Created
March 25, 2014 11:15
-
-
Save bennadel/9759635 to your computer and use it in GitHub Desktop.
Explicitly Ending A ColdFusion Session
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfcomponent | |
| output="false" | |
| hint="I define application settings and event handlers."> | |
| <!--- Define the application settings. ---> | |
| <cfset this.name = hash( getCurrentTemplatePath() ) /> | |
| <cfset this.applicationTimeout = createTimeSpan( 0, 0, 5, 0 ) /> | |
| <cfset this.sessionManagement = true /> | |
| <cfset this.sessionTimeout = createTimeSpan( 0, 0, 3, 0 ) /> | |
| <!--- ------------------------------------------------- ---> | |
| <!--- ------------------------------------------------- ---> | |
| <!--- | |
| Check to see if we are supposed to kill the user's | |
| currently active session. | |
| ---> | |
| <cfif structKeyExists( url, "killSession" )> | |
| <!--- | |
| Override the session timeout so that it will timeout | |
| immediately (approximately - it might be slightly | |
| delayed). | |
| NOTE: Using a ZERO timeout seems to be ignored by | |
| the ColdFusion framework. Hence, I am using 1 second. | |
| ---> | |
| <cfset this.sessionTimeout = createTimeSpan( 0, 0, 0, 1 ) /> | |
| <!--- | |
| NOTE: We have to get OUT of the pseudo constructor | |
| before we redirect the user otherwise the new | |
| sessionTimeout value will not actually stick. | |
| Also, we CANNOT delete the cookies in the pseudo | |
| constructor, otherwise new cookies will be assigned | |
| to the tiny timeout and we won't *actually* timeout | |
| the current session. | |
| ---> | |
| </cfif> | |
| <!--- ------------------------------------------------- ---> | |
| <!--- ------------------------------------------------- ---> | |
| <!--- Define page request settings. ---> | |
| <cfsetting | |
| requesttimeout="10" | |
| showdebugoutput="false" | |
| /> | |
| <cffunction | |
| name="onSessionStart" | |
| access="public" | |
| returntype="void" | |
| output="false" | |
| hint="I initialize the session."> | |
| <!--- | |
| Set up a hit count variable so that we can see | |
| how many page requests are recorded in this user's | |
| session. | |
| ---> | |
| <cfset session.hitCount = 0 /> | |
| <!--- Return out. ---> | |
| <cfreturn /> | |
| </cffunction> | |
| <cffunction | |
| name="onRequestStart" | |
| access="public" | |
| returntype="boolean" | |
| output="false" | |
| hint="I initialize the page request."> | |
| <!--- Define the local scope. ---> | |
| <cfset var local = {} /> | |
| <!--- --------------------------------------------- ---> | |
| <!--- --------------------------------------------- ---> | |
| <!--- | |
| Check to see if we killed the session timeout in the | |
| psuedo constructor. If we did, we can / should now | |
| kill the cookies for the current session and then | |
| redirect such that the user can get their new session. | |
| ---> | |
| <cfif structKeyExists( url, "killSession" )> | |
| <!--- | |
| Clear all of the session cookies. This will | |
| expire them on the user's computer when the | |
| CFLocation executes. | |
| ---> | |
| <cfloop | |
| index="local.cookieName" | |
| list="cfid,cftoken,cfmagic"> | |
| <!--- Expire this session cookie. ---> | |
| <cfcookie | |
| name="#local.cookieName#" | |
| value="" | |
| expires="now" | |
| /> | |
| </cfloop> | |
| <!--- | |
| Redirect back to the primary page (so that we dont | |
| have the killSession URL parameter visible). | |
| ---> | |
| <cflocation | |
| url="./index.cfm" | |
| addtoken="false" | |
| /> | |
| </cfif> | |
| <!--- --------------------------------------------- ---> | |
| <!--- --------------------------------------------- ---> | |
| <!--- Increment hit count. ---> | |
| <cfset session.hitCount++ /> | |
| <!--- Return true so the page can process. ---> | |
| <cfreturn true /> | |
| </cffunction> | |
| <cffunction | |
| name="onSessionEnd" | |
| access="public" | |
| returntype="void" | |
| output="false" | |
| hint="I handle any end-of-session logic."> | |
| <!--- Define arguments. ---> | |
| <cfargument | |
| name="sessionScope" | |
| type="any" | |
| required="true" | |
| hint="I am the session scope that is ending." | |
| /> | |
| <cfargument | |
| name="applicationScope" | |
| type="any" | |
| required="true" | |
| hint="I am the application scope parent to the given session." | |
| /> | |
| <!--- Output the CFID and CFTOKEN values to the log. ---> | |
| <cffile | |
| action="append" | |
| file="#getDirectoryFromPath( getCurrentTemplatePath() )#log.cfm" | |
| output="ENDED: #arguments.sessionScope.cfid#<br />" | |
| /> | |
| <!--- Return out. ---> | |
| <cfreturn /> | |
| </cffunction> | |
| </cfcomponent> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfoutput> | |
| <h1> | |
| Explicitly Ending ColdFusion Sessions | |
| </h1> | |
| <p> | |
| Hit Count: | |
| #session.hitCount# | |
| ( <a href="index.cfm">Refresh</a> ) | |
| </p> | |
| <p> | |
| CFID: #session.cfid#<br /> | |
| CFTOKEN: #session.cftoken#<br /> | |
| </p> | |
| <p> | |
| <a href="index.cfm?killSession">End Session</a> | |
| </p> | |
| <!--- Include the log file (for sesion ending). ---> | |
| <cfinclude template="log.cfm" /> | |
| </cfoutput> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfcomponent | |
| output="false" | |
| hint="I define application settings and event handlers."> | |
| <!--- Define the application settings. ---> | |
| <cfset this.name = hash( getCurrentTemplatePath() ) /> | |
| <cfset this.applicationTimeout = createTimeSpan( 0, 0, 5, 0 ) /> | |
| <cfset this.sessionManagement = true /> | |
| <cfset this.sessionTimeout = createTimeSpan( 0, 0, 3, 0 ) /> | |
| <!--- Define page request settings. ---> | |
| <cfsetting | |
| requesttimeout="10" | |
| showdebugoutput="false" | |
| /> | |
| <cffunction | |
| name="onSessionStart" | |
| access="public" | |
| returntype="void" | |
| output="false" | |
| hint="I initialize the session."> | |
| <!--- | |
| Set up a hit count variable so that we can see | |
| how many page requests are recorded in this user's | |
| session. | |
| ---> | |
| <cfset session.hitCount = 0 /> | |
| <!--- Return out. ---> | |
| <cfreturn /> | |
| </cffunction> | |
| <cffunction | |
| name="onRequestStart" | |
| access="public" | |
| returntype="boolean" | |
| output="false" | |
| hint="I initialize the page request."> | |
| <!--- Define the local scope. ---> | |
| <cfset var local = {} /> | |
| <!--- --------------------------------------------- ---> | |
| <!--- --------------------------------------------- ---> | |
| <!--- | |
| Check to see if we are supposed to kill the user's | |
| currently active session. | |
| ---> | |
| <cfif structKeyExists( url, "killSession" )> | |
| <!--- | |
| Change the timeout on the current session scope. | |
| This is an undocumented function. We are changing | |
| it to one second. | |
| ---> | |
| <cfset session.setMaxInactiveInterval( | |
| javaCast( "long", 1 ) | |
| ) /> | |
| <!--- | |
| Clear all of the session cookies. This will | |
| expire them on the user's computer when the | |
| CFLocation executes. | |
| NOTE: We need to do this so that the redirect | |
| doesn't immediately pick up the previous session | |
| within the new, one-second timeout (which would | |
| completely defeat our purpose). | |
| ---> | |
| <cfloop | |
| index="local.cookieName" | |
| list="cfid,cftoken,cfmagic"> | |
| <!--- Expire this session cookie. ---> | |
| <cfcookie | |
| name="#local.cookieName#" | |
| value="" | |
| expires="now" | |
| /> | |
| </cfloop> | |
| <!--- | |
| Redirect back to the primary page (so that we dont | |
| have the killSession URL parameter visible). | |
| ---> | |
| <cflocation | |
| url="./index.cfm" | |
| addtoken="false" | |
| /> | |
| </cfif> | |
| <!--- --------------------------------------------- ---> | |
| <!--- --------------------------------------------- ---> | |
| <!--- Increment hit count. ---> | |
| <cfset session.hitCount++ /> | |
| <!--- Return true so the page can process. ---> | |
| <cfreturn true /> | |
| </cffunction> | |
| <cffunction | |
| name="onSessionEnd" | |
| access="public" | |
| returntype="void" | |
| output="false" | |
| hint="I handle any end-of-session logic."> | |
| <!--- Define arguments. ---> | |
| <cfargument | |
| name="sessionScope" | |
| type="any" | |
| required="true" | |
| hint="I am the session scope that is ending." | |
| /> | |
| <cfargument | |
| name="applicationScope" | |
| type="any" | |
| required="true" | |
| hint="I am the application scope parent to the given session." | |
| /> | |
| <!--- Output the CFID and CFTOKEN values to the log. ---> | |
| <cffile | |
| action="append" | |
| file="#getDirectoryFromPath( getCurrentTemplatePath() )#log.cfm" | |
| output="ENDED: #arguments.sessionScope.cfid#<br />" | |
| /> | |
| <!--- Return out. ---> | |
| <cfreturn /> | |
| </cffunction> | |
| </cfcomponent> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfcomponent | |
| output="false" | |
| hint="I define application settings and event handlers."> | |
| <!--- Define the application settings. ---> | |
| <cfset this.name = hash( getCurrentTemplatePath() ) /> | |
| <cfset this.applicationTimeout = createTimeSpan( 0, 0, 5, 0 ) /> | |
| <cfset this.sessionManagement = true /> | |
| <cfset this.sessionTimeout = createTimeSpan( 0, 0, 3, 0 ) /> | |
| <!--- Define page request settings. ---> | |
| <cfsetting | |
| requesttimeout="10" | |
| showdebugoutput="false" | |
| /> | |
| <cffunction | |
| name="onSessionStart" | |
| access="public" | |
| returntype="void" | |
| output="false" | |
| hint="I initialize the session."> | |
| <!--- | |
| Set up a hit count variable so that we can see | |
| how many page requests are recorded in this user's | |
| session. | |
| ---> | |
| <cfset session.hitCount = 0 /> | |
| <!--- Return out. ---> | |
| <cfreturn /> | |
| </cffunction> | |
| <cffunction | |
| name="onRequestStart" | |
| access="public" | |
| returntype="boolean" | |
| output="false" | |
| hint="I initialize the page request."> | |
| <!--- Increment hit count. ---> | |
| <cfset session.hitCount++ /> | |
| <!--- Return true so the page can process. ---> | |
| <cfreturn true /> | |
| </cffunction> | |
| <cffunction | |
| name="onSessionEnd" | |
| access="public" | |
| returntype="void" | |
| output="false" | |
| hint="I handle any end-of-session logic."> | |
| <!--- Define arguments. ---> | |
| <cfargument | |
| name="sessionScope" | |
| type="any" | |
| required="true" | |
| hint="I am the session scope that is ending." | |
| /> | |
| <cfargument | |
| name="applicationScope" | |
| type="any" | |
| required="true" | |
| hint="I am the application scope parent to the given session." | |
| /> | |
| <!--- Output the CFID and CFTOKEN values to the log. ---> | |
| <cffile | |
| action="append" | |
| file="#getDirectoryFromPath( getCurrentTemplatePath() )#log.cfm" | |
| output="ENDED: #arguments.sessionScope.cfid#<br />" | |
| /> | |
| <!--- Return out. ---> | |
| <cfreturn /> | |
| </cffunction> | |
| </cfcomponent> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfoutput> | |
| <h1> | |
| Explicitly Ending ColdFusion Sessions | |
| </h1> | |
| <p> | |
| Hit Count: | |
| #session.hitCount# | |
| ( <a href="index.cfm">Refresh</a> ) | |
| </p> | |
| <p> | |
| CFID: #session.cfid#<br /> | |
| CFTOKEN: #session.cftoken#<br /> | |
| </p> | |
| <p> | |
| <a href="./kill/index.cfm">End Session</a> | |
| </p> | |
| <!--- Include the log file (for sesion ending). ---> | |
| <cfinclude template="log.cfm" /> | |
| </cfoutput> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfcomponent | |
| output="false" | |
| hint="I exist only to extend the base application and kill the session."> | |
| <!--- | |
| Set the name of the application. It is critical that this | |
| application have the same NAME as the root application | |
| (in order to override the settings). However, since we | |
| have hashed the application based on the root Appliation | |
| file name, we have to use the same file name... which is | |
| the current Application.cfc *minus* the current directory. | |
| ---> | |
| <cfset this.name = hash( | |
| reReplaceNoCase( | |
| getCurrentTemplatePath(), | |
| "[\\/][^\\/]+([\\/]Application\.cfc)$", | |
| "\1" | |
| ) | |
| ) /> | |
| <!--- | |
| Define the application session settings. Notice that we | |
| are using a one second timeout for the session. | |
| ---> | |
| <cfset this.sessionManagement = true /> | |
| <cfset this.sessionTimeout = createTimeSpan( 0, 0, 0, 1 ) /> | |
| <cffunction | |
| name="onRequestStart" | |
| access="public" | |
| returntype="boolean" | |
| output="false" | |
| hint="I initialize the page request; but really, I am only here to kill the user cookies and redirect back to the root application."> | |
| <!--- Define the local scope. ---> | |
| <cfset var local = {} /> | |
| <!--- | |
| Clear all of the session cookies. This will expire | |
| them on the user's computer when the CFLocation | |
| executes. | |
| ---> | |
| <cfloop | |
| index="local.cookieName" | |
| list="cfid,cftoken,cfmagic"> | |
| <!--- Expire this session cookie. ---> | |
| <cfcookie | |
| name="#local.cookieName#" | |
| value="" | |
| expires="now" | |
| /> | |
| </cfloop> | |
| <!--- | |
| Redirect back to the primary page of the root | |
| application. | |
| ---> | |
| <cflocation | |
| url="../index.cfm" | |
| addtoken="false" | |
| /> | |
| <!--- Return true so the page can process. ---> | |
| <cfreturn true /> | |
| </cffunction> | |
| </cfcomponent> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment