Session info lost on BlackBerry (ColdFusion app)
This is a ColdFusion/mobile question. I have a simple web app with a login page. User types their login info, session info is assigned, and they're taken to a projects page. This works fine, but when I try to setup an auto-login (user clicks a bookmark on their home screen that passes a username and password), the same process should occur, but the session info is lost once they are taken to the projects page. This occurs on the BlackBerry 9370 (w/ touch screen. not sure of the model type), but works fine when testing it in a browser and the BlackBerry simulator. Here's some code for the auto login:
<cfquery name="qryAccount">
EXEC m_AccountLogin
@Username = <cfqueryparam value="#LCase(url.u)#" cfsqltype="cf_sql_varchar">,
@Password = <cfqueryparam value="#LCase(url.p)#" cfsqltype="cf_sql_varchar">;
</cfquery>
<cfif qryAccount.recordcount>
<cflock name="lockAccount" type="exclusive" timeout="10">
<cfset session.account = {
isLoggedIn = true,
MemberID = qryAccount.iMemberID,
Role = qryAccount.iRole }>
</cflock>
<cflocation url="/mobile/home/projects.cfm" addtoken="true">
<cfelse>
<cflocation url="/mobile/index.cfm" addtoken="true">
</cfif>
I read that using <cflocation>
right after assigning session vars may cause an issue, so I tried a JavaScript re-direct and still came up short. Any ideas?
I can't help but think this may be a bug in the BB browser, which is pretty lame to begin with (IMO it makes IE6 look usable).
For the sake of testing, is it practical to remove the cflocation to the projects page and put a clickable link there instead? I'd just like to see if it works that way. If it does, then for some reason, cflocation is causing the session to be lost. That shouldn't be the case since you're on CF9, but it'd be nice to prove one way or another.
After CF7, Adobe fixed the issue of setting session variables in the same request as a <cflocation>
tag. This is no longer an issue.
The likely cause for your session dropping out is that BlackBerry is clearing out your session cookies (cfid,cftoken or jsessionid) when it launches the browser from a home screen bookmark. I have seen this same behaviour in the iPhone as well, it's possible that BB is also doing it.
To confirm (or deny) that this is the case, set up a simple page that outputs:
<cfdump var="#session#">
<cfdump var="#getHttpRequestData()#">
Navigate to this page on your BB the "normal" way by keying in the URL manually. The first time that the page loads, it will create a session (and send back the associated session cookie(s)). Reload the page and you will see in the http request data dump, a header called cookie( request.headers.cookie
). This will contain the same session information that you see in the session dump above it.
Now, use the home screen bookmark to load up the page. If BB is in fact clearing out your sessions cookies, then the request.headers.cookie
will not be there and new session identifiers will be given.
Have you already tried using CFHEADER tags to redirect instead of cflocation? Example:
<CFHEADER STATUSCODE="302" STATUSTEXT="Object Temporarily Moved">
<CFHEADER NAME="location" VALUE="/mobile/home/projects.cfm">
You need both of those tags in order for the redirect to work. I suggest also adding a CFABORT at the end to mimic the way that CFLOCATION also stops current page execution.
链接地址: http://www.djcxy.com/p/10384.html