Global.asa - How To Configure For Users Session Out
I need to set a session time out for this website that was created by someone else using ePower. How can I configure the global.asa page to set a time out session for the users or do I have to set this in IIS? Code:
View Replies
ADVERTISEMENT
I have this line of code in my global.asa Application("Active") = Application("Active") + 1 . I open alot of new IE windows and I have my homepage set to my intranet that contains the above code. I had the same code in my IIS5 web and I don't remember it counting me each time I came in. I know it did if I would close all IE and open a new one but not if I had one opened then opened a new one. Is there something diferent here in IIS6?
The homepage is behind authentication and it makes me authenticate with any new IE window. Is there a setting missing? I thought IE would cache the permissions.
View Replies
View Related
Can anyone please tell me if i can limit the amount session any given user can open at any one time?
View Replies
View Related
ASP Session/Cookies, Help to Protect Page from Non users I am a beginner and very urgently need some help
I have created a asp page, that takes in a username and password and validates it as follows and then if true continues to the pages requested.
Code:
'Read in the password for the user from the database
If (((Request.Form("txtUser")) = rsCheckUser("User_pass")) and (rsCheckUser("User_lev") = 1) ) Then
'If rsCheckUser("User_level") = 1 Then
'THE ABOVE CHECKS THE INFO IS CORRECT AND IT REDIRECTS TO THE PAGE BELOW and Session=True
'If the password is correct then set the session variable to True
Session("blnIsUserGood") = "True"
'Redirect to the authorised user page and send the users name
Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
'Close Objects before redirecting
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing
End If
Now this code takes you to page :Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
Which is something like /project/user_self_update_form.asp?ID=1
Since after the login you do to this, you are allowed to see this page.
But The page user_self_update_form.asp?ID= can also be access if you just put the link on the browser. Lets say i log in as ID 2, and just change the ID to 3 on the address bar in the browser, i will log into someone elses page.
How to i block this from random access and only the SPECIFIC USER?
Code for user_self_update_form.asp (the protected page unless you are logged it):
The Session = False part just does not work here, so if you get this link of someone, you can just get it, and you are not redirected.
<%
'If the session variable is False or does not exsist then redirect the user to the unauthorised user page
If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) = True then
'Redirect to unathorised user page
Response.Redirect"unauthorised_user_page.htm"
End If
%>
<%
'Dimension variables
Dim adoCon 'Holds the Database Connection Object
Dim rsGuestbook 'Holds the recordset for the record to be updated
Dim strSQL 'Holds the SQL query for the database
Dim lngRecordNo 'Holds the record number to be updated
'Read in the record number to be updated
lngRecordNo = CLng(Request.QueryString("ID"))
and all the other protected into here:
View Replies
View Related
where do you have to place your global.asa file in order for your session variables to work? If i dont have access to the root (not my server, a remote one), is there any way i can specify a path to my global.asa?
View Replies
View Related
I'm trying to add a "user-verifacation" thingy to my site.
my problem is using/accessing session variables.
all the tutorials say that the global.asa should only have
the script tags (<script...> & </script>) and inside the script itself
only have the application/session onstart/end.
I've created this global.asa file and put it in my site-root folder:
<script type="text/javascript" language="javascript" runat=server>
function Session_OnStart()
{ Session("LoggedIn") = "NO"
}
</script>
but i can't access the session variable Session("LoggedIn")... from any page.
View Replies
View Related
I have started session("visitorID") in global.asa in order
to keep track of how many users are on our site at any
given time, trouble is I can't seem to call the session
while on another page.
As I am relatively new to asp I'll post both the setting
of the session and the call to it on the other page below Code:
View Replies
View Related
i have a logon page, i create session variables for every person who logs on, but when their session times out, i want to redirect them (or have a popup window) that tells them that they have been logged off, but i have no success.' global.asa:
<script language="vbscript" runat="server">
Sub Session_OnEnd
Response.Redirect "loggedout.asp"
End Sub
</script>
but it doesnt work, i set the timeout to 1 minute, and i lose the session variables, but i cant seem to redirect them to the loggedout page!
View Replies
View Related
I have a application which is a global login for other applications. Basically application A checks all the user login information and then lists all the applications B-Z that the user has access to.
I have a global.asa file in application A and individual global.asa files in applications B-Z. Applications B-Z are under the Application A directory. Can I have global.asa files in each of the application folders? Does the pages look for the closest global.asa file?
I have to keep track of user login time and logout tme for each application. The problem I run into is how do I record the user logout time when the session expires?
View Replies
View Related
CAn I set a session variable dynamically based on a value in a database and use the global.asa to do it...
View Replies
View Related
All, Just to give a little background this is reagarding an ASP 3.0
application running on IIS6 using the default app pool.
I have set the session timeout to 540 minutes in IIS (under options tab in
Application configuration). There is no code in the Session_OnStart or
Session_OnEnd in the global.asa. Via an include file, each page executes
these no-cache related code:
Response.Buffer = True
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
Response.CacheControl = "private"
Sorry, just wanted to give some background on what we're dealing with.
Anyways, the problem is that the users are saying their session state is
expiring much sooner than 540 minutes. How is this possible? What did I miss?
Are there better techniques to ensure the 540 minute session?
View Replies
View Related
i just started learning what it can do, and I am using it to tracj how many people have logged into my site, but when people login to my site, I start 2 sessions, one for their ID, and one for their name. Is there any way to only count the name session as a session_onstart in global.asa?
View Replies
View Related
Can I put a session.timeout = "45" in the global.asa file? and if yes, under what section?
View Replies
View Related
I'm using the following code in my global.asa file to set the
session.timeout value amongst other things -
Sub Session_OnStart
Session.Timeout = 40
Session("Authenticated") = 1
End Sub
Yet when I print out the value of session.timeout on a page after this
event has fired it returns 20 (I get the right value for
Session("Authenticated") so my code appears to be working).
I checked the default timeout value in IIS (v5) on the server, but
this reads 900 seconds, which in my books is 15 minutes. I am
therefore very confused as to where this value of 20 is coming from.
Could anyone point me in the right direction as I need to set this to
40 minutes and my WROX manual doesn't provide much information on this
property.
View Replies
View Related
I have absolutely no idea how global.asa works. I've read through quite a number of articles and they're all fine and dandy but implementing it on my (first) ASP application just doesn't work. It's amazing how ASP.NET automates everything for you.
Anyway, I need to store session variables and I have no idea how to. I have no global.asa file, but I can declare session variables fine. So does that mean that somewhere in the ASP process, a Session_OnStart() method's already running.
If I create a global.asa file, I put it in the same directory with other ASP files right?
A global.asa file should contain the basic four application/session methods... and shouldn't really contain much code, unless I want to start a variable with a default value. True or false (I say true). Code:
View Replies
View Related
I am trying to run a Session_OnStart Script based on a Session variable that is created on a .asp page. The problem is that when I reference the Session in Global.asa It has no value but it has a value on the .asp page level. Is there a certain way that I have to reference a Session in Global.asa?
What I have is somthing like the following:
Sub Session_OnStart
If Session("NIS")<> "" Then
Run The Routine
End If
End Sub
Based on the above the routine does not run because Global.asa does not seem to get the value of Session("NIS").
View Replies
View Related
I have initialized some session variables in Global.asa for our web
application. But these session variables are returning null values; it is was
working fine before; Recently we have rebuild our servers.
Please let me know if anyone of you have some idea?
View Replies
View Related
I am trying to write a sub that will delete a spreadsheet file created by the web user. THis is the code I have inserted into the global.asa file, but it is not working.
sub Session_OnEnd
'delete the temporary excel spreadsheet
Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
objFSO.DeleteFile(Server.mappath("temp/<%=session.sessionid%>.xls"))
Set objFSO = Nothing
end sub
I have made sure that the temp folder has permissions set for the IUSR_machinename account to be able to delete files. I am running IIS 5 on a windows 2000 server.
View Replies
View Related
Until now I've only seen VBScript to handle application and session events (e.g.
Application_OnStart, Session_OnStart). Is it possible to do this directly in
JavaScript or do I have to write VBScript proxies?
View Replies
View Related
Can I implement session without global.asa file in my root directory....and is there any good site for sessions tutorial.
View Replies
View Related
What i'm trying to do is delete away some rows of data in a database when a session ends. The codes are shown below. The problem is why the the database dont get deleted even after i set the timeout to 1 (waited for more than 1 minute) or after the script called the Session.Abandon? Code:
View Replies
View Related
i want to increase my session time so that it does not expire till the user closes the site.
i have written in global.asa file the following code:
<SCRIPT LANGUAGE="VBScript" RUNAT="Server">
Sub Session_OnStart
Session.Timeout = -1
End Sub
</script>
but it doesnt work and my sesion still expires.
View Replies
View Related
I invoke Java Objects through COM inside an ASP page, but i don't find where
to configure the MS JVM. Is it possible to configure it like Sun JVM
(threads, memory min & max, ...) ?
View Replies
View Related
I always get an error message "must use an updatable query" each time I try to delete from or update or even insert into an access database on IIS6 (Win xp), what do I do to change this?
View Replies
View Related
How I can enable or configure https on a certain page(file).
View Replies
View Related
I am learning ASP.NET , I want to send mail from my application so I need to configure IIS.I have written code for it but my mail is in Queue or Droped. I think I have not configured IIS properly.Can anyone tell me in detail how to configure it.
View Replies
View Related
Reading te article about sql injections and sanitizing I found that one of great recommendations is to "Configure error reporting" to do not allow public to read the entire sql statement. How can I do this? Can I do this if I keep my websites on hosting company server?
View Replies
View Related
this isnt really an ASP question but is related: i'm using CDO to send emails from sites but we have a proper mail server and want to send emails through that. is there a way to get the CDO system to use an external SMTP server by default as opposed to the one on the local machine? or do i have to go through all the sites and rewrite them? (not a simple task, we have lots of sites!)
View Replies
View Related
I want to be able to log in a database any transactions my users perform. For example logging in, requesting a page, downloading a resource, logging out etc.
What is the most practical way to code this? I was thinking of trying to use an include file which would have a function to add a log in the database for each page on the site or when a particular action is performed.
View Replies
View Related
I have a pa'gina (view.asp) that he shows the photo that is cited in the data base. The problem that happens is that if I sending the photo well great it appears in view great. I would like to make the following one, to program so that the photo alone appears in a size small e when the user to clicar in top of it, I open one popu with it of the real size that it is. As I can make this I do not know to make. They see my code view.asp that it shows the photo. Code:
View Replies
View Related
I have one application folder containing all ASP code files. I want host multiple sites pointing to same code. Can I do this ? If YES then how I can assign diffrent global.asa to each application...
View Replies
View Related
I have added a db driven marquee to my site and need to combine the global asa's to 1 global asa file. Code: ......
View Replies
View Related
I have 3 tables
members, pubs, favepubs
favepubs contains
favepubID, UserID (from members), PubID (from Pubs)
I'd like to join all 3 and maybe count the users?!
basically i want to show in my list of pubs how many users like that pub
Example:
The Red Lion (4 members - click for more details)
The Royal Oak (2 members - Click for more details)
or
The Red Lion (Jarv, Test, Admin, Shelly)
View Replies
View Related