I created a search result page. User who has no login/password can see the search result but it is read only while user with login/password can do more with the search result.
My page is started with:
<CFIFIsDefined("url.uid") >
<CFSET userid ="#Decrypt(url.uid,application.mySecretKey,"AES","hex")#">
This page is doing just fine except when user left the page idle for sometime then comes back and refresh the page. That's the time when
an error shows up:
It seems that CF can't decrypt the url.uid after the page becomes idle for awhile.
The error:
| The following information is meant for the website developer for debugging purposes. | |
| Error Occurred While Processing Request | |
|
My Application.cfc looks like this:
<cfcomponent name="Application">
<cfscript>
this.name = "TWI";
this.applicationTimeout = createTimeSpan(0,1,0,0);
this.clientManagement = false;
this.sessionManagement = true;
this.sessionTimeout = createTimeSpan(0,1,0,0);
</cfscript>
<cffunction name="onApplicationStart" returnType="boolean" output="false">
<cfset application.dsn = "TWI">
<cfset application.mySecretKey = generateSecretKey("AES")>
<cfreturn true />
</cffunction>
<cffunction name="onRequestStart" returnType="string" output="false">
<cfset request.mySecretKey = application.mySecretKey />
<cfset request.algorithm = "AES" />
<cfset request.encoding = "hex" />
</cffunction>
<cffunction name="onApplicationEnd" returnType="void" output="false">
<cfargument name="applicationScope" required="true" />
<cfreturn />
</cffunction>
<cffunction name="OnSessionStart" access="public" returntype="void" output="false">
<CFSET session.EntityId= "0">
<CFSET session.Roles="">
<cfreturn />
</cffunction>
<cffunction name="OnSessionEnd" access="public" returntype="void" output="false">
<cfargument name="SessionScope" type="struct" required="true" />
<cfargument name="ApplicationScope" type="struct" required="false" default="#StructNew()#" />
<cfreturn />
</cffunction>
</cfcomponent>
What should I do to avoid this error showing up again? Have I done something wrong if the codes in my application.cfc or there is something else I haven't done?
For other pages where only users with login/password can access, I started the code with:
<CFIF session.EntityId IS 0>
<cflocation url="index.cfm">
<CFELSE>
<!--- Codes here --->
</CFIF>
With these codes on top of the page, if user left the page idle for awhile then comes back and refresh, I did not get the error because the site will go back to idex.cfm
I can't do this to the search page because users without login/password are allowed to search and see the search result. Can anyone help with solution?