understand that when one closes the browser, the session gets killed in ASP,
i encountered a scenario, where even after the browser was closed, the session was active, let me explain, i have written a code to check if the session variable contains the loginname then i am allowing access to a certain asp page to the user.
the code worked. thereafter i closed the browser, opened the browser again and accessed the same url, surprisingly it allowed access to the page and did not ask me for the login name, clearing the cache also did not help.
Further, I need to update some table as well when the user closes his browser window (an update query to set the flag to 0 for tracking user status). How can I do this. A sample code will be highly appreciated.!
Lastly, when the user clicks the logoff button, he successfully logout , but he can come back with the back button on the browser. Is there a way to prevent this,that is, once the user logout and tries to come back, he SHOULD NOT be allowed to do so rather he should be redirected to a page where he can login again.
if user clicked the Sign Out button, the session abandon and the login page displays. If the user clicks the browser Back button, it won't show the previous page. It shows only the login page. How does is work?
i have 2 application variables called totalAdminLoggedIn and totalUserLoggedIn
when ever an admin login, I increment the totalAdminLoggedIn value by one and when a normal user logg in, the totalUserLoggedIn value will be incremented by one.
how can i change the values when the session expire ? i can reduce the value manually when they logoff like:
if session("userCategory")="admin" then Application("totalAdminLoggedIn")=Application("totalAdminLoggedIN")-1 elseif session("userCategory")="user" then Application("totalUserLoggedIn")=Application("totalUserLoggedIn")-1 end if session.contents.remove "userCategory"
but what if the session expires automatically or if they close the window suddenly?
Some of our web site users are experiencing a strange behavior of IE 6 (Sp1 or not). It looks like their ASP Session Cookie expire before time.
Here are some details. The user connects to our web site and we keep his ID in the Session object. At the beginning of every page, we check the presence of this ID and if it is missing, we redirect the user to the connection page.
Somewhere in the site, we create a temporary cookie. At some point, this new cookie is deleted with the following ASP code :
When the user clics on an hyperlink, he is redirected to the connection page because his ASP cookie is no more (I have verified that in our IIS log : there is no request logged after the execution of the above code).
Any ideas ? Could this be an Internet Explorer bug ?
Did anyone know how to set the page are expire after logout? or something that had been sent using form. user can not go back t oview it again by clicking at the back button. Like hotmail.com
when user log out and hit the back button, the page display that the page are expire.
I've searched the net for ways to expire a page immediately, so when the user hit 'Back', they receive the "Page Has Expired" error page and I've seen a number of posts on how to do it - with the code below:
However, when I try using this code, nothing happens, when I click 'Back', it simply takes me back to the previous page. The "Expired Page" error page should display, correct?
Whenever password is expired & force user to change NT password for the web server, it seems to be assumption that asp application gives "interanal server error". Is it true that forcing user to change password will generate "internal server" error? BTW..this is caused in our intranet site and it is NT authenticated site.
What causes asp pages to "expire" - for example, on some PCs (not all, not all the time), when you hit the back button you get a "page expired" message.
I have a form that users fill and submit to a server side page. when a user uses the back button to go back to the form, I want the form page to expire. Pls how can i implement this.
I want to expire a cookie collection in my asp page and I gave it like this;
Response.Cookies("whereq").Expires = Now()
and this "whereq" collection has 50 keys. The problem is my cookie didn't expire from the above code. I hope there should be a way to do so without writing 50 expire lines.
I would like to know how can I remove expires date from asp I am not this can be done in access or asp script. There are a field i n access datbase say p_expdate which I delete and replace p_date which display the current post date
Which specific file in asp should I modify I had look into the file like register.asp and search for p_expdate. I had rename to p_date. Do you think the setting on my datbase or value I need to set.
After moving my application from W2K / IIS5 to W2K3 / II6 the application works pefrectly BUT the user session expire prematurely (after about 2 mins) rendering the application unusable.
How does the expire date work setting it server side with asp. I know with javascript setting it client side it will be set to the clients local time, and therefore expire when the clients local time reaches the set expire-time.
But if it is an expire time set on my server in California, and the cookie is put on a computer that is running on London Time, and the expire time is set at the server as 20 minutes from now, the London computer will think that the cookie has expired 7 hours and 40 minutes ago, right?
How does this actually work? Is it proper to just set my expire time as:
I was wondering if anyone knows how to get the current time of the user's timezone in an asp page. Currently I am trying to do some frequency capping in an advertising system i am working on and i want a cookie to expire at the end of the day, in Pacific Standard time.
What is happening now is the cookie is expiring whenever the day ends on the users computer, but i want it to expire when the day ends in our time zone. Any ideas on hwo to do this?? Is there a function i can call to get the users current time based on their timezone?
I've created an admin side for my ASP site and I use session vars to provide page security.
Just as a bit of advice, I want to know if I should expire each admin page so that others can't bring them up. I know the session var check will bounce them back to the login page, but I'd rather they didn't even see this page if they aren't authorised.
I want to delete all the cookies which are created for the application.If i know the names of a cookies i can delete the cookies or i can set the expire properties.
I have a site that I'm trying to migrate to ASP.NET from ASP, and the foremost stumbling block I'm hitting is session state between the ASP and ASP.NET applications. In order to access this information, I'm doing a HttpWebRequest from the ASP.NET side into an .asp page, passing the session name on the get in order to request it from the ASP side and write it back to the response stream, giving ASP.NET access to it. Of course I change sessions each time I make the call from the ASP.NET side.
Soooooo, I'm thinking to myself, "Self, shouldn't you be able to fake out the server by getting the session cookie from the initial usage of the asp, pass that data to the ASP.NET, and use that to send a request back the ASP side under the appropriate session?"
From a real high level, I enter the site via a .asp page. This page in turn calls .aspx page from within a frame ......
I want to create an administration page which lists all the current users who are on the site at the moment.
I know coldfusion has this feature built in using the SessionTracker class... does ASP have something similar? If not... is there any way I can just iterate through all the session files on the server...?
I have a site developed using ASP, but each page I enter has a different session id when accessing the site using the domain name of the site. When accessing the site from my network and using the internal IP address, it is OK. Any ideas?
I wrote a website, which uses the session to store and track some vars.
Now I am gonna to covert it to desktop application by Activesite compiler 5, however, it doesnot support session , cookie , application() . SO ,I have no idea to find something can instead of session.
My orignal processing: Session -> modify Session var -> store to Database.
There is a problem about ASP session ID. ASP session is implemented by storing session id in a session cookie, but I read this cookie in ISAPI Filter, get a string as following: ASPSESSIONIDQADCQQTS = IAOFCBBCGDGMDGCNJIKPNBAN
But the real session ID is 554851848. (Real sessionID is sessionID property the ASP session object)
Problem is what is relation between them? And how to get real session ID from cookie session ID.
I did a session("adminlogin")=1, if I post it to the same page, it returns true. But if I response.redirect to another page. This value doesn't exist anymore. This is on the actual server where all the ms security is updated.
The same script worked okay on my test server (the security patch not patched yet.)
Has anyone encountered this? How do you overcome it?
I tried searching the net it says the problem lies with a ms security patch. How I wish I can unintall that patch.
