Maintaining a Session
On the CF-Talk list, Richard Colman asked how he could keep a session alive for longer than the 30 minute limit imposed by Crystal Tech.
Michael Dawson provided a very good answer (quoted below):
I setup my intranet so that, even if the session times-out, it will be transparent to the end-user. I do this by keeping a separate session cookie.
When the session times-out, then the user accesses another page in the application, my scripts will reload the data in the session scope again. The end-users have not complained about this process.
In addition to that approach, I would suggest the following bit of JavaScript:
function keepAlive() {
var imgAlive = new Image();
var d = new Date();
imgAlive.src = '/alive.cfm?d=' + d;
}
setInterval("keepAlive()", 20*60*1000);
Before the script is added to your site, add a small alive.cfm file to the root of your site (name it whatever you wish, just be consistent). The script makes sure that a page is requested from your ColdFusion server by their browser every 20 minutes (safely less than the 30 minute time-out). Alive.cfm need not return an image - JavaScript doesn't check.
Keep in mind that this only works for users who have JavaScript enabled, so make sure to use this technique in conjuction with (not in place of) the approach suggested by Michael Dawson.
This technique actually has a great many uses that I will try to post in future entries. I have used it in the past to change database data without a form submit and also for JavaScript error handling.
Update!
Martin Perry added this suggestion to the discussion to get around the JavaScript issue:
Alternatively, to get around the JavaScript bit, create an invisible IFRAME which has it SRC set to the alive.cfm.. On Alive.cfm, add a HTTP redirect to redirect back to itself after 1200 seconds.
<META HTTP-EQUIV="Refresh" CONTENT="1200;URL=/alive.cfm?cachebuster=<cfoutput>#createUUID()#</cfoutput>">
I never think about IFRAME myself (trying to remain standards compliant). Nevertheless, it is an excellent suggestion. Good call Martin!
In the web.config the session has been allocated 20 mins and IIS also has it configured as 20 mins.
Here is the code i've added at the top of the page.
function keepAlive() {
var imgAlive = new Image();
var d = new Date();
imgAlive.src = '/background-wall.jpg?d=' + d;
}
setInterval("keepAlive()", 15*60*1000);
On adding an alert i found out that the piece of code is executed, but the session still expires.
This technique only works if you are requesting a ColdFusion page.
ColdFusion updates the "lvisit" datetime (the time stamp of the user's last visit) only when processing a ColdFusion page that the user has requested.
Keep in mind that unless your web server is configured to send requests for .jpg files through ColdFusion (and most aren't), then the ColdFusion server isn't even aware of requests to jpg files.
Instead sue this code and remember to use a php script for imgAlive.src, not an image or anotehr file:
Javascript:
You function keepAlive() {
var imgAlive = new Image();
var d = new Date();
imgAlive.src = 'index.php?keepAlive=' + d;
setInterval("keepAlive()", 15 * 60*2000);
}
keepAlive();
PHP:
if(isset($_REQUEST['keepAlive'])) {
die(microtime());
}
No one suggested using setTimeout. The code you listed does the same thing as the original code except that you used one more line to do it by putting the setInterval inside the method.