cfcookie

Description

Defines web browser cookie variables, including expiration and security options.

Category

Forms tags, Variable manipulation tags

Syntax

<cfcookie 
  name = "cookie_name"
  value = "text"
  expires = "period"
  secure = "Yes" or "No"
  path = "url"
  domain = ".domain"> 

See also

cfdump, cfparam, cfregistry, cfsavecontent, cfschedule, cfset

Attributes

Attribute Req/Opt Default Description
name
Required
 
Name of cookie variable.
value
Optional
 
Value to assign to cookie variable.
expires
Optional
now
Expiration of cookie variable.
  • A date (for example, 10/09/97)
  • A number of days (for example, 10, or 100)
  • now: deletes cookie from client cookie.txt file
  • never: never deletes cookie from client; writes cookie data to cookie.txt file
secure
Optional
 
If browser does not support Secure Sockets Layer (SSL) security, cookie is not sent.
  • Yes: variable must be transmitted securely
  • No
path
Optional
 
URL, within a domain to which the cookie applies.
path = "/services/login"
To specify multiple URLs, use multiple cfcookie tags.
If you specify path, you must also specify domain.
domain
Required if path attribute is specified
 
Domain in which cookie is valid and to which cookie content can be sent. Must start with a period. If the value is a subdomain, the valid domain is: all domain names that end with this string. The cookie is set securely only if the page in which the cookie is used is referenced using the https:// protocol.
For a domain value that ends in a country code, the specification must contain at least three periods; for example, "mongo.state.us". For special top-level domains, two periods are required; for example, ".mgm.com".
You cannot use an IP address as a domain.

Usage

If this tag specifies that a cookie is to be saved beyond the current browser session, ColdFusion writes or updates the cookie to the cookies.txt file. Until the browser is closed, the cookie resides in memory. If the expires attribute is not specified, the cookie is written to the cookies.txt file.

If you use this tag after the cfflush tag on a page, ColdFusion throws an error.

To set cookies and execute a redirect in the same page, use the cfheader tag to specify the new target URL; for example:

<cfheader name="location" value="OtherPage.cfm?foo=bar">
<cfheader statusCode="302" statusText="Document Moved">
<cfabort>

You can use dots in names within the cookie and client variable scopes, as the following examples show:

<cfcookie name="person.name" value="wilson, john">
<cfset cookie.person.lastname="Santiago">
<cfcookie name="a.b.c" value="a value">
<cfset client.foo.bar="a_value">

Caution:   Do not set a cookie variable on the same page on which you use the cflocation tag. If you do, the cookie is never saved on the browser.

Example

<!--- This example shows how to set/delete a cfcookie variable --->
<!--- Select users who have entered comments into sample database --->
<cfquery name = "GetAolUser" dataSource = "cfsnippets">
  SELECT EMail, FromUser, Subject, Posted
  FROM  Comments
</cfquery>
<html>
<body>
<h3>cfcookie Example</h3>
<!--- if the URL variable delcookie exists, set cookie expiration date to NOW --->
<cfif IsDefined("url.delcookie") is True>
  <cfcookie name = "TimeVisited"
  value = "#Now()#"
  expires = "NOW">    
<cfelse>
<!--- Otherwise, loop through list of visitors; stop when you match 
the string aol.com in a visitor's e-mail address --->
<cfloop query = "GetAolUser">
  <cfif FindNoCase("aol.com", Email, 1) is not 0>
    <cfcookie name = "LastAOLVisitor"
    value = "#Email#"
    expires = "NOW" >    
  </cfif>
</cfloop>
<!--- If the timeVisited cookie is not set, set a value --->
  <cfif IsDefined("Cookie.TimeVisited") is False>
    <cfcookie name = "TimeVisited"
    value = "#Now()#"
    expires = "10">
  </cfif>
</cfif>
<!--- show the most recent cookie set --->
<cfif IsDefined("Cookie.LastAOLVisitor") is "True">
  <p>The last AOL visitor to view this site was
  <cfoutput>#Cookie.LastAOLVisitor#</cfoutput>, on
  <cfoutput>#DateFormat(COOKIE.TimeVisited)#</cfoutput>
<!--- use this link to reset the cookies --->
<p><a href = "cfcookie.cfm?delcookie = yes">Hide my tracks</A>
<cfelse>
  <p>No AOL Visitors have viewed the site lately.
</cfif>

Comments