Session Variables
ASP Session Variables
Here is a simple Session test for ASP to verify the Session is working:
<% Session("myCounter") = Session("myCounter") + 1 Response.Write "Counter: " & session("myCounter") %> Click <a href="sessiontest.asp">here</a> to refresh which should increment the Counter.
ColdFusion Session Variables
How to verify ColdFusion Session Management is working
By default the Session Timeout is set to 20 minutes.
Here is a sample script to verify the ColdFusion Session variables and ColdFusion Session in general is working.
This is handled differently based on whether you are using Application.cfm or Application.cfc, so be sure to note which one you are using. If using Application.cfm, you need to make sure your application.cfm file is set to handle session variables. To do this, make sure you have sessionmanagement="yes" like:
<cfapplication sessionmanagement="yes">
If using Application.cfc, you need to make sure your application.cfc is set to handle the sessions variables properly. Here is an example for that:
<cfcomponent> <cfset this.name = "myApplication"> <cfset this.Sessionmanagement = TRUE> </cfcomponent>
Now create a new page named sessiontest.cfm and add this code:
<cfif IsDefined("SESSION.MyCount")> <cfset SESSION.MyCount = #SESSION.MyCount# + 1> Current Count is: <cfoutput>#SESSION.MyCount#</cfoutput><BR> The current time is <cfoutput>#Now()# <br /> Server: #CGI.SERVER_NAME# </cfoutput> <BR> <cfelse> <cfset SESSION.MyCount = 1> <cfoutput>Count: #SESSION.MyCount# <br /> Server: #CGI.SERVER_NAME# </cfoutput> </cfif> <A HREF="sessiontest.cfm">Test Session</A>
Now load the page in your browser and click the Test Session link to verify it's working.
Important: If you are on a Linux-based ColdFusion server, you MUST capitalize the 'A' in 'Application.cfm' or 'Application.cfc'. If you do not do this, ColdFusion will not recognize your 'Application.cfm' or 'Application.cfc' file.
Delete Session Cookies
On ColdFusion pages, you can use the following code to delete a users session cookies when he closes the browser:
<!---Kill user session if user closes browser---> <cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")> <cfset Variables.cfid_local = Cookie.CFID> <cfset Variables.cftoken_local = Cookie.CFTOKEN> <cfcookie name="CFID" value="#Variables.cfid_local#"> <cfcookie name="CFTOKEN" value="#Variables.cftoken_local#"> </cfif>
CF 10 considerations
If you use ColdFusion 10 and try to implement the above code you may encounter the following error:
"Failed to set cookie. ColdFusion is unable to add the cookie you specified to the response."
This is because we have the setting for "Disable updating ColdFusion internal cookies using ColdFusion tags/functions" enabled on our servers to help add an additional layer of security.
Solution
To bypass this so you can update/modify any cookies set with "cfcookie" and "cfheader" you will need to add the following code to your Application.cfc:
<cfset this.sessioncookie.disableupdate = false> <cfset this.authcookie.disableupdate = false>
Adjusting Session Timeouts
Our ColdFusion servers have a default session timeout of two (2) hours. If you wish to adjust that, you can do so through your Application.cfm or Application.cfc files.
If using Application.cfm
This <cfapplication> tag specifies a custom session timeout of 3 hours and 30 minutes:<cfapplication name="myawesomeapp" sessionmanagement="Yes" sessiontimeout="#CreateTimeSpan(0,3,30,0)#">
If using Application.cfc (tag-based)
Use this code (adjusting the timespan as necessary) to set your custom session timeout:<cfset this.sessiontimeout = CreateTimeSpan(0,3,30,0) />
If using Application.cfc (cfscript)
Use this code (adjusting the timespan as necessary) to set your custom session timeout:this.sessionTimeout = createTimeSpan(0,3,30,0);
PHP Session Variables
Here is an example of testing Session Variables in PHP to verify they are working:
<?php session_start(); if(isset($_SESSION['views'])) $_SESSION['views']=$_SESSION['views']+1; else $_SESSION['views']=1; echo "Views=". $_SESSION['views']; ?>
Click <a href="sessiontest.php">here</a> to refresh which should increment the number of Views.