[thelist] CF Session Variables
Susan Wallace
susanhw at webcastle.com
Mon Oct 1 22:44:02 CDT 2001
Greetings!
I have a client that has been using an "online store" application for some
time now. For session variables, the store implements Locking. (The server
is NT 4 / IIS/ CF 4.51)
This past week, the client created a new product in the store and assigned
it a price of $0.00. Once the item was added to the store, she sent out an
e-mail to all of her previous customers to let them know about the free
item. Then she went home for the weekend.
She returned today to an inbox with 300 irate customer e-mails because
other people's personal information was showing up when they went to place
an order. I am aware that this happens with sessions, but I thought that
when Locking was used it would prevent it from happening?? (obviously I
need to go back over Locking...)
I am not asking for help debugging anything here, rather for what I may
have missed in looking into possible causes. The only thing that changed
was the item price.
This is the list that I came up with of possible "issues":
1) Multiplying a UPS shipping rate by 0 is a Bad Idea. (This store uses
CF_UPSRateMonger - When she changed the price of the item to $0.01 and let
her session timeout, the problem still occurred.)
2) Perhaps she had included in the URL that she sent a specific
CFID/CFTOKEN combination that resulted when she viewed the new product in
the store. (I checked, she did not)
3) The server has a serious memory problem. The server this is on is
notorious for being overcrowded, it often times out on requests. Would
running out of memory cause it?
I know there are still several things to consider here - specifically with
the Shipping tables and the way the store is put together, my question is:
What else would cause this behavior?
This application has been running for about 2 years, it has been upgraded
numerous times but we have never seen any of this before. The most recent
upgrade was over 3 months ago, and it is an active site. I would have
expected to see this before now if the last upgrade caused a problem?
Ok... I'll stop rambling. ;-)
<tip type="Web log analyzer">
One more reason to switch to Summary (http://www.summary.net):
If you are interested in finding out what screen resolution your visitors
are using, Summary provides JavaScript code that will add this information
to your reports. (Details provided in the documentation.)
</tip>
Any suggestions greatly appreciated!
Susan Wallace
More information about the thelist
mailing list