I have built a site that works/worked absolutely fine on my test server. When I transferred it to a remote web host (the intended permanent home of the site) something very worrying keeps happening to my site.
I use, as is the norm, session variables to store login information. At the top of each page I do a check that Session("isLoggedIn") = "True", and if not then the system logs them back out.
The serious problem is that once you have logged into the site, the next page you try to open it fails the above check and logs you out! Obviously Session("isLoggedIn") is not equal to "True" so it assumes you aren't logged in. So basically the session variables are getting lost/cleared. This makes my site unusable, and is a disaster for it unless I can get a solution.
I have a website that has a asp secured members only aria that keeps session variables to check if someone is logged in or not (if session variables are not there then redirect to logon screen) but I also have non members aria and I need a way of asking the user if they want to move away from the members only area or go back to it. I have used an asp to find out if the page is a non member page and if there is a session variable there.
If there is a session variable and is a non member page then I use JavaScript to bring up a confirm box that if the cancel button is pressed then it goes back a page. The problem is that when you go back a page the session variable gets lost. Dose anyone know how to solve this problem or a better way of doing this?
I have a problem with my asp code on an iis 6.0 server on windows 2003 web. When I redirect between to asp pages on my web-site, where pageA is in a different virtual directory from pageB the session variables value a lost. I know that it is the session ID there increases. (New session).
If I make the same call in the same virtual directory the session variables is not lost. Is it some thing about different application pools? If sow, how can I join two or more application pools regarding to session variables? If not is there a none coding work around.
I have a normal login page that (upon clicking submit) checks whether you are part of a particular office and then redirects the user to their particular office's webserver.
The problem i am having is that when i redirect a user, to a securewelcome page, they lose their session variables causing them to have to login again. What am i doing wrong to make these variables get lost in the redirect? Is it because i am redirecting to a different webserver?
My ASP page 1 redirect user to third party's website, after the process at third party is finished, in 3rd party's page, there is one link to route user back to my website: ASP page2.
As the user do all of these actions in the same browser, I expect the user's session variables to be kept, But the seesion variable are lost.
I have a very odd situation here. I have an administration page, where based on a users permissions, a recordset is called from the SQL server which has a list of paths to "Module Menus". Each of these menus are then placed into the page by calling Server.Execute(rs_Modules("ModulePath")).
This works fine for up to 15 "menus" After that, the session variables that were set (not including those called by Global.ASA) are no longer set. Code:
my site apears to be loosing its session variable because it uses dynamically created absolute links. but because the user could have entered the site using any of 4 domains the links might change the domain.
So the user sees no difference but the cart has lost its session. firstly, is this possible? Secondly can I determin the url used to find the site and use that in the dynamic links?
I allways loose the Sessionvariables in my asp-pages (I'm using IIS5.0 with Visual Interdev 6.0).
For Example: when i create a startpage.asp, and type > Session("PersonalNr") = 456 < he cant remember this value on another page.
when i query this value (for example in endpage.asp):
Response.Write(Session(("PersonalNr")), i get the value 0, because the session will be restarted (The function "Session_OnStart" will be called again in the global.asa file)
I have a project in which I'm trying to embed one site, that uses session stored variables, inside an IFRAME in another site (which for that matter doesn't even use sessions).
Problem is, that it doesn't always save the session. When I try to access it from some computers, I have no problem, the session variable is stored and I can browse the site in the IFRAME and everything's ok, but on other computers, the session variable value simply disappears.
To simulate the situation, assume that the two following html trees are the site that goes into the IFRAME: Code:
currently i working on project in asp, i done everything in my own company server and eveyrthing works fine, when i migrate to customer place server, eveyrthing also working fine, but the only thing doesnt work is session variable, i totally cant get my session variable in the customer place's server. Server in my company and my client is the same, window 2003 server, iis 6.
Is there any way in ASP to catch a destroyed session when the user closes their window.
Example.
When a user enters a page, I create a session - Session("blah")="blah" . However when the window is closed, the session is destroyed, but before it's being destroyed, I want to some things.
I have an mypage.asp page with a button, one can access this page only
if Session("smth") = 1. There is also an empty iframe in this page (src is not specified). When I click the button I will fill the iframe with a page (src = 'another.asp').
For security reasons I check the login session in another.asp and Session("smth") is empty no matter I have logged before.
In mypage.asp Session("smth") is still on and its value is 1 but it looks like it gets lost in the iframe.
To better manage our secure site we just separated the registration and checkout sections of our web into separate virtual directories. These new virtual directories are on the same server as the primary eCommerce website. This is an ASP site (not asp.net). When this version goes into production it will be on a 2003 server (IIS 6) with a SQL Server backend (located on a different server). Now when the main server passes control to one of the new virtual webs the session information is lost. I'm having problems finding information on the web as to how to maintain this information between the web and virtual directories. It's imperative that this information remain secure so query strings or anything that would pass visible data is not an option.
clients are redirected to http://www.mysite.com/mypage.asp
This works fine for all but 1 client. He looses a session during the redirect. Apparently his browser interprets https:// and http:// as different domains.
Windows 2000 Server SP3 IIS 5.0 NET FRAMEWORK 1.1 SP1
SessionState="InProc"
Antivirus deactivate
No changes on main files (web.config, machine.config, in)
No exist Active Directory (changes in ACL are not exist)
In machine.config LogLevel="All"
No events registered in Event Viewer.
aspnet_wp.exe not recycled never.
Scenario: Web site accessed by multiple users at the same time. Some user data are stored in a session variables. Randomly one user view data of another user.
Our asp programs seem to have different behaviors when users use IE and firefox. One of most annoying things is the data disappearing problem in IE but not in firefox.(Note: Sometimes a search program can run much faster in Firefox than in IE, don't know why) For example, I have an internal user interface which they can do different product data entry, the program will use Server.Transfer to different asp program for data entry.
Page1---UserInterface.asp Select Case Request("Product") Case "Sel" Server.transfer("/Virtualdir1/test1.asp ")
Server.Transfer("/Virtualdir2/Test2.asp")
Case "Bear" Server.Transfer("/Virtualdir3/test3.asp")
Case "IMED" Server.Transfer("test4.asp")
Case "AC" Server.Transfer("/Virtualdir4/test5.asp")
Case Else
End Select
When user finished data entry on test1.asp(second page, the web address will still show UserInterface.asp page as you know), click continue, on the third page if they found something typed wrong, if they click back button in the broswer, all data on the second page is gone. This only occurrs in IE, Firefox is fine.
It's very annoying, how can I fix it, if not, is there any other way?
I want to create an administration page which lists all the current users who are on the site at the moment.
I know coldfusion has this feature built in using the SessionTracker class... does ASP have something similar? If not... is there any way I can just iterate through all the session files on the server...?
I am using Session variables in my ASP application. I have tested the application on a Win2k professional and it works fine. When the same web app is installed on a win2k advanced server from the client browser when the app is accessed the session variable returns null inspite of a value being already set. I have checked the IIS enable session state settings. When i use the server machine as client and access the app as localhost then the session variable has correct value.
How can this be solved? What other settings if any, need to be changed to get it work.
Do session variables carry over if you've left your site and come back?
My shopping cart uses PayPal/IPN to transact and then enter details of the transaction into my database. All of the data entry takes place after IPN has returned all of the data to my site.
A couple of the fields I need to populate are held in session variables throughout the application. When the customer clicks on the checkout button, and is sent over to PayPal's server to complete the transaction, will the session variables still be available to me upon returning to my site?
Is there a way to close a single session variable, once it's been created? I have an application that requires a several session variables to be created once a person enteres a certian section of my site. When they leave the variables are set to nothing, as they are no longer needed. I'd like to just close them out, but I will still need to keep the session open, so Session.Abandon will not work in this case.
We have different types of logins for our accounts on our intranet. When a person logs in, a Session variable is set to determine their level of access. For sake of argument, say the two LoginTypes are Manager and Employee.When I log in (as a Manager), I get a certain set of options on the homepage. Then I return to the login page, after logging in as myself, and log in as an Employee. For some reason, the page seems "cached" and the manager options will still display. If I refresh this page, it will appear the way it should. I *think* this only happens when I copy/paste a URL that I was at as a Manager. I believe that if I click a link, it displays properly.Is there a way to prevent this? I do a ton of copying/pasting URLs.
I would like to declare a session variable. ' Use session variables for the recordsets for the GetSubordinates and IsManager functions Dim orgStructRS set orgStructRS = Server.CreateObject("ADODB.Recordset")
Where can I declare this session variables? Once I use the recordset in both the functions, where do I close these recordsets?
I have read couple of articles warning against the use of storing VB COM objects (Apartment Threading) in Session Variables due to the fact that these variables could go bad.My question is what's the workaround this? I have also read about making ASP Stateless...I'm guessing that means turning the session and application variables off and if you do that then how do you pass information for a particular user from one page to another?I'm confused about how to get an ASP site working without using Application and Session variables as well as not storing VB COM objects in Session Variables.
I have a session variable in a login page. Then I go to a form page where I uses the ProfileID and the UserID. Then I go to a result page where I would like to use the UserID as a filter, but I can't get the value is stored in it.
I'm loading a variable into the session variables that will be for checking to see if the user can access a certain area of the website. When the user logs out or gives and incorrect login password is it better to kill off all the variables using session.abandon or to set the session access variable to False? I'm not really concerned about using the servers resources with this one variable, but I would like to keep the server as free as possible.
I've noticed that in my ASP application that session variables are not carried over from one IE6 open browser window to another. Can anyone tell me how IE can do this? It seems like it's a useful protection mechanism that I can add to my application. BTW, I'm looking for a way to determine if someone is moving cookies between computers. How IE and/or ASP handles sessions might give me some insights (and I'm open to suggestions as to how to prevent cookie stealing?)
I have an ASP [Classic] application running under IIS 5 & 6 [on different servers (obviously)] I need to implement Session() variables to cache some frequently looked up data. Because of the nature of the data, it is best held in the Session() rather than the Application() object.Is there a limit to the how long the parameter name can be? For example: Session("HairColour") - the parameter name length her is 10 characters - what's the max length (is there a max length)? I ask because my code will generate these parameter names on the fly and I don't want them to break anything