I have a normal login page that (upon clicking submit) checks whether you are part of a particular office and then redirects the user to their particular office's webserver.
The problem i am having is that when i redirect a user, to a securewelcome page, they lose their session variables causing them to have to login again. What am i doing wrong to make these variables get lost in the redirect? Is it because i am redirecting to a different webserver?
My ASP page 1 redirect user to third party's website, after the process at third party is finished, in 3rd party's page, there is one link to route user back to my website: ASP page2.
As the user do all of these actions in the same browser, I expect the user's session variables to be kept, But the seesion variable are lost.
I have a website that has a asp secured members only aria that keeps session variables to check if someone is logged in or not (if session variables are not there then redirect to logon screen) but I also have non members aria and I need a way of asking the user if they want to move away from the members only area or go back to it. I have used an asp to find out if the page is a non member page and if there is a session variable there.
If there is a session variable and is a non member page then I use JavaScript to bring up a confirm box that if the cancel button is pressed then it goes back a page. The problem is that when you go back a page the session variable gets lost. Dose anyone know how to solve this problem or a better way of doing this?
I have a problem with my asp code on an iis 6.0 server on windows 2003 web. When I redirect between to asp pages on my web-site, where pageA is in a different virtual directory from pageB the session variables value a lost. I know that it is the session ID there increases. (New session).
If I make the same call in the same virtual directory the session variables is not lost. Is it some thing about different application pools? If sow, how can I join two or more application pools regarding to session variables? If not is there a none coding work around.
I have built a site that works/worked absolutely fine on my test server. When I transferred it to a remote web host (the intended permanent home of the site) something very worrying keeps happening to my site.
I use, as is the norm, session variables to store login information. At the top of each page I do a check that Session("isLoggedIn") = "True", and if not then the system logs them back out.
The serious problem is that once you have logged into the site, the next page you try to open it fails the above check and logs you out! Obviously Session("isLoggedIn") is not equal to "True" so it assumes you aren't logged in. So basically the session variables are getting lost/cleared. This makes my site unusable, and is a disaster for it unless I can get a solution.
I am simply passing session variables from one page to another. And I have no problem in doing so..... But when I use response.redirect none of the session values show up on the redirect page. What am I doing wrong?
my site apears to be loosing its session variable because it uses dynamically created absolute links. but because the user could have entered the site using any of 4 domains the links might change the domain.
So the user sees no difference but the cart has lost its session. firstly, is this possible? Secondly can I determin the url used to find the site and use that in the dynamic links?
I allways loose the Sessionvariables in my asp-pages (I'm using IIS5.0 with Visual Interdev 6.0).
For Example: when i create a startpage.asp, and type > Session("PersonalNr") = 456 < he cant remember this value on another page.
when i query this value (for example in endpage.asp):
Response.Write(Session(("PersonalNr")), i get the value 0, because the session will be restarted (The function "Session_OnStart" will be called again in the global.asa file)
I have a project in which I'm trying to embed one site, that uses session stored variables, inside an IFRAME in another site (which for that matter doesn't even use sessions).
Problem is, that it doesn't always save the session. When I try to access it from some computers, I have no problem, the session variable is stored and I can browse the site in the IFRAME and everything's ok, but on other computers, the session variable value simply disappears.
To simulate the situation, assume that the two following html trees are the site that goes into the IFRAME: Code:
currently i working on project in asp, i done everything in my own company server and eveyrthing works fine, when i migrate to customer place server, eveyrthing also working fine, but the only thing doesnt work is session variable, i totally cant get my session variable in the customer place's server. Server in my company and my client is the same, window 2003 server, iis 6.
Is there any way in ASP to catch a destroyed session when the user closes their window.
Example.
When a user enters a page, I create a session - Session("blah")="blah" . However when the window is closed, the session is destroyed, but before it's being destroyed, I want to some things.
I have an mypage.asp page with a button, one can access this page only
if Session("smth") = 1. There is also an empty iframe in this page (src is not specified). When I click the button I will fill the iframe with a page (src = 'another.asp').
For security reasons I check the login session in another.asp and Session("smth") is empty no matter I have logged before.
In mypage.asp Session("smth") is still on and its value is 1 but it looks like it gets lost in the iframe.
To better manage our secure site we just separated the registration and checkout sections of our web into separate virtual directories. These new virtual directories are on the same server as the primary eCommerce website. This is an ASP site (not asp.net). When this version goes into production it will be on a 2003 server (IIS 6) with a SQL Server backend (located on a different server). Now when the main server passes control to one of the new virtual webs the session information is lost. I'm having problems finding information on the web as to how to maintain this information between the web and virtual directories. It's imperative that this information remain secure so query strings or anything that would pass visible data is not an option.
clients are redirected to http://www.mysite.com/mypage.asp
This works fine for all but 1 client. He looses a session during the redirect. Apparently his browser interprets https:// and http:// as different domains.
Windows 2000 Server SP3 IIS 5.0 NET FRAMEWORK 1.1 SP1
SessionState="InProc"
Antivirus deactivate
No changes on main files (web.config, machine.config, in)
No exist Active Directory (changes in ACL are not exist)
In machine.config LogLevel="All"
No events registered in Event Viewer.
aspnet_wp.exe not recycled never.
Scenario: Web site accessed by multiple users at the same time. Some user data are stored in a session variables. Randomly one user view data of another user.
1. Submit a form from a.asp to b.asp (arbitrary names) 2. Have b.asp redirect to either c.asp or c2.asp which is decided by a form field gotten from Request.Form("Field") 3. Have all the previous form data available in c.asp
What I need to know how to do is declare the variables from the form on a.asp on b.asp so I can view them on c.asp.
I want to create an administration page which lists all the current users who are on the site at the moment.
I know coldfusion has this feature built in using the SessionTracker class... does ASP have something similar? If not... is there any way I can just iterate through all the session files on the server...?
I have a page that contains a link. When a user clicks the link, the link runs a new page that the client does not see (i.e. server side only). The new page looks at a database to see if certain conditions are true. If they are, it updates the database and redirects the user back to page 1, where the client will see the updated information.
However, if the database conditions are false, the client will be redirected back to page1, but will have an error message saying that the database could not be updated.
So overall it looks something like:
PAGE1 ----> DATABASEUPDATER(checks conditions)
IF CONDITIONS=TRUE THEN UPDATE STUFF RESPONSE.REDIRECT(PAGE1.ASP) ELSE DONT TOUCH DATABASE RESPONSE.WRITE("conditions have not been met") XXXXXXXXXXXXXX END IF
My problem is deciding what goes in the XXXXXXXXXXXX section.
I have looked for other examples of this but I could not find something this specific....
If i use Response.Redirect, the explorer will go back to Page1.asp but will not display the error message and the client will not be aware that there is a problem.
If I use server.transfer (to put control back into the hands of page1.asp) or server.execute (to just run Page1.asp within the current script) the actual page that the user is looking at is not Page1.asp - they are actually looking at DatabaseUpdater.asp with Page1.asp executed inside it....unfortunately I require it to be Page1.asp itself, which is why i cannot work out what to put there.
Looking at other threads on similar topics, it might be possible to add something to the session variables or something and then get Page1 to look for whether a certain thing is written as a session variable (if that makes any sense!)
I have a page that contains processed variables that I'd like to forward using the response.redirect method. However, because the response.redirect contains the page within "pagename.asp", I have not been able to pass the variable.
I've tried concatenating it, by doing respone.redirect "pagename.asp?isbn=" & rs("isbn"), however it is not working and is stopping at the ?isbn= and not adding the variable value. What can I do to include this, or is there any other way I can pass the variables when I'm using the response.redirect method?
I have a list of items drawn from a SQL DB and listed on an ASP page. This works fine.
How can I make it so that when a user clicks a particular item, a session variable is set to the ID of the item and the user redirected to another page?
On my welcome.asp page in the beginning I check to see the user is still in the session or not and If he is not active/live in the session I will show him a page.(login page) - Code
if(session("user")="") then response.redirect("login.asp") end if
My problem the welcome.asp page is framed(uses HTML frames) and so when the session expires the login page is loaded in the frame. Can we make it open full window. I know I can set the target with <a> html tag. how I can do it with ASP?
I have an ASP page that is using an XMLHTTP object to request various pages from my server. I keep a single session throughout the XMLHTTP requests by bassing the ASPSESSIONID cookie through the XMLHTTP object.
However, when the page requested through the XML object makes a
<%Response.Redirect()%>
call, a new session is created each time.
Is this a flaw in the XMLHTTP Object? How can I force the session to remain the same after a Response.Redirect call?
I am using Session variables in my ASP application. I have tested the application on a Win2k professional and it works fine. When the same web app is installed on a win2k advanced server from the client browser when the app is accessed the session variable returns null inspite of a value being already set. I have checked the IIS enable session state settings. When i use the server machine as client and access the app as localhost then the session variable has correct value.
How can this be solved? What other settings if any, need to be changed to get it work.
Do session variables carry over if you've left your site and come back?
My shopping cart uses PayPal/IPN to transact and then enter details of the transaction into my database. All of the data entry takes place after IPN has returned all of the data to my site.
A couple of the fields I need to populate are held in session variables throughout the application. When the customer clicks on the checkout button, and is sent over to PayPal's server to complete the transaction, will the session variables still be available to me upon returning to my site?
Is there a way to close a single session variable, once it's been created? I have an application that requires a several session variables to be created once a person enteres a certian section of my site. When they leave the variables are set to nothing, as they are no longer needed. I'd like to just close them out, but I will still need to keep the session open, so Session.Abandon will not work in this case.