cfcookie

Description

Defines web browser cookie variables, including expiration and security options.

Syntax

<cfcookie 
  name = "cookie_name"
  value = "text"
  expires = "period"
  secure = "Yes" or "No"
  path = "url"
  domain = ".domain">

Attributes

Attribute Req/Opt Default Description

name
Required

Name of cookie variable.

value
Optional

Value to assign to cookie variable.

expires
Optional
now
Expiration of cookie variable.

A date (for example, 10/09/97)

A number of days (for example, 10, or 100)

now: deletes cookie from client cookie.txt file

never: never deletes cookie from client; writes cookie data to cookie.txt file

secure
Optional

If browser does not support Secure Sockets Layer (SSL) security, cookie is not sent.

Yes: variable must be transmitted securely

No

path
Optional

URL, within a domain to which the cookie applies.
path = "/services/login"
To specify multiple URLs, use multiple cfcookie tags.
If you specify path, you must also specify domain.

domain
Required if path attribute is specified

Domain in which cookie is valid and to which cookie content can be sent. Must start with a period. If the value is a subdomain, the valid domain is: all domain names that end with this string. The cookie is set securely only if the page in which the cookie is used is referenced using the https:// protocol.
For a domain value that ends in a country code, the specification must contain at least three periods; for example, "mongo.state.us". For special top-level domains, two periods are required; for example, ".mgm.com".
You cannot use an IP address as a domain.

Attribute	Req/Opt	Default	Description
name	Required		Name of cookie variable.
value	Optional		Value to assign to cookie variable.
expires	Optional	now	Expiration of cookie variable. A date (for example, 10/09/97) A number of days (for example, 10, or 100) now: deletes cookie from client cookie.txt file never: never deletes cookie from client; writes cookie data to cookie.txt file
secure	Optional		If browser does not support Secure Sockets Layer (SSL) security, cookie is not sent. Yes: variable must be transmitted securely No
path	Optional		URL, within a domain to which the cookie applies. path = "/services/login" To specify multiple URLs, use multiple `cfcookie` tags. If you specify `path`, you must also specify `domain`.
domain	Required if path attribute is specified		Domain in which cookie is valid and to which cookie content can be sent. Must start with a period. If the value is a subdomain, the valid domain is: all domain names that end with this string. The cookie is set securely only if the page in which the cookie is used is referenced using the https:// protocol. For a `domain` value that ends in a country code, the specification must contain at least three periods; for example, "`mongo.state.us`". For special top-level domains, two periods are required; for example, `".mgm.com".` You cannot use an IP address as a domain.

Usage

If this tag specifies that a cookie is to be saved beyond the current browser session, ColdFusion writes or updates the cookie to the cookies.txt file. Until the browser is closed, the cookie resides in memory. If the expires attribute is not specified, the cookie is written to the cookies.txt file.

If you use this tag after the cfflush tag on a page, ColdFusion throws an error.

To set cookies and execute a redirect in the same page, use the cfheader tag to specify the new target URL; for example:

<cfheader name="location" value="OtherPage.cfm?foo=bar">
<cfheader statusCode="302" statusText="Document Moved">
<cfabort>

You can use dots in names within the cookie and client variable scopes, as the following examples show:

<cfcookie name="person.name" value="wilson, john">
<cfset cookie.person.lastname="Santiago">
<cfcookie name="a.b.c" value="a value">
<cfset client.foo.bar="a_value">

Caution: Do not set a cookie variable on the same page on which you use the cflocation tag. If you do, the cookie is never saved on the browser.

Example

<!--- This example shows how to set/delete a cfcookie variable --->
<!--- Select users who have entered comments into sample database --->
<cfquery name = "GetAolUser" dataSource = "cfsnippets">
  SELECT EMail, FromUser, Subject, Posted
  FROM  Comments
</cfquery>
<html>
<body>
<h3>cfcookie Example</h3>
<!--- if the URL variable delcookie exists, set cookie expiration date to NOW --->
<cfif IsDefined("url.delcookie") is True>
  <cfcookie name = "TimeVisited"
  value = "#Now()#"
  expires = "NOW">    
<cfelse>
<!--- Otherwise, loop through list of visitors; stop when you match 
the string aol.com in a visitor's e-mail address --->
<cfloop query = "GetAolUser">
  <cfif FindNoCase("aol.com", Email, 1) is not 0>
    <cfcookie name = "LastAOLVisitor"
    value = "#Email#"
    expires = "NOW" >    
  </cfif>
</cfloop>
<!--- If the timeVisited cookie is not set, set a value --->
  <cfif IsDefined("Cookie.TimeVisited") is False>
    <cfcookie name = "TimeVisited"
    value = "#Now()#"
    expires = "10">
  </cfif>
</cfif>
<!--- show the most recent cookie set --->
<cfif IsDefined("Cookie.LastAOLVisitor") is "True">
  <p>The last AOL visitor to view this site was
  <cfoutput>#Cookie.LastAOLVisitor#</cfoutput>, on
  <cfoutput>#DateFormat(COOKIE.TimeVisited)#</cfoutput>
<!--- use this link to reset the cookies --->
<p><a href = "cfcookie.cfm?delcookie = yes">Hide my tracks</A>
<cfelse>
  <p>No AOL Visitors have viewed the site lately.
</cfif>

cfcookie

Description

Category

Syntax

See also

Attributes

Usage

Example

Comments

CFML Reference
ColdFusion Tags