Last updated on
|
Also Applies to ColdFusion
Description
Renews the session when started. For example, you want to generate a new session after a successful login. It prevents session attacks, because the session before and after a successful authentication is different.The method,
- Creates a session
- Copies the data from the old session to the new session
- Invalidates the old session
- Invalidates or overwrites the old session cookies
- Creates new session cookies if the old session cookies are invalidated
- Copies and updates client storage data to new session keys
| Note: Does not rotate jsessionid when JEE sessions are enabled. This only works with ColdFusion sessions (CFID, CFTOKEN). |
Returns
None
Category
Display and formatting functions
Syntax
SessionRotate()
See also
History
ColdFusion 10: Added this function.
Parameters
None
Usage
Use this function to rotate the session.
Example
Application.cfc
<cfcomponent> |
sessionRotate.cfm
| <cfif isDefined("url.rotate") > <cfset sessionRotate()/> </cfif> <cfif isDefined("url.name") > <cfset session.name = url.name /> </cfif> <cfdump var="#session#" label="SESSION"> <cfoutput> <a href="sessionRotate.cfm?name=BOB">Set session.name = BOB </a> <br/> <a href="sessionRotate.cfm?rotate=TRUE">Rotate the session</a> </cfoutput> |
Sign in to your account