Session variables are set, then immediately disappear. What now?

Report · May 07, 2009

Ok, this is strange. Maybe because I'm darn tire. But anyway...

I have a simple login script that checks stuff and then if successful logs them in via setting session variables into the session via a struct like so:

I then set all my other user specific stuff in this struct. That's straightforward...and when I dump session.user...it shows the data. However, if I refresh the page, this session variable disappears. If I simply dump "session" then I see the usual CFID and CFTOKEN stuff. So session is enabled and ready, but why then does it disappear?

I have done stuff like this before so I really can't see what's happening. The session timeout is also set to 30 minutes in the Application.cfc so that shouldn't be it.

My CFC code is below.

Many thanks,

Mikey.

==================================

                <cflock name="lockGetUser" type="exclusive" timeout="30">

                    <cfquery name="local.qryGetUser" datasource="#request.dsn#" username="#request.username#" password="#request.password#">
                    SELECT userID, userName, userPassword, userRole, userDeleted
                    FROM #request.tbl_users#
                    WHERE userName = <cfqueryparam cfsqltype="cf_sql_varchar" value="#trim(arguments.userName)#" />
                    AND userPassword = <cfqueryparam cfsqltype="cf_sql_varchar" value="#trim(arguments.userPassword)#" />
                    AND userDeleted = 0
                    </cfquery>

                </cflock>

                <cfif local.qryGetUser.recordcount eq 1>

                    <cflock scope="session" timeout="30" type="exclusive">

                        <cfset session.user = {} />
                        <cfset session.user.username = local.qryGetUser.userName />
                        <cfset session.user.role = local.qryGetUser.userRole />
                        <cfset session.user.id = local.qryGetUser.userID />

                        <cfdump var="#session.user#" />

                    </cflock>

Report · May 07, 2009

<cfset session.user = {} />

That's dicey! I expected the done thing, namely, <cfset session.user = "">. Could you show us the code in Application.cfc? That's where the engine usually needs oiling.

Report · May 07, 2009

Hi BKBK,

<cfset session.user = {} /> is a shorter way of doing: <cfset session.user = structNew() /> in CF8. Is this a bad way of doing things?

I wanted to create another struct in the session because it makes more logical sense in most of my code to say something like session.user...and I can have other things like session.pages.

My Application.cfc code is below:

=====================================

<cfset application.userObject = createObject("component", "cfc.user").init() />
            <cfset application.udfObject = createObject("component", "cfc.udf").init() />
            <cfset application.uploadObject = createObject("component", "cfc.upload").init() />

            <cfreturn true />

        </cffunction>

        <cffunction name="onRequestStart" returntype="boolean" output="true">

            
            

            
            <cfset request.fileUploadLimit = 4194304 />

            
            <cflock scope="session" timeout="30" type="exclusive">
                <cfif not isDefined("session.user") and getFileFromPath(cgi.script_name) neq "login.cfm">
                    <cflocation url="#getDirectoryFromPath(cgi.script_name)#login.cfm" addtoken="no" />
                </cfif>
            </cflock>

            
            <cfif isDefined("url.logout") and url.logout eq "true">
                <cfinvoke component="#application.userObject#" method="logoutUser" />
                <cflocation url="#getDirectoryFromPath(cgi.script_name)#login.cfm" addtoken="no" />
            </cfif>

            
            <cfquery name="variables.getItems" datasource="#request.dsn#" username="#request.username#" password="#request.password#">
            SELECT *
            FROM #request.tbl_items#
            </cfquery>

            <cfset request.itemObject = createObject("component", "cfc.item").init(variables.getItems) />
            <cfset request.uiObject = createObject("component", "cfc.ui").init(variables.getItems) />
            <cfset request.positionObject = createObject("component", "cfc.position").init(variables.getItems) />
            <cfset request.messagesObject = createObject("component", "cfc.messages").init() />
            <cfset request.insertObject = createObject("component", "cfc.insert").init() />
            <cfset request.updateObject = createObject("component", "cfc.update").init() />
            <cfset request.selectObject = createObject("component", "cfc.select").init() />

            <cfmail to="#request.adminEmail#" from="Skylite CMS" subject="Skylite CMS Exception" charset="utf-8" type="html" server="#request.adminEmailSMTP#" username="#request.adminEmailUsername#" password="#request.adminEmailPassword#">
                <p>An exception ha occured:</p>
                <p>#except.message#</p>
            </cfmail>

            <cfinclude template="error.cfm" />
            <cfabort />

        </cffunction>
        --->

</cfcomponent>

=============================================

I know some of that code is bad, but I'll sort that one! Just can't understand why the session disappears.

ALSO, I noticed that when I dump out #session#, everytime I refresh the page, sessionid is new every time. Is this normal? Surely we have one ID per session? It seems like it keeps wiping the session every time. Almost like it IS SETTING it but then clearing it at the same time.

Thanks for the help!

Mikey.

Report · May 07, 2009

CRAP!!!!!

I knew it was simple. This line seems to be the culprit:

My app had a new name everytime and must have been resetting itself due to its random construction.

I'm such a monkey! Thanks for your help though

Mikey.

Report · Nov 18, 2021

Did you find a solution?I am having similar issues. What did you do to avoid randomization of

<cfset this.name = hash(now(),"md5","utf-8") />? I am using syste and user variables

Report · Nov 18, 2021

Mathur, first, are you saying you have the same issue? If so, don't vary the app name so randomly. That will cause this problem.

Also, what do you mean by, "syste and user variables"? I realize syste may mean system. But CF has neither system nor user variables.. Are you really asking about ColdFusion?

Finally, note that you're asking on a thread that is 12 years old. While one of the participants is still active here (BKBK), the other is NOT, it seems (Kapitaine).

/Charlie (troubleshooter, carehart.org)

Report · Nov 19, 2021

Sorry I posted the issue in wrong window, I went through and realized. I forgot to delete the comment. 😞

Report · Nov 21, 2021

@mathurmagic0808 , post your own issue in a new thread and I shall be glad to join the discussion

Adobe Community

Session variables are set, then immediately disappear. What now?