A session begins when a visiting client somehow identifies itself to the web server. The web server assigns the client a unique session id, which the client uses to re-identify itself as it moves from page to page on the website. Most of the time, these unique ids are stored in session cookies that expire after the client hasn't interacted with the server for some amount of time. The amount of time varies depending on the web application. For example, an online investment site might have very short sessions, so that if a user leaves her computer without logging out, another user who sits down at the same computer several minutes later cannot continue with the first user's session.
The picture above shows the Memory Variables settings in ColdFusion Administrator, where Session management is configured.
The first checkbox gives the option of using J2EE session variables instead of ColdFusion session variables. The two major advantages of using J2EE session variables are:
There is really no downside to using J2EE session variables, so it is recommended that you check this box.
The second checkbox gives the option to enable Application variables. Application variables are shared between all users of the application and live until ColdFusion Application Server is shut down, they are explicitly deleted, or the application times out due to a setting in <cfapplication>.
Application variables are useful for storing data such as data source names and file paths that are the same for all users over the life of the application, so it is recommended that you check this box.
The third checkbox gives the option to enable Session variables. Session variables are variables that are specific to a user's session (or visit) on the site. If session variables are not enabled, it becomes very difficult to track a user throughout his visit, so it is recommended that you check this box as well.
The <cfapplication> tag is used to:
|name||Name of application.|
|loginStorage||Where to store login variables (in Cookies or Session).|
|clientManagement||Enable client variables. Default is "No".|
|clientStorage||Where to store client variables.|
|setClientCookies||Enable cookies. Default is "Yes".|
|sessionManagement||Enable session management. Default is "No".|
|sessionTimeout||Lifespan of session variables.|
|applicationTimeout||Lifespan of application variables.|
|setDomainCookies||Sets CFID and CFTOKEN for a domain.|
The <cfapplication> tag is most often used at the top of the Application.cfm file. A typical <cfapplication> tag looks like this:
If sessionTimeout and applicationTimeout are not defined in the <cfapplication> tag, as in the tag above, the default values set in ColdFusion Administrator are used.
A ColdFusion structure is a data type that can be used to hold collections of like data. ColdFusion provides many functions to make it easy to work with and manipulate structures. A few of these functions are described in the table below.
|IsStruct||Returns true if the specified variable is a structure.|
|StructNew||Creates a new structure.|
|StructClear||Removes all data from specified structure.|
|StructDelete||Removes the specified item from the specified structure.|
|StructFind||Returns the value associated with the specified key in the specified structure.|
The example below creates a structure called person, adds properties to the structure, deletes a property and then loops through a substructure.
<html> <head> <title>Structure Demo</title> </head> <body> <cfset person = StructNew()> <cfset person.firstName = "Paul"> <cfset person.lastName = "McCartney"> <cfset person.age = 61> <cfset person.talents.sing = True> <cfset person.talents.playsGuitar = True> <cfset person.talents.bungyJumps = False> <cfset StructDelete(SESSION, "username")> <cfoutput><p>Structure Elements: #StructCount(person)#</p></cfoutput> <ul> <cfloop collection="#person.talents#" item="talent"> <cfoutput><li>#talent#: #person.talents[talent]#</li></cfoutput> </cfloop> </ul> </body> </html>
The Session, Application, and Client scopes are all available as ColdFusion structures, which means that they can be manipulated using the Structure functions.
<cfset SESSION.SessVar = "Hello world!"> <html> <head> <title>Session Page 1</title> </head> <body> The content of SESSION.SessVar is <cfoutput>#SESSION.SessVar#</cfoutput>. <a href="Session2.cfm">Next page</a> </body> </html>
This page sets and outputs a session variable.
<html> <head> <title>Session Page 2</title> </head> <body> The content of SESSION.SessVar is still <cfoutput>#SESSION.SessVar#</cfoutput>. <cfset StructDelete(Session,"SessVar")> <a href="Session3.cfm">Next page</a> </body> </html>
This page outputs the same session variable and then deletes it with
<html> <head> <title>Session Page 3</title> </head> <body> The content of SESSION.SessVar is no longer <cfoutput>#SESSION.SessVar#</cfoutput>. </body> </html>
This page tries to read the deleted session variable and fails. It errors with a message like " Element
SESSVAR is undefined in