User Guide

ManualsBrandsMacromedia ManualsOtherCOLDFUSION 5-DEVELOPING APPLICATIONS

241

242

243

244

245

246

247

248

249

250

Using Session Variables 229

The default timeout for Session variables is set to 20 minutes. You can change the

timeout on the Memory Variables page of the ColdFusion Administrator Server tab.

For more information, see Advanced ColdFusion Administration.

You can also set the timeout period for Session variables inside a specific application

(thereby overruling the Administrator default setting) by using the

cfapplication

tag

sessionTimeout attribute.

Storing session data in Session variables

Session variables are designed to store session-level data. They are a convenient

place to store information that all pages of your application might need during a user

session. Using Session variables, an application can initialize itself with user-specific

data the first time a user accesses one of the application’s pages. This information

can remain available while that user continues to use that application. For example,

you can retrieve information about a specific user’s preferences from a database

once, the first time a user accesses any page of an application. This information

remains available throughout that user’s session, thereby avoiding the overhead of

retrieving the preferences again and again.

Like Client variables, Session variables require a client name (client ID) and are

always scoped within that client ID. Session variables also work within the scope of

an application name if one is supplied, in which case their scope is the combination

of the client ID and the application name.

Standard Session variables

The Session Client scope has four built-in, read-only variables that your application

can use:

If you are also using Client variables, the

Session.CFID, Session.CFToken, and

Session.URL token are identical to the corresponding Client variables.

Variable Description

Session.CFID

The client ID, normally stored on the client system as a

cookie.

Session.CFToken

The client security token, normally stored on the client system

as a cookie.

Session.URLToken

A combination of the CFID and CFToken in the form

CFID=IDNum&CFTOKEN=tokenNum. Use this variable if the client

does not support cookies and you must pass the

CFID and

CFToken variables from page to page.

Session.SessionID

A unique identifier for the session. You use this variable in

cflock tags to identify the scope of the lock.