2 Replies Latest reply on May 16, 2007 11:14 AM by DettCom

    Multiple Sessions variables

    DettCom
      Hello all,

      I am running into some issues with my application and how it maintains session variables.

      What I do is based on what username/password is entered, I find the record in the database and set the account_id as a session variable. Therefore when the user goes through the app, it can query account specific content based on the session.account_id. I just noticed today that when I sign in as one account, and then sign in as another, both account_id's randomly appear. In additon, I have noticed erratic session timeouts.

      Would anyone have any suggestions on a better methood???

      Here is how I set the variables:

      <cfif trim(getAdmin.password) EQ form.password>
      <cflock scope="session" timeout="10" type="exclusive">
      <cfset session.account_id = getAdmin.account_id>
      <cfset session.master = getAdmin.master>
      <cfset session.uname = getAdmin.username>
      <cfset session.title = getAdmin.account_title>
      <cfset session.zip = getAdmin.rss_zip>
      </cflock>
      <cfset application.loggedin = "YES">
      <cflocation url="default.cfm" addtoken="no">
      <cfelse>
      <div align="center" class="body_or_11">Invalid login name/password combination</div>
      <cfabort>
      </cfif>


      And here is how I delete the sessions:

      <cflock scope="session" timeout="10" type="exclusive">
      <!--- Kill all of the sessions --->
      <cfset StructDelete(SESSION, "group_id")>
      <cfset StructDelete(SESSION, "account_id")>
      <cfset StructDelete(SESSION, "group_title")>
      <cfset StructDelete(SESSION, "sub_group_title")>
      <cfset StructDelete(SESSION, "title")>
      <cfset StructDelete(SESSION, "sub_group_id")>
      <cfset StructDelete(SESSION, "users")>
      </cflock>


      Thank you for any help!!
        • 1. Re: Multiple Sessions variables
          insuractive Level 3
          You could be experiencing an issue with your browser caching the page you are calling.

          Say you log in as account 1 and visit pages A, B and C.
          You then log in as account 2 and visit pages D, B, E

          There is a chance that the second time you visit page B, you will see the same information as you did when you were logged into account 1 because the browser cached the page results and can not detect the change in server variables. Holding shift-refresh will usually force the browser to load the page again, not just use a cached version.

          Check that first to see if that is your problem. Do you only get the erratic session timeout issue when you log into 2 concurrent accounts or does it happen in general on your server?
          • 2. Re: Multiple Sessions variables
            DettCom Level 1
            Of course it is not doing it now. You were right, it was probably my browser.

            As far as the erratic session timeouts, is it possible for the Coldfusion server (5 on Win 2000 svr) to have too many at one time??

            Thanks.