In order to use session variables, first you have to instruct the Cold Fusion
server that you wish to use them.
<cfapplication name="PickSomeUniqueName"
ClientManagement="No"
SessionManagement="Yes"
SessionTimeout="#CreateTimeSpan(0,0,30,0)#"
SetClientCookies="Yes">
It
would be best to place this inside your Application.cfm file, otherwise you will
have to add it in each of your templates before you refrence any session
variables. The "SessionTimeout" field defines how long to wait before removing
the user's session variables from the system's memory. The syntax is
SessionTimeout="days,hours,minutes,seconds". In this case, if the user does not
perform any action on your site within 30 minutes, their session variables will
dissapear.
Once you set the CFAPPLICATION tag, simply prefix any variables that you want
to be access across multiple pages with "session.". For example, once you set
the variable "session.userid", all of your pages can use it.
Keep in mind that you'll have to code in some sort of check to see if the
session variables have expired. You can either define them with a default value
or if the session variable doesn't exist, redirect them to your login page.
<!--- Check to see if the session variable exists, if not set it. --->
<CFPARAM name="session.IsLoggedIn" default="N">
<!--- Check to see if the session variable exists,
if not redirect them to the login page --->
<CFIF IsDefined("session.IsLoggedIn") EQUAL "No">
<CFLOCATION URL="/login.cfm">
</CFIF>