![]() ![]() ![]() |
Cookies are a general mechanism used by server-side applications such as ColdFusion to store information in individual browsers. Cookies stored in a browser can then be retrieved by the server-side application. With cookies, applications can create variables specifically for an individual browser. For example, you could create a cookie for background color and then customize the background color of your site for each user.
Cookies are domain-specific, that is, they are set and retrieved for a specific server reference, such as www.allaire.com or 127.0.0.1. A specific domain can set a maximum of 20 cookies in a user's browser (ColdFusion uses two of these cookies, for CFID and CFTOKEN).
Using the Secure Sockets Layer (SSL), cookies can be sent securely. They are persistent, so they will stay stored in the browser until they expire or are deleted. Cookies are currently supported by almost all major commercial browsers.
A cookie created using the CFCOOKIE tag is available to all ColdFusion pages as well as other Web applications in the domain that can access cookies. This means you can pass parameters to subsequent pages using browser cookies.
Note that cookies were not designed to store secure information such as passwords or credit card numbers.
<CFCOOKIE NAME="User_ID" VALUE="2344" EXPIRES="100">
If ColdFusion executes a CFLOCATION tag on the same page following the creation of cookie variables with CFCOOKIE, the cookie variables are lost.
For more information on CFCOOKIE, see the CFML Language Reference.
Once you store a cookie in the client's browser, it is automatically sent to your Web server every time a page is requested by that client. The value of a cookie variable can be accessed in the same way that other types of dynamic parameters (such as URL and Form variables) are accessed. For example, use the Cookie prefix to display the User_ID cookie variable created in the previous example in a CFOUTPUT section, following this syntax:
<CFOUTPUT> #Cookie.User_ID# </CFOUTPUT>
It's a good idea to test whether a cookie exists before you use it in an application page.
To delete a cookie, you use the CFCOOKIE tag with the EXPIRES attribute set to "now":
<CFCOOKIE NAME="User_ID" VALUE="#User_ID#" EXPIRES="now">
The cookie will be deleted when the user closes the browser.
![]() ![]() ![]() |
AllaireDoc@allaire.com
Copyright © 1998, Allaire Corporation. All rights reserved.