Deleting Client Variables ColdFusion Help

Although the CLI[NTSTORAGEattribute of the CFAPPLICATIONtag offers three types of storage options, cookies will be used no matter which option you specify (unless you have set the SETCLIENTCOOKIES attribute to No).Remember that the CFIO and CFTOKEN values are still stored as cookies on the client even if the storage option has been set to registry or the name of a data source. This is so that a particular client can be recognized when they return to your application. Therefore, client infer-nation is, by default, stored in two places:

Cookies The CFID and CFTOKENvalues are stored in a cookie on the client,
Registry The built-in client variables (CFIO,CFTOKENURLTOKEN Count, and Time Created) as well as any other client variables are stored in the server registry (unless you have specified a different default storage mechanism).
You can delete client data from the registry and from cookies in several ways. These possibilities are discussed in the following sections.
If you have chosen to store your client data in a data source or as cookies, then you can delete them in the standard way:
Data source Use CFQUERYto delete records or field values in the client storage data source. See Chapter 10, “Using CFQUERY and SQL to Interact With the Database.”
Cookie Use the CFCOOKIEtag and set the EXPIRESattribute equal.

Deleting a Single Client Variable

If you need to delete only a single client variable that you have set, you use the Delete-ClientVariable function.

Delete ClientVariable takes one argument: the name of the client variable to be deleted. If you know the name of the client variable you wish to delete, you can use the following code. If the client variable you are attempting to delete roes not exist, you will not receive an error and your application will continue to work as before.
<CFSETdeleted – DeleteClicntVariable(‘client.user_name’) Delete confirmed? <CFOUTPUT>#deleted#</CFOUTPUT> In this code, the variable deleted will return a Yes or No value, depending upon whether client . user_name existed and was successfully deleted.

Deleting All Client Variables

If you want to delete all client variables, you could loop through GetClientVariables- List and deletaeach client variable in the list as shown in the following code. For this code, you do not have to know the name of each client variable.

Deleting Client Cookies

If you would like to also delete the CFID, CFTOKEN, and! or CFGLOBALS cookies on the client side, you would use the following code. This code is useful if you no longer want the user to have access to any client variables. The next-time the client accesses a page, they will be assigned a new CFID and CFTOKENunless you have added some login procedure.

<CFCOOKIENAME=’cfid’ EXPIRES-‘NOW’)
<CFCOOKIENAME-‘cftokEn’ EXPIRES-‘NOW’)
<CFCOOKIENAME=’cfglobals’ EXPIRES-‘NOW’)

Managing Client State Management and Cookies

Describes several limitations of using cookies to store any client variables.

If, for whatever reason, you decide that you do not want to use cookies to,.store the CFID, CFTOKEN, and! or CFGLOBALS, then you must pass the CFID and CFTOi’:’EN variables to each template in your application. You also must specify an option other than cook; as the value for CLIENTSTORAGE in your CFAPPLICATION tag.

Passing CFID and CFTOKEN

To pass the CFID and CFTOKEN variables to each template in your application, you should append the die it variable URLTOKEN to any link you are creating. In the following code you can see how URLTOKEN is passed through form fields, through hyperlinks (URLs), and by using JavaScript

CFLOCATION

In Chapter 4.you learned how to work with cookies. The cookie is set by sending a cookie’ header through the browser. After this header has been received and processed by the server, then the cookie is available for use.

Unfortunately, when using CFLOCATIONa,redirection header is sent through the browser. This header.cancels out the cookie header and therefore prevents the cookie from ‘being set.As a result, you cannot use CFLOCATIONand CFCOOKIEin the same template. This restriction is important to understand when using client management, because the CFIO and CFTOKENcookies can be set on any page in your application framework. If you were using CFLOCATIONth,en this would normally cause a problem. Luckily, Cold Fusion automatically adds the URLTOKENclient variable to the CFLOCATIONheader. The only problem is that the CFIOand CFTqKENcan then be viewable m~e browser’s location bar.

To prevent this from happening, you can use the CFLOCATIONattribute ADDTOKEAND. DTOKEN can be set to Yes or No.The syntax is <CFLOCATION home . cfm” ADDTOKEN'” ‘No’). This will prevent the URLTOKENfrom being passed.

Posted on November 16, 2015 in Implementing the coldFusion Web Application Framework

Share the Story

Back to Top
Share This