|
ColdFusion, ASP and PHP all offer built-in capabilities for maintaining state
during a browser session. Although the specific client variables may
be stored in a database rather than in cookies, the challenge of
keeping track of which client is currently accessing different pages
requires that you either set an identity cookie or else pass the
client identity in the url or hidden form field.
The built-in client
management functions exist primarily to
keep you from having to bother with passing information through the
url or form, and they do that by setting cookies in the client browser.
Therefore, if for some reason you cannot rely on cookies being
available (e.g., they may not be supported by the client browser,
or else they may be turned off in the client browser and you choose
not to explicitly require the visitor to turn them back on), you
will have to do at least some of the work with explicit coding.
Using the built-in client session management capabilities with cookies greatly
simplifies application design and code, and reduces the chance for error.
If your application provides a service such as a shopping cart, users can
generally be expected to understand that cookies are required.
ColdFusion
Client and session variables are used to maintain state in ColdFusion.
Session variables are similar to client variables except that they are always
stored in memory. This means that they cannot be used to recognize a client’s
earlier visits (use client variables for that), and it also means that using
too many of them could seriously tax server resources. Like client variables,
session variables rely on cookies to store the client I.D. unless you explicitly
pass Session.URLTOKEN between pages, either in hidden form fields or appended to URLs.
The ColdFusion client structure is a list of variables which you create and
access with a "client" prefix, e.g. client.name, client.email, etc. You enable
client management in the CFAPPLICATION tag, at the beginning of Application.cfm
and there you specify whether client variables should be stored in the system
registry, a data source or cookies. When client state management is enabled
for an application, you can create a client variable by simply prefixing it
with "Client", e.g.:
<CFSET Client.FavoriteColor="Red">
Once a client variable has been set in this manner, it is available for use
within any application page in your application that is accessed by the client
for whom the variable is set.
In addition to storing custom client variables, the Client object has several
standard parameters which include the I.D. used to track the individual client,
the time the I.D. was created, hit count, and when the client’s last visit was.
Note that even if your client variables are not stored in cookies, a client
ID to maintain state IS normally stored in a cookie. If you choose to design
your aplication to maintain client information without cookies you will, of
course, only be able to track a client session (you can’t recognize a
returning client without cookies), and you’ll have to pass the client or
session ID between forms explicitly through the url or hidden form fields.
Even if you have chosen to design your application not to use cookies, with
ColdFusion you can still make use of the client object to set and reference
client variables (assuming of course that you have specified one of the
non-cookie storage options for them) as long as you pass the variable
Client.URLTOKEN or Session.URLTOKEN between pages, either in hidden form
fields or appended to URLs.
ASP
The standard means for maintaining state with ASP include cookies,
ASP sessions and hidden form fields. Alternately, there are 3rd
party component solutions you can buy. A quick overview of pros
and cons of each approach can be found at
http://www.learnasp.com/learn/stateproscons.asp.
The session object keeps track of each person who accesses the
application, individually. IIS and PWS use cookies to keep track
of sessions, so the session object is only available if the user’s browser supports cookies and cookie support is not turned off. The Session object lets you set variables which will persist for as long as the designated user stays active at your site
PHP
PHP3 and earlier did not have built-in features for handling client or session
variables, but beginning with PHP4 there is a session object.
As with any server-side scripting language,
if you choose not to use cookies for passing client identity codes,
you must structure the pages in your application to explicitly pass
identity codes to each other through the url or hidden form fields.
|
gallery
