Skip to main content
A
Anonymous
December 7, 2009
Answered

CFLock and Passing parameters

  • December 7, 2009
  • 2 replies
  • 953 views

Hello there, I have two questions...

In numerous examples of site security, I've noticed the CFlock tag used. Hwoever, when looking at CF9 documentation, in a specific example of site security that includes user roles (using an application.cfc file) there is no mention of CFLocks. Are they necessary to authenticate users or not? I can't see why they would be. The variable being changed is the users status (authenticated or not) and since it is in the session scope, it is already unique, right? So why bother with CFLock?

Second, how can I redirect a person to the same page they where on after submitting a form? I have a news letter form present on all pages of the website, and I would like the person to return to teh same page they where on when they submitted the form.

    This topic has been closed for replies.
    Correct answer ilssac

    In pre-mx days, i.e. ColdFusion 4.5, ColdFusion suffered from a bad memory leak with shared memory variables like session.  One of the popular work arounds was to <cflock...> all reads and writes to these variables.  That has long been unnecessary, but there is still tons of old code examples and old developers that continue to utilze this work around.

    The action page of a form is defined in the <form action="..."> parameter.  If you name the form page itself as the action page the user will stay on the same page.

    You can also name another action page, but then at the end of that page's processing use a <cflocation...> tag to redirect the user back to the desired page.

    2 replies

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    December 8, 2009

    @Mel.Husseini

    So why bother with CFLock?

    @Ian Skinner

    In pre-mx days, i.e. ColdFusion 4.5, ColdFusion suffered from a bad memory leak with shared memory variables like session.  One of the popular work arounds was to <cflock...> all reads and writes to these variables.  That has long been unnecessary, but there is still tons of old code examples and old developers that continue to utilze this work around.

    Those are issues that are resolved by the fact that Coldfusion is now a thread-safe Java application. However, there are other uses for cflock.

    Here are some examples. A web shop application may store the shopping cart in session scope. A session lock would then be necessary, for example, to prevent the customer from adding an item while his order is proceeding to checkout. You need a named lock to ensure that one user completely uploads or writes to a file, before another can read it. 

    @Mel.Husseini

    Second, how can I redirect a person to the same page they where on after submitting a form? I have a news letter form present on all pages of the website, and I would like the person to return to teh same page they where on when they submitted the form.

    There are CGI variables and Coldfusion functions that give the value of the current page. Coldfusion also passes the current page as an argument in the onRequestStart event of Application.cfc. Put the value in a hidden field in the form. Then, on the action page, use cflocation to redirect to it.

    A
    Anonymous
    December 8, 2009

    Thank you for your input. After considering the above, I ran into a major problem: validation.

    Here is the issue: Most forms of validate are either client side or server side that takes place on the same page. I'm trying a different approach and it's causing me a major headache. I would like an action page to do the validation server side, then process the form. The problem is most validation examples I've seen execute on the form page. I would like to create a seperate action page that processes all form executions... the problem is if data is not valid, returning an error code to the original page becomes extremely difficult... any ideas on a correct methodology to achieve that? Is this an efficient way to do what I am doing? Or should I forget the idea of centralizing execution code?

    ilssac
    ilssac
    Inspiring
    December 8, 2009

    It is definitly possible to do what you want.

    But it is not something you are going to quickly and easily bolt onto an existing applicaiton without considerable refactoring.

    Most likely you will need some type of controller that can direct trafic.  This starts leading you down the popular path of creating a Model-View-Control (MVC) application.  This type of application takes planning and considerations on how each piece will interact with the others.  There are many poplular MVC frameworks, such as Model-Glue and MachII.

    So I can only advice that it is doable, it may even be desireable, but it could take a great deal of work to modify your applicaiton into this form.

    ilssac
    ilssacCorrect answer
    Inspiring
    December 7, 2009

    In pre-mx days, i.e. ColdFusion 4.5, ColdFusion suffered from a bad memory leak with shared memory variables like session.  One of the popular work arounds was to <cflock...> all reads and writes to these variables.  That has long been unnecessary, but there is still tons of old code examples and old developers that continue to utilze this work around.

    The action page of a form is defined in the <form action="..."> parameter.  If you name the form page itself as the action page the user will stay on the same page.

    You can also name another action page, but then at the end of that page's processing use a <cflocation...> tag to redirect the user back to the desired page.

    A
    Anonymous
    December 7, 2009

    Thank you for responding, I appreciate it. Just a follow up question regarding the forms...

    if I name an action page different than the form page (ideally I would like to do that) then redirect through <cflocation>... but I would have to put an absolute path in cflocation. So if this absolute path is back to, say, index, a user who submitted a newsletter request from another page would go back to index, and not the page he posted from... I would like to create a variable that defines the location of the current page, pass it to the form action page, then use it in cflocation to redirect... sorry if I have not been clear.

    ilssac
    ilssac
    Inspiring
    December 7, 2009

    You could either include that information as part of the form data in hidden fields.

    Or you could check out the cgi data <cfdump var="#cgi#"> that has information about what page the user came from.

    You could then use this information to dynamically build the path for the <cflocation...> tag.

    PS. Or, another idea, would be to set the desire path data in a session, or similar, variable scope and then use this on the action page for the cflocation path.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices