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question