• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 346
  • Last Modified:

Coldfusion Newsletter's Token Bug

Hi,

I have the following code into my Application.cfc file ; into the 'onRequest' function, for testing purposes.
Normally I'll put it into 'onSessionStart' function.

The bug is the code seems to execute well, but without any reason, the server modify the browser's url, adding tokens to it. So I have the message "page cannot be found".
The url should be:
 https://www.joe-cool.co.uk/EN/home/home.cfm
but it is replaced by:
 https://www.joe-cool.co.uk/EN/home/www.joe-cool.co.uk?CFID=5071941&CFTOKEN=73411406

Please help, I'm pulling my hair ! Thanks.

PS: the page "myJoeCool" that I include & put into the variable "mailContent" is a page listing customers's preious orders.
<cfset Session.Newsletter = "no">
			<cfif session.email EQ "vincent@joe-cool.co.uk">
            	<cfquery name="emailsToAdd" datasource="joecool_web">
                	select distinct email from webAccounts where buyerCategory not like 'consumer' && buyerCategory not like '%shop' && email like '%@%.%' && email not in (select distinct email from webAccountsNews)
                </cfquery>
                
                <cfset todaysDate = DateFormat("#Now()#","yy/mm/dd")>
                <cfset refDate = DateFormat(DateAdd("d", -22, Now()), "yy/mm/dd")>
                
                <cfloop query="emailsToAdd">
                	<cfquery name="insert" datasource="joecool_web">
                    	insert into webAccountsNews (email, newsDate) values (<cfoutput>'#emailsToAdd.email#', '#refDate#'</cfoutput>)
                    </cfquery>
                </cfloop>
                
            	<cfquery name="emails" datasource="joecool_web">
                	select email, newsDate from webAccountsNews
                </cfquery>
                
                <cfloop query="emails">
                	<cfset y = left("#emails.newsDate#", 2)>
                	<cfset m = mid("#emails.newsDate#", 4, 2)>
                	<cfset d = right("#emails.newsDate#", 2)>
                	<cfset thisNewsDate = CreateDate(#y#, #m#, #d#)><cfdump var="#thisNewsDate#">&nbsp;<cfdump var="#refDate#">
                	<cfif thisNewsDate LTE refDate>trouloulou<br />
						<cfset Session.Newsletter = "yes">
            	<cfset url.email = "vincent@joe-cool.co.uk">
                        <!---<cfsavecontent variable="mailContent"><cfinclude template="./EN/mydetails/myjoecool.cfm"></cfsavecontent>--->
                        <!---<cfmail to="webstaff@joe-cool.co.uk" FROM="#Session.emailFrom#" subject="Test News Auto" type="html" server="#Session.emailServer#">
                            <cfoutput>#mailContent#</cfoutput>
                        </cfmail>--->
                        <cfset Session.Newsletter = "no">
                    </cfif>
                </cfloop>
			</cfif>

Open in new window

0
adam1h
Asked:
adam1h
  • 2
1 Solution
 
adam1hAuthor Commented:
in my onRequest function, I have also the following code, after the previous one.

I haven't change it & it always works fine ; but it can helps

<!--- force user to use https secure server path --->
			<cfif cgi.server_port is not "443">
				<cfif find("co.uk", "#CGI.server_name#")>
					<cflocation url="https://www.joe-cool.co.uk#Arguments.targetPage#" addtoken="No">
				<cfelse>
					<cflocation url="https://www.joe-cool.net#Arguments.targetPage#" addtoken="No">
				</cfif>
			</cfif>
			
			<!--- reset the array with the jcid if items diplayed --->
			<cfif #Arguments.targetPage# NEQ "/EN/basket/shopping_basket.cfm">
				<cfset Session.ItemDisplayedCodes = ArrayNew(1)>
				<cfset Session.ItemDisplayedCodesIndex = 0>
			</cfif>
			
			<cfoutput>
				<!--- display page's data per little blocks in place of waiting the build of the whole page --->
				<cfif #Arguments.targetPage# NEQ "/EN/login/login_process.cfm" AND #Arguments.targetPage# NEQ "/EN/logout/logout.cfm">
					<cfflush interval="8">
				</cfif>
				<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
				<!--- include topbuts if it's not "tellafriendform.cfm" --->
				<cfif #Arguments.targetPage# NEQ "/EN/tellafriend/tellafriendform.cfm" 
					AND #Arguments.targetPage# NEQ "/home.cfm">
					<cfinclude template="#Session.language#/topbuts.cfm">
				</cfif>
				
				<!--- include the called page --->
				<cfinclude template="#Arguments.targetPage#">

				<!--- include footer if it's not "index.cfm" --->
				<cfif #Arguments.targetPage# NEQ "/index.cfm" AND #Arguments.targetPage# NEQ "/EN/home/home.cfm">
					<table width="900" align="center">
						<tr>
							<td colspan="2" align="center">
								<cfinclude template="EN/temp_footer/temp_footer.cfm">
							</td>
						</tr>
					</table>
        		</cfif>
    </cfoutput>

Open in new window

0
 
duncancummingCommented:
Firstly I'm not sure why you're using onRequest.  Usually you'd use onRequestStart instead, try moving code into there and see if that makes any difference.

Secondly, if the CFID and CFToken are being appended to URLs that usually implies you have a CFLocation somewhere that doesn't have the AddToken="false" attribute.  I don't see that happening in any of the code you've given, so check all your codebase for all your cflocations.

Thirdly, and this is an unrelated point to your problem, you generally don't need # # around variables inside most CF tags like CFSet.  e.g. this:
<cfset todaysDate = DateFormat("#Now()#","yy/mm/dd")>
could be written as:
<cfset todaysDate = DateFormat(Now(),"yy/mm/dd")>
and is considered best practice.

0
 
adam1hAuthor Commented:
Thanks a lot, very helpful
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now