cftoken and cfid problems !

Report · Nov 02, 2009

Hi I use cfid and cftoken in my development in the URL variable

If I have several users logged in at the same time the server mixes people sessions and sends back history and orders to the wrong people?

I need help.As I use the URL option should I put it in everysingle page (I have some menus in JSP or Flash Menu)

Has somebody got an exemple of and application.cfm file that could avoid this type of issues ?

Is it better to work the session variable or the client variable in the web site ?

Thanks

Report · Nov 02, 2009

CFID and CFTOKEN are specifically for identifying a user's session. So if you use the same CFID and CFTOKEN for all users (like, hard coding them on a URL), then you will indeed be forcing people to use the same session.

So yo're perhaps better off not putting them on the URLs. The only time you would need to do that is if the client you are developing the site for insists that visitors will have cookies disabled, and accordingly you need to maintain sessions manually. But you'd still not hard code the values on the URL, yo'd use distinct values for each visitor.

--

Adam

Adobe Community

cftoken and cfid problems !