Pass all the required data through get (URL) or post (FORM)
requests.
ColdFusion has the ability to pass the session required CFID
& CFTOKEN
cookie values though the URL so that cookies are not
required. Then all
the other state data can be stored in the session scope.
This does require quite a bit of effort to make sure that
every link,
form post, any other request, passes these values. It also
opens a
whole world of session sharing issues as URL's with these
values can
easily be bookmarked, e-mailed, otherwise shared. You will
need logic
that minimizes this risk.
It can be done. However most developers just choose to
clearly require
cookies in the user information of the site. A simple test to
see if
cookies are disabled can provide feedback to users who may
not be aware
of the issues.
Something like that. Just realize it takes two request to
complete the
test. The first request you attempt to set the cookie. On the
next
request you attempt to read it. If it does not exist, the
user is not
allowing cookies.
Do this the first time the user access the site and you are
golden.
Just remember that if there are no cookies there is no
session scope,
unless you pass cfid and cftoken values in the URL.
ColdFusion must
have these values, usually stored in cookies, to know what
requests
belong to what session data.
So, I'd need to add html code like this to every href link?
<cfif not IsDefined(Cookie.test)>
<cfoutput>
<a href ="
/link.cfm?session.cfid=#cfid#&session.token=#cftoken#">shopping
cart test</a>
</cfoutput>
</cfif>
Or, is it more complicated than that?
Can anyone point me to a tutorial for this?
There are functions that can help you manage your session
state through
the URL.
The 'Using Persistent Data and Locking' section of
'ColdFusion
Developer's Guide' in the ColdFusion documentation discuss
the ins and
outs of Session state management and doing so without
cookies. After
this you should be able to find blogs and discussions that
tweak out the
finer details.
7
Replies
AdChoices