Hello all,
I am running into some issues with my application and how it
maintains session variables.
What I do is based on what username/password is entered, I
find the record in the database and set the account_id as a session
variable. Therefore when the user goes through the app, it can
query account specific content based on the session.account_id. I
just noticed today that when I sign in as one account, and then
sign in as another, both account_id's randomly appear. In additon,
I have noticed erratic session timeouts.
Would anyone have any suggestions on a better methood???
Here is how I set the variables:
<cfif trim(getAdmin.password) EQ form.password>
<cflock scope="session" timeout="10" type="exclusive">
<cfset session.account_id = getAdmin.account_id>
<cfset session.master = getAdmin.master>
<cfset session.uname = getAdmin.username>
<cfset session.title = getAdmin.account_title>
<cfset session.zip = getAdmin.rss_zip>
</cflock>
<cfset application.loggedin = "YES">
<cflocation url="default.cfm" addtoken="no">
<cfelse>
<div align="center" class="body_or_11">Invalid login
name/password combination</div>
<cfabort>
</cfif>
And here is how I delete the sessions:
<cflock scope="session" timeout="10" type="exclusive">
<!--- Kill all of the sessions --->
<cfset StructDelete(SESSION, "group_id")>
<cfset StructDelete(SESSION, "account_id")>
<cfset StructDelete(SESSION, "group_title")>
<cfset StructDelete(SESSION, "sub_group_title")>
<cfset StructDelete(SESSION, "title")>
<cfset StructDelete(SESSION, "sub_group_id")>
<cfset StructDelete(SESSION, "users")>
</cflock>
Thank you for any help!!
2
Replies
AdChoices