Hi Guys
I need urgent help with an application that I'm working on in CF 7. I need to build a secure application that will ensure the integrity of all data that is entered by the users.
The user on having a session expire must not be able to use the history(history.back(-1)
of the browser to visit the previous pages that they would have been viewing because the session is no longer valid.
below is the code in my application.cfm
CODE
<cfoutput>
<cfset dsname = "dsn">
<!--- Get the global configuration parameters for the site --->
<cfquery name="config" datasource="#dsname#">
SELECT *
FROM config
WHERE
config_id = 1
</cfquery>
<cfset mailserver = "#config.mailserver#">
<cfset fromEmailAddress = "#config.siteEmail#">
<!---cfset emailUsername = "#config.emailUsername#">
<cfset emailPassword = "#config.emailPassword#"--->
<!--- Name our app, and enable Session variables. Session timeout or automatic logout = 10 minutes --->
<cfapplication name="#datasourcename#" sessionmanagement="Yes" sessiontimeout="#CreateTimeSpan(0,0,10,0)#"
applicationtimeout="#CreateTimeSpan(0,2,0,0)#" >
<!---If user closes browser end session --->
<cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
<cfset cfid_local = Cookie.CFID>
<cfset cftoken_local = Cookie.CFTOKEN>
<cfcookie name="CFID" value="#cfid_local#">
<cfcookie name="CFTOKEN" value="#cftoken_local#">
</cfif>
<!--- setup your sessions --->
<!---commmonly used variables--->
<cfset today = #createODBCDATE(now())#>
<cfset todayDate = #dateformat(today, 'm/dd/yyyy')#>
<cfset weekFromToday = #dateformat(DateAdd("s", 604800, todayDate), 'm/dd/yyyy')#>
<cfif not isdefined('SESSION.SearchText')>
<cfset SESSION.SearchText = ''>
</cfif>
</cfoutput>
Please Help me I have an irate client on my back.
29 Jul, 2008 - 01:01 PM
| 