Helpful Information
 
 
Category: ColdFusion
Session variables lost, cfid resetting

I have an application that did work, and I don't know what I did to it, and it is to vast to show code, I just don't know what to look for. I have a click tracking system and when I go to the page that displays the details, the cfid is reset and all session variables are lost. The session variables are used throughout the application and works throughout the application, accept for this one page. My boss pointed out something very interesting. I can navigate through the whole application, but when you go to that page the cfid changes. It is like you are a completely new person, here are the client variables on the page right before I get to the bad page:

CODE

Client Variables:
cfid=174779
cftoken=30604707
hitcount=4
lastvisit={ts '2007-09-18 11:18:57'}
timecreated={ts '2007-09-18 11:18:47'}
urltoken=CFID=174779&CFTOKEN=30604707


Here is the client variables on the bad page:

CODE

Client Variables:
cfid=174785
cftoken=77405485
hitcount=1
lastvisit={ts '2007-09-18 11:21:21'}
timecreated={ts '2007-09-18 11:21:21'}
urltoken=CFID=174785&CFTOKEN=77405485

Strangly enough the url variable I pass through make it:
<a href="http://xxxxx.com/clickDetails.cfm?l=#getLinkInfo.linkID#">

Everything worked before, I have no idea how I broke it, does anyone know why this would be happening?
The session variables I use I lock when I make them, as type="exclusive". Then I don't lock them anywhere else because they are just being read. They work fine too, you can just click right through all the pages back and forth until you ask for the bad page. Then it is as if you a completely new user. Any ideas PLEASE hints, something, I have been reading the documentation and can't find anything!

Is that page in the same domain?
Is anything setting cookies as domain cookies?
Is the page being opened in a different manner, such as a redirect?

Is that page in the same domain?
yes

Is anything setting cookies as domain cookies?
Good question, although I don't understand why I had to so this, because it worked without it before, and I have no clue what I did to change it, but here is my application file before you asked this question:


<cfapplication
name = "ClickTrack"
loginStorage = "session"
clientManagement = "Yes"
clientStorage = "Cookie"
setClientCookies = "Yes"
sessionManagement = "Yes"
sessionTimeout = #CreateTimeSpan(0, 0, 45, 0)#
applicationTimeout = #CreateTimeSpan(0, 0, 50, 0)# >

and here it is after I searched 'domain cookies' in the cf docs


<cfapplication
name = "ClickTrack"
loginStorage = "session"
setdomaincookies="Yes"
clientManagement = "Yes"
clientStorage = "Cookie"
setClientCookies = "Yes"
sessionManagement = "Yes"
sessionTimeout = #CreateTimeSpan(0, 0, 45, 0)#
applicationTimeout = #CreateTimeSpan(0, 0, 50, 0)# >

I am glad it works now, but am confused as to why it worked without that and then stopped and now it needs it?

Is the page being opened in a different manner, such as a redirect?
no it isn't a redirect

If any of the new pages used domain cookies, it would break existing ones that didn't...other than that, I just always set them or never set them :D

hrm...all of a sudden it started breaking again, so I set it to "No" and it started working again...wtf...I don't understand here...could you explain to me what is going on?:eek: :confused:

Not really, not without highly extensive testing, knowing your environment, seeing all the pages to see if anyone is messing with them, looking at server config, etc.










privacy (GDPR)