2007-08-04 11:00 brian

	*NEW VERSION: 2.0
	
	Added new CFC-based version provided by Jason Baker <therippa@gmail.com>:

		* Session spy makeover 
		* Cookie prefixes allow use in more than one app per server
		* Include <cf_rlocation> tag to solve known issues with cflocation

	Component-based version eliminates the session clearing script and instead
	cleans up in the check() function.  This eliminates the concern of many
	hosting companies about a script scheduled to run every minute.	
	
2000-09-13 10:04  brian

	* README: 
	
	Modified README to note the existence of THEORY and cut and paste
	the caveats over to the THEORY file as well.

2000-09-13 10:04  brian

	* THEORY: 
	
	Added the file THEORY, it contains information about running
	rsession including caveats (such as with CFLOCATION).  At the
	moment, it primarily addresses concerns about the security of
	sessions that default to CFID with a value of 0.  Out-of-the-box,
	that doesn't provide much security so we changed it to use a six
	digit random number which now provides security equal to that of
	the default Allaire session management.

2000-09-13 09:43  brian

	* code/Application.cfm: 
	
	Per Jordan Clark's <jordan@stockscape.com> concerns, modified the
	_default_ CFID to instead be a six digit random number.  The
	rsession framework (out of the box) now mimics Allaire's session
	scope without the locking and failover issues.
	
	Our first application of the rsession framework was in an
	entertainment site where security wasn't an issue (the worst that
	could happen was a user could win prizes for another user 
	*gasp!*).  Jordan brought up some good points however that sessions
	could fairly easily be snarfed with the default setup since UUID's
	are somewhat sequential.  To create more secure sessions by
	default, we now initialize the CFID to a random six digit number.
	
	This now mimics Allaire's framework in 4.5 with optional UUID
	CFTOKEN's and should provide for "fairly" secure sessions.

2000-09-09 15:38  brian

	* presentation/: 0.html, 1.html, 10.html, 11.html, 12.html,
	2-1.html, 2-2.html, 2.html, 3.html, 4.html, 5.html, 6.html, 7.html,
	8.html, 9.html, bacfug.css, index.html, logo_vfive.gif: 
	
	Added directory /presentation to rsession, this contains my
	presentation at the Bay Area Cold Fusion User Group (BACFUG) in
	August of 2000.

2000-09-08 22:58  brian

	* README: Modified README with new information and a caveat about
	using rsession with cflocation.

2000-09-08 22:56  brian

	* ChangeLog: Created ChangeLog generated by Kogel's cvs2cl.pl

2000-09-08 22:48  brian

	* code/: session_check_example.cfm, session_clean_example.cfm,
	session_create_example.cfm: Moved these files to the example
	directory.

2000-09-08 22:43  brian

	* example/: session_check_example.cfm, session_create_example.cfm:
	Modified example tags CFCOOKIE to use domain=".somedomain.com"
	parameter.

2000-09-08 22:40  brian

	* code/Application.cfm: Modified CFCOOKIE to use
	domain=".somedomain.com" parameter.  Crucial to proper operation
	across a cluster of machines.

2000-09-08 22:39  brian

	* INSTALL: Made note about modifying Application.cfm with proper
	request.dsn and domain=".backslap.com" during install

2000-09-08 22:36  brian

	* INSTALL, TODO: Broke down README into more intelligible and
	standardized INSTALL and TODO files.

2000-09-08 22:30  brian

	* code/session_clean.cfm: Removed unnecessary Sybase-specific
	convert statements in qrySelectDeadSessions.

2000-09-08 22:30  brian

	* code/: session_create.cfm, session_save.cfm: Updated references
	to COOKIE.CFID to include val(COOKIE.CFID) to protect against
	malicious SQL hacks.

2000-09-08 22:27  brian

	* example/: session_check_example.cfm, session_clean_example.cfm,
	session_create_example.cfm: Moved these files from /code
	subdirectory into /example subdirectory for cleanliness of
	distribution.

2000-09-08 22:25  brian

	* code/: Application.cfm, OnRequestEnd.cfm, session_check.cfm,
	session_clean.cfm, session_create.cfm, session_save.cfm,
	session_spy.cfm: Update comment header in each file to point to
	rsession directory and changed word "tag" to "framework" in
	description.

2000-09-08 22:20  brian

	* code/session_check.cfm: Added a val() around COOKIE.CFID to
	protect against malicious SQL inserts.

2000-09-08 21:39  brian

	* README, code/Application.cfm, code/OnRequestEnd.cfm,
	code/session_check.cfm, code/session_check_example.cfm,
	code/session_clean.cfm, code/session_clean_example.cfm,
	code/session_create.cfm, code/session_create_example.cfm,
	code/session_save.cfm, code/session_spy.cfm,
	sql/tblLookupSession.sql: Starting RSESSION source management

2000-09-08 21:39  brian

	* README, code/Application.cfm, code/OnRequestEnd.cfm,
	code/session_check.cfm, code/session_check_example.cfm,
	code/session_clean.cfm, code/session_clean_example.cfm,
	code/session_create.cfm, code/session_create_example.cfm,
	code/session_save.cfm, code/session_spy.cfm,
	sql/tblLookupSession.sql: Initial revision

