9 of 14
2. Session and Application Variables (Server category, Variables
page): You may wish to disable session and application variables, so
that if you accidentally write them into your application, you'll
receive an error rather than allowing the application to function.
Since session and application variables are not centrally stored, if
you should accidentally use session and application variables, your
application will function on the cluster but with undesirable
results. Disallowing session and application variables adds another
level of protection.
STEP 3: Application Design Conversion
This will
probably be the most challenging step. Since I can't be there to
help you with your code, I can't provide screenshots and other
helpful tools to aid you in the design or conversion of your
application to use client variables. However, there are some basic
bits of code that you'll need to use, starting with the
CFAPPLICATION tag.
The CFAPPLICATION Tag
This is an important
setting. In every Application.cfm in your application (if you are
using Fusebox, chances are this setting will exist in your
"app_Globals.cfm" file), you should have a CFAPPLICATION tag. You
need to make sure that you have enabled client variables for your
application, and turned off the ability to use session variables in
each instance of the tag. A sample CFAPPLICATION tag, using our
database created above as an example, would look like this:
<CFAPPLICATION
NAME="YourAppName"
CLIENTMANAGEMENT="Yes"
SETCLIENTCOOKIES="Yes"
CLIENTSTORAGE= "CVR">
Make sure you specify a separate name for each application
running on your cluster - the CVR database uses that name to keep
client variables unique, should you choose to store all client
variables for all applications in one database (i.e., using the
Default Client Variable Storage location in the ColdFusion
Administrator).
It remains a matter of choice whether or not you will enable
"SETCLIENTCOOKIES" - the use of cookies makes coding easier because
you don't need to pass CFID and CFTOKEN in the URL throughout your
application. Passing CFID and CFTOKEN in the URL presents a couple
of issues:
You could get a potential problem with a user trying to "jump
sessions" by hacking different numbers into the CFID/CFTOKEN
variables.
CFID and CFTOKEN can cause problems when someone wishes to
bookmark a page in your application.
9 of 14