My goal is this - to use cookies to remember items viewed by a specific user.
There is no registration process so need to identify each visitor & was thinking about using the session ID of the first visit as the identifier, is this okay?
So now I've identified a user I wish to attach to the cookie the imageID of every item that person has viewed i.e.
response.cookies("Mysite")(SessionID)=1.jpg
then
response.cookies("Mysite")(SessionID)=2.jpg
We've just started getting a weird (and serious) problem with our ecommerce website.
Customers are logging in, which sets a session variable to their username (retrieved from the db). Then for no apparent reason at all, they'll be asked to login again a couple of minutes later.
e.g. Customer logs in, gets told they've logged in successfully, and they can access pages that require them to be logged in. Then, for example, they go to their 'My Account' page and are able to view it with no problems...simply refreshing the page a few times suddenly brings them back to the login page. Then a few more clicks on the 'My Account' button (without logging in a second time) and they're able to view it again.
It's really strange, it's as though the server loses track of the session for a moment, and then finds it again.
We're also getting problems with the shopping cart cookie that can display different quantities in the 'View Cart' page at different times without the customer actually changing the cart contents. Even after the customer completes an order and the cart contents are destroyed, the 'View Cart' page can continue to display the items they just purchased when it should be saying 'Your cart is empty'.
Given that we're having problems with both the cart cookie AND the login session variable (which also uses a cookie), and I'm almost 100% certain I've not touched any code that could interfere with either of these, I'm guessing that this is probably a problem with our ISP's web server but I'm not really sure. I really just want to see what you all think - if you think it's server related then I'll stop tearing my hair out going through all my code to see if it's our problem.
Are session variables more secure then cookies?
Session cookies (cookies with no expiration) are destroyed when the browser is destroyed.
Session variables are destroyed when the browser is destroyed OR after a time period.
So, in that way, they are secure from the data persisting on the client.
However, while they are in use, can cookies and/or session variables be made secure without encryption?
How much more secure are session variables than cookies?
The login state in my site relies on a combination of session variables and encrypted cookies. Some of my users are reporting that they are being "logged out" by the system - which seems to be related to their cookies being blanked out. I've checked all of the code and now that it's not being overwritten by my ASP.
The weird thing is that my site has two domain names, both pointing to the same pages and directories (no redirect). If this problem is happening to them and they switch to the other domain name and log back into the site, they stay logged in no problem. It also seems to not recur if the person is "logged out" and then logs back into the site on their own.
I had one problem like this in the past, because I had a tracking cookie that was being written on every page, and found that some browsers (don't remember which) had a limit of how many cookies could be written - and when they hit the limit the oldest cookie was tossed out. However, I don't have any code doing this now.
Anybody have any ideas what could be going on? Are there any session variable/cookie limits on the server side?
I have these 3 tabs that I want the user to be able to select, a variable to be set, and then each page they visit in the site to read that variable and subsequently display content based on the variable that is set. So, Sheridan tab sees "Sheridan" variable content, Gillette sees "Gillette" variable content, etc.....
View Replies View RelatedIn my Session_OnStart in Global.asa, I am setting some cookies. One
of them, I set as follows:
dim UserID
UserID = Request.ServerVariables("LOGON_USER")
Response.Cookies("User")("ID") = UCASE(UserID)
When I immediately log the cookie value retrieved from
Request.Cookies("User")("ID") into the Windows Event Log, I get the
correct value. However, when I try to retrieve the cookie on the home
page of my application using the same code,
Request.Cookies("User")("ID"), it either cannot find the cookie or
cannot read the value. I am retrieving the cookie before all HTML
headers are written. It is my first statement on the page after
Option Explicit. I have even compared the session IDs. The SessionID
created in the Session_OnStart is the same value as the SessionID on
the home page.
I have read that the Session_OnStart only has access to the
Application, Session and Request objects. It does not explicitly say
that it does not have access to the Response object. Also, I was even
able to use Response.Write's in Global.asa to print out the values
although it looked like it had also stopped the session after I did
so. Cookies are definitely enabled on my machine. I have even tried
setting the session cookie's expiration to be persistent for a few
days to see if it was perhaps expiring before I was able to read it
but this did not work either.
Is there something preventing cookies to be created in Global.asa in
the Session_OnStart sub? Is the Response object not available???
Please let me know if anyone else has had this problem or solution.
Is it possible for a user to enable permanent cookies but disable session cookies.....this seems like a contradition yet this is what I appear to be
reading in online articles?
I m creating a cookies in my application and it work properly but i can't see the cookies where it will sotred i checked the cookies folder but i didn't find that I want to create a cookies file as the other web site create and store where other cookies will stored in Cookies folder or Temprory Internet files folder eg:1. arvind@google.co[1].txt this stored in cookies folder 2. arvind@msn[2].txt ....
View Replies View Relatedcan anyone tell me difference between environment variables and server variables.
View Replies View RelatedI'm not sure how to best describe my problem, so a simple example should help explain things:
I have two arrays, called set1_data and set2_data
if I create a variable like so:
firstPart = "set1"
and then assign like this:
copyOfArray = firstPart & "_data"
how do I make copyOfArray reference the set1_array, as opposed to just a string "set1_array" which is what it's doing?
I've had a good rummage round ye olde Internet but couldn't find anything there must be a keyword or function to achieve this?!?
I've added a cookie and I am able to read it when using the same window but
if I load up a new window and try to access it, it can't find the cookie.
Any one know why?
I am creating a user tracking app that tracks a user one of two ways...
1)First Method is cookies
2)Second Method MS SQL DB
I first check if the users browser accepts cookies if not I go to the db. If the user accepts cookies then I check for a specific crumb if it does not have the value I am looking for I kill it and rewrite it. This is working fine (im in the middle of testing it). The problem is I decieded to test the script with NN7 and not turn cookies off but block cookies from my site and all fell apart. The condition that I have set (detect if cookies are enabled) does not stop the script from trying to set a Session Variable because the browser accepts cookies and to keep a long story short it goes into an infinite loop because the script is looking for a Session value and Its not being stopped becaues the script thinks its alright to write cookies! Is there a way to detect if a user has your sites cookies blocked? This is important because Server.CreateObject("MSWC.BrowserType") will return .Cookies = True and you will not know that your script is not executing properly because a user has your sites cookies blocked but excepts them elsewhere...
After a login we have a menu from where we have access to different operations such as add ,delete,update.. but if a user enters the appropriate URL he has access to these operations with out proper authorization.how do we solve this.
should we use cookies,if so how exactly?
I've built a website which requires a user to log-in to access the site. I have already built a page that enters their details into a db (register.asp), and another page where the user enters their email address (the log-in ID) to actually log-in (login.asp).
How can I use a cookie to automatically log a user in??
More specifically, what are the commands to set a cookie (upon successful registration) and access it (upon re-logging in)?
Hey i've spent the last few hours trying to work this problem out about cookies.
When a user logs in to the site the login.asp page checks the database to see the personal page that the user re directs to e.g if bob brown logged in he would be redirected to bob.brown.asp. This is stored in a field in the database table along with the username and password.
i would like to put a cookie onto the users computer that remembers the url they were redirected to so when they press the main page button it would look for the cookie and see what url they are meant to be redirected to and take them there
My current login system is this ....
I'm trying to load up a page through my asp page and get the cookie from that page so that I can use it later on when it needs to have it to access other parts of the site.
Basically the asp page is going to act like a browser and store the cookie from the other site, then send that cookie back when the asp page goes back to the other site again.
The problem is, I can only seem to access my own cookie. I didn't run into this problem when I was doing a similar thing inside my .cs scripts that were run by the server, as I suppose they were not coming from the actual domain that my page is running on (and thus, wasn't getting everything trampled by local cookies).
Is this possible, or should I just give up on it now?
im building a site for a few doctors surgeries. the user is able to see what appointments are available and then book that date/time. i have a table (in my db) of dates/times and a checkbox to say whether the time has been booked or not (and display only times that havnt been booked). i was going to have the user add the time to a "cart" and then check the "booked" checkbox in my db when theyve paid for that appointment. but if i have lots of people looking at the site at the same time, then they may be able to see times that are just about to be booked. i think a better way is to have the date/time stuffed into a cookie which expires after 5 minutes. so when a user adds a time to their "cart", it will say something like: "this time will expire in 5 minutes until you book it or re-add it to your cart". does that make sense?
how can i do this with server-cide cookies (im using jscript)? can anyone think of a better way to do this?
trying to delete a cookie, without success it seems. The following code
to delete and check a cookie produces "yes" where I expected "no"
Anyone tell me how to delete a cookie if this code is wrong.
response.cookies("savedforum").expires = date - 1
if request.cookies("savedforum").haskeys then
response.write "yes"
else
response.write "no"
I have the code below which I know it is wrong where the cookies come in. I am trying to write the values collected from a database into cookies. However I am having difficulty trying to figure out how to write rows of cookies with different values. This may be a little difficult to explain - see the following code:
View Replies View RelatedI need to set a cookie on a user after they have logged in. I want to
use just the user's login name , since that is a unique field.
If rsPersonIDCheck.EOF Then
Session("blnValidUser") = False
Else
Session("login") = rsPersonIDCheck("login")
but:
set Cookies("User") = Session("login")
seems not to be creating the cookie
I know little abt asp.I have done aproject on asp but I don't know much on cookies.if u know then plz give me idea with some codes.
View Replies View RelatedNot strictly a full asp question but Im sure someone here will have the
answer.I've read in several web sites that you can read and write to the same
cookie with asp and javascript.Does anyone have any sample coding showing how to do this with the javascript along with the asp code or were these websites I saw it mentioned
on bogus?
In my web application i'm are able to store large data in
the browser cookie keeping in mind the limit of 300
cookies per browser, 20 keys per cookie per domain and 4KB
max size of each cookie. i'm are unable to retreive this
large amount of data immediately after storing through
document.cookie in IE browser (The same works fine in
Netscape).
Is there any limit on the size of the data that can be
retreived using document.cookie? Could you please suggest
a solution to this problem i'm are facing.
If I Request.Cookies("cookiename") and the cookie doesnt exist could I use
If Request.Cookies("cookiename") = "" Then
Display Error Message
End If
or would i use
If Request.Cookies("cookiename") = Nothing Then
Display Error Message
End If
I found that a number of my sites that send email using CDO failed withing the past 30 days. Consider the following. I know its not the best coding practice to open and close the connection so many times but Im curious why this would all of a sudden become an issue.
1. Have a few large sites essentially all variables such as SMTP server are set using cookies so I can deploy multiple sites quickly.
2. Within the site email appears to work correctly across all pages with 1 exception.
3. The exception is below, Im wondering if it has to do with cookies having to be retrieved multiple times from the client machine
--Call db run search loop data build array
--Based on data in array call another search alter and finalize array
--Do while <= uBound(myArray)
--Call Email sub (from,to,sub,body) ' Sub contains a request cookies for SMTP server.
--Loop
Doesnt matter if its 2 or 50 emails always fails when using request.cookies to set the SMTP in the sub. Works fine if I hard code the IP. This same sub is used multiple times throughout the website and works fine with cookies.
Just curious why it needs might need to be hard coded in the loop. Has been running for about 6 months fine and have recently started noticing failures.
All the cookies that i have don't show any bad cookies as i call them but only show the cookies that they want on the users computer but for some reason i am getting lots of bad cookies from my website at http://tmd-1.com/ and i don't know how to stop the bad cookies from downloading to the computer the cookies i am having trouble with will be in a red box in the image below.....
View Replies View RelatedI started using the following code, although, I have a feeling it is not working. Also, do I have to place the same code on all accessed pages? Code:
<%
Response.Cookies("ExpCookie") = "Expiration"
Response.Cookies("ExpCookie").Expires = DateAdd("d", 1, Now())
Response.Cookies("ExpCookie").Secure = True
Response.Cookies("LastVisit") = Date & " " & Time
%>
I am new at all of this, I can understand that this cookie will expire an hour after being access on a given day (is that right?), and it will create the cookie with the printed date and time of access. how can I make sure cookie expire on time.
I need to build my own simple cart that writes to cookies only. I can write
and read cookies, but don't have a clue as to how I can add multiple
products, change quantites, etc. All I need is a cart that stores
information in cookies and the user prints their order. That's it. Where can
I find such information?
I am not able to set cookies with the domain name on a
Windows 2000 server with IIS 5.0. If I use the IP address
it works. I have another machine running IIS and I
configured them together.
I have two folders under root(wwwroot) Fol1 and Fol2.
Our customers logs on index.asp under Fol1 but when he/she wants to check
their order status it will take them to Fol2/account.asp where it checks for
userid cookie which was set in Fol1 index.asp when they log in. But seems
like I am not able to obtain the value in Fol2/account.asp. User Id cookie
is empty. I have set an expiration date for cookie as date + 1
I got stuck with some cookies expiry date. I wanted my cookies to expired every 4 hours. I'm writing with ASP. Currently I'm using the below code:
Response.Cookies("announcement").Expires = date + 1
for the expiry of everyday. How can I write if I want the cookies to expire every 4 hours?
Is it possible to use cookies between different domains?
For my site I use 2 domains;
the first for my global site with ASP en HTML, the second is for my forum located on "hyperboards" a free forum domain. On de second domain i don't have any control and i can't put any new webpages on that site.
But I want to use the cookie of my forum on my global site.
Can cookies or session can be set to expired after the page closed, or page being refresh, or new uRL are enter to it?
View Replies View Related