Coldfusion Newsletter's Token Bug

Hi,

I have the following code into my Application.cfc file ; into the 'onRequest' function, for testing purposes.
Normally I'll put it into 'onSessionStart' function.

The bug is the code seems to execute well, but without any reason, the server modify the browser's url, adding tokens to it. So I have the message "page cannot be found".
The url should be:
 https://www.joe-cool.co.uk/EN/home/home.cfm
but it is replaced by:
 https://www.joe-cool.co.uk/EN/home/www.joe-cool.co.uk?CFID=5071941&CFTOKEN=73411406

Please help, I'm pulling my hair ! Thanks.

PS: the page "myJoeCool" that I include & put into the variable "mailContent" is a page listing customers's preious orders.
<cfset Session.Newsletter = "no">
			<cfif session.email EQ "vincent@joe-cool.co.uk">
            	<cfquery name="emailsToAdd" datasource="joecool_web">
                	select distinct email from webAccounts where buyerCategory not like 'consumer' && buyerCategory not like '%shop' && email like '%@%.%' && email not in (select distinct email from webAccountsNews)
                </cfquery>
                
                <cfset todaysDate = DateFormat("#Now()#","yy/mm/dd")>
                <cfset refDate = DateFormat(DateAdd("d", -22, Now()), "yy/mm/dd")>
                
                <cfloop query="emailsToAdd">
                	<cfquery name="insert" datasource="joecool_web">
                    	insert into webAccountsNews (email, newsDate) values (<cfoutput>'#emailsToAdd.email#', '#refDate#'</cfoutput>)
                    </cfquery>
                </cfloop>
                
            	<cfquery name="emails" datasource="joecool_web">
                	select email, newsDate from webAccountsNews
                </cfquery>
                
                <cfloop query="emails">
                	<cfset y = left("#emails.newsDate#", 2)>
                	<cfset m = mid("#emails.newsDate#", 4, 2)>
                	<cfset d = right("#emails.newsDate#", 2)>
                	<cfset thisNewsDate = CreateDate(#y#, #m#, #d#)><cfdump var="#thisNewsDate#">&nbsp;<cfdump var="#refDate#">
                	<cfif thisNewsDate LTE refDate>trouloulou<br />
						<cfset Session.Newsletter = "yes">
            	<cfset url.email = "vincent@joe-cool.co.uk">
                        <!---<cfsavecontent variable="mailContent"><cfinclude template="./EN/mydetails/myjoecool.cfm"></cfsavecontent>--->
                        <!---<cfmail to="webstaff@joe-cool.co.uk" FROM="#Session.emailFrom#" subject="Test News Auto" type="html" server="#Session.emailServer#">
                            <cfoutput>#mailContent#</cfoutput>
                        </cfmail>--->
                        <cfset Session.Newsletter = "no">
                    </cfif>
                </cfloop>
			</cfif>

Open in new window

adam1hAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

adam1hAuthor Commented:
in my onRequest function, I have also the following code, after the previous one.

I haven't change it & it always works fine ; but it can helps

<!--- force user to use https secure server path --->
			<cfif cgi.server_port is not "443">
				<cfif find("co.uk", "#CGI.server_name#")>
					<cflocation url="https://www.joe-cool.co.uk#Arguments.targetPage#" addtoken="No">
				<cfelse>
					<cflocation url="https://www.joe-cool.net#Arguments.targetPage#" addtoken="No">
				</cfif>
			</cfif>
			
			<!--- reset the array with the jcid if items diplayed --->
			<cfif #Arguments.targetPage# NEQ "/EN/basket/shopping_basket.cfm">
				<cfset Session.ItemDisplayedCodes = ArrayNew(1)>
				<cfset Session.ItemDisplayedCodesIndex = 0>
			</cfif>
			
			<cfoutput>
				<!--- display page's data per little blocks in place of waiting the build of the whole page --->
				<cfif #Arguments.targetPage# NEQ "/EN/login/login_process.cfm" AND #Arguments.targetPage# NEQ "/EN/logout/logout.cfm">
					<cfflush interval="8">
				</cfif>
				<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
				<!--- include topbuts if it's not "tellafriendform.cfm" --->
				<cfif #Arguments.targetPage# NEQ "/EN/tellafriend/tellafriendform.cfm" 
					AND #Arguments.targetPage# NEQ "/home.cfm">
					<cfinclude template="#Session.language#/topbuts.cfm">
				</cfif>
				
				<!--- include the called page --->
				<cfinclude template="#Arguments.targetPage#">

				<!--- include footer if it's not "index.cfm" --->
				<cfif #Arguments.targetPage# NEQ "/index.cfm" AND #Arguments.targetPage# NEQ "/EN/home/home.cfm">
					<table width="900" align="center">
						<tr>
							<td colspan="2" align="center">
								<cfinclude template="EN/temp_footer/temp_footer.cfm">
							</td>
						</tr>
					</table>
        		</cfif>
    </cfoutput>

Open in new window

0
duncancummingCommented:
Firstly I'm not sure why you're using onRequest.  Usually you'd use onRequestStart instead, try moving code into there and see if that makes any difference.

Secondly, if the CFID and CFToken are being appended to URLs that usually implies you have a CFLocation somewhere that doesn't have the AddToken="false" attribute.  I don't see that happening in any of the code you've given, so check all your codebase for all your cflocations.

Thirdly, and this is an unrelated point to your problem, you generally don't need # # around variables inside most CF tags like CFSet.  e.g. this:
<cfset todaysDate = DateFormat("#Now()#","yy/mm/dd")>
could be written as:
<cfset todaysDate = DateFormat(Now(),"yy/mm/dd")>
and is considered best practice.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
adam1hAuthor Commented:
Thanks a lot, very helpful
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ColdFusion Language

From novice to tech pro — start learning today.