Application server variabe scope best practice question

Discussion in 'Open Source Web Programming' started by snh, Sep 13, 2010.

  1. snh

    snh Well-Known Member
    Director

    Joined:
    Oct 6, 2008
    Messages:
    137
    Likes Received:
    0
    While I'm particularly interested in the ColdFusion answer for this, I'm curious if there's a general rule regarding how much info to store in the client variable scope? (In CF, this is separate from the session scope.)

    The app I'm the caretaker of seems to do a lot of similar queries for account info, and it appears to be a lot simpler to just dump the whole account info out into the client variable scope for use within the session, and but can have shorter longevity than the session scope.

    I cannot figure out what the fallout is, or if it was just an oversight of the India-guys that had this app before me that they did not think to do this.

    TIA -S
     
  2. dragonbite

    dragonbite Well-Known Member

    Joined:
    Aug 30, 2008
    Messages:
    477
    Likes Received:
    3
    You mean, putting info into a cookie or a session variable? Consider either of these locations unsecure and just convenient for things that don't matter much (first name, last name, etc.) and avoid user id, passwords and credit card info.

    If you are doing numerous queries for the same data across multiple tables, you could set up a database table to store the often-access or sensitive data (indexed for speed?) with a GUID identifier and the GUID is stored on the client-side (session variable or even cookie). That way, if this information is used in queries you don't have to pass it back-and-forth each time, it's already in the database. When the session is over, then delete the record.

    Just my $0.02, ymmv :yippee
     

Share This Page