I have been using session variables to pass a user name from one ASP
page to another inside framesets for 9 months and it stopped working
this week. I have made no code changes but there was a "security
update" installed on the server a few days ago but I can't find out
exactly what it was.
In the research I have done I found many articles on the subject of
session variables in ASP pages inside framesets. From what I read a
new session will be started every time a new ASP page is accessed
until a session variable is set, once a session variable is set the
session will stay the same from page to page, even when using frames.
It is possible to start a session by setting a session variable in the
global.asa file.
My page 1 sets the session variable "username", this page calls page 2
which then uses the "username" variable. This still works on the two
test servers I have where no upgrades of any kind have been done. I
changed the code to display the Session.SessionID in both page 1 and
page 2. On my test systems I get the same session id number, on my
production system I get two different session id numbers and when I
turn on prompting for all cookies I get the session cookie prompt when
the second page is called. The two test systems are on the same
network as my workstation, the production machine on the internet at a
hosting site.
I have cookies enabled in my browser, session state is enabled in IIS
and there are no special characters in the domain name of the web
site. I did not have a global.asa file so I added one and I set a
session variable in the global.asa just to get the session started.
What I find interesting is if I display the variable I set in the
global.asa file I can see it on both page 1 and page 2 but on page 2
I can't see the variables set on page 1. I am completely stumped.
Does anyone have any idea what I can do to get this working again? .....
I have a function that I would like to use a session variable in. However I am not getting it to work out. I was wondering if you have define global variables inside functions like you do php or if something might be causing this?
I've inherited webmaster duties for a website done in ASP.NET. After much trial and error I've figured out the architecture of the site, and have a template for the area of the page that contains the content. I need to pop in a dropdown menu, nothing fancy, like the one on this Post New Thread page for "Category".
Does anyone know where I can get the syntax for one? Or does someone know ASP.NET and can write out a simple dropdown menu code for me?
Was thinking of having an array inside a asp page. I'm rather new to this.How do I begin. my asp page should work as follows.One html page include mail adresses. We receive a lot of junk mail and I was thinking of how to avoid this. Was thinking of creating a asp page with an inout string inside the asp page. The input number should refer to the users mail adress.
We are only four people in our office, so that should be simple to manage.The html code should be like "redirect.asp?" for the first mail adress. and redirect.asp?What's the syntax inside the asp page?
I have a login page in ASP and I am trying to block a folder with pictures to make the unavailable to people who doesn't loged in to see them. How can I do to block this folder or put some kind script to allow only the pople who loged in to see them?
I have developed a site that uses cookies for a low-security login system, which works fine. The client now wants to put the entire site inside a frameset, with the parent page on another server, but when we do this the cookies are set (i can see them in netscapes cookie list) but then cannot be read. is this a domain problem? is there any way around this? I've been seeing a few things on p3p that might make this hard...
My frameset has three frames, header, navigation bar and a main page. I can tell when the server has timed out because the session variables have been reset but, when that happens, how do I refresh the frameset and all the frames?
I am using secure server in my site for payment process. the site is divided in three frames top, left & main. For jumping between http and https I made the links hardcode. When I click on the shopping cart button from the menu in left frame it shows the page in main frame and change the URL from http to https in address bar.
But the problem is when I click on any other button URL does not change from https to http while all the links on buttons are hardcoded. The page displayed in main frame is actually changing between http and https but URL Displayed in address bar is not changing.
I have a frameset with a nested frameset, like follows:
frameset frame frameset frame frame
I set the border, frameborder and framespacing to zero, I still see borders. I have images in each of the frames that, put together, comprise a single image. I ensured that there is no white space in the images' borders. How can I make it so that there are no borders at all?
I have a system of pages set up on an intranet that uses a top frame and left frame for much of the navigation. But I would like to allow the people viewing the pages to close and reopen the frameset thus allowing more room to view the content. Is there a way that I can make a button either close or just resize the nav frames without losing the content page...
I think that a resize option would be the best that way I can just put a link on the frame and resize it to where only the link is viewable.
We're just in the process of setting up a small intranet site running on a W2K server. Our home page has a basic frameset with a main window which displays information depending on the link selected in the left hand toolbar. It all works fine on most of the PCs on the network. All the left hand toolbar links have a target="main" attribute in order to display the information in the main window within the frameset.
However, on a couple of PCs, when you click on a link, the information is displayed taking up the whole screen (i.e. as if the target was "_top"). The setup of these PCs is no different from all the others. They are all running XP and IE6. Is there an IE setting that could be preventing these particular PC's from using the frameset properly?
I'm going to revamp an intranet for a company... which need further maintanence in the future but I got a doubt.Should I use Include Files method or Frameset Method to design?
If use frameset ,the design has 2 frames which are a top frame and bottom frame and the critical(other programmer could add and delete links in the future) links are all in bottom frames. If use table ,only have to include files on the 1st row & 2nd row.Which is better to maintain ?
I have a page "entry.asp" where a user enters data into a form (named "form"). I want to submit the form and have the data passed to a frameset with two frames (frame1.asp and frame2.asp). I need the posted data from the form to be accessible to frame1.asp and frame2.asp.
I have page for user to update his/her details. What i want is after idle for more than 20 mins, the page will redirect to login page automatically. So that the user knows that his/her session already expired and need to login again.
But it doesn't working. This is because if he/she update the details (after idle more than 20 mins), and click the Submit button, it will go to login page and all the data will be lost. Code:
I recently bought a new web server and am in the process of migrating all of our websites over. We're going from Windows 2000 IIS 5.0 to Windows 2003 IIS 6.0.
I've been able to get everything to work correctly except for the SessionID's. For some reason I'm getting a new SessionID on EVERY single page that I visit! Which makes it quite difficult to login and add items to your cart...hehe.
Everything is running ASP, there is no ASP.NET pages, I don't even have the 1.0 or the 2.0 Framework installed on the server yet. I verified that the Globals.asa is on the server on and config'ed correctly.
I have an index page containing several IFRAMES that hold a couple of apps which require logins. To avoid having to login 3 or 4 times when the index page first loads, I had the IFRAMES load a page with a link to click to actually go to the page requiring login. The issue I have is that after you've logged in to a couple of these pages, when you refresh the index page, all the IFRAMES go back to the link page.
You don't have to log in again, but this makes you have to click the link again. What I'd like is a way to only show the link page the first time the index page loads it up, but after you've clicked on the link once and logged in, then the next time the index refreshes, you skip the link page and go straight to the app.
I am currently working on an online shopping cart. The working is like:-
1. First the user selects the things.
2. Next page is the detail of the things that he has selected.
Now the third page allows the user to check his address..but before that he has to log in(if he is not logged in). and after logging in he must be redirected to the checkaddress page with his details intact.
I'm using the MSXML.XMLHTTP object to obtain the results of an ASP page from an ASP page on the same server. The problem I have is that when the AP refrenced by the XMLHTTP object is run it does now share the session with the calling page ? How can I solve this ?
I have a login page that Test's for the username and then tests for the password. If these test true then I redirect them to the member area. What I want to test for is if there is 1 user logged in with Session("test") = 1 and another user logs in with the credentials to set Session("Test") = 1 then the first session will terminate. The new user will then be able to navigate the member area.There will also be other user on with a Session("Test") = xxx where xxx is the Primary key of the validation table.
how to send a web page that uses Session variables in an email. The session variable that is used by the page I'd like to send contains a three dimensional array so cannot be passed easily in a querystring.
I want to abandon session everytime when user come to login page. The problem is that if 1) user comes from login page to welcome page and session is created 2) but if he clicks the "back" button session is not abandoned. I have
Session.Abandon
on login page, but it does not work untill page refreshed. Is there any way to refresh page if user comes back to it using button "back" of browser? Or may be the right way is very different to what i try to do?
ASP Session/Cookies, Help to Protect Page from Non users I am a beginner and very urgently need some help
I have created a asp page, that takes in a username and password and validates it as follows and then if true continues to the pages requested.
Code:
'Read in the password for the user from the database If (((Request.Form("txtUser")) = rsCheckUser("User_pass")) and (rsCheckUser("User_lev") = 1) ) Then 'If rsCheckUser("User_level") = 1 Then 'THE ABOVE CHECKS THE INFO IS CORRECT AND IT REDIRECTS TO THE PAGE BELOW and Session=True
'If the password is correct then set the session variable to True Session("blnIsUserGood") = "True"
'Redirect to the authorised user page and send the users name Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
'Close Objects before redirecting Set adoCon = Nothing Set strCon = Nothing Set rsCheckUser = Nothing
End If
Now this code takes you to page :Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & "" Which is something like /project/user_self_update_form.asp?ID=1
Since after the login you do to this, you are allowed to see this page.
But The page user_self_update_form.asp?ID= can also be access if you just put the link on the browser. Lets say i log in as ID 2, and just change the ID to 3 on the address bar in the browser, i will log into someone elses page.
How to i block this from random access and only the SPECIFIC USER?
Code for user_self_update_form.asp (the protected page unless you are logged it): The Session = False part just does not work here, so if you get this link of someone, you can just get it, and you are not redirected.
<% 'If the session variable is False or does not exsist then redirect the user to the unauthorised user page If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) = True then 'Redirect to unathorised user page Response.Redirect"unauthorised_user_page.htm" End If %>
<% 'Dimension variables Dim adoCon 'Holds the Database Connection Object Dim rsGuestbook 'Holds the recordset for the record to be updated Dim strSQL 'Holds the SQL query for the database Dim lngRecordNo 'Holds the record number to be updated 'Read in the record number to be updated lngRecordNo = CLng(Request.QueryString("ID"))
I need help with setting up a page where the viewer has to accept terms before they can access the rest of the website.
The page will have a bit of text explaining why they need to accept oor decline the terms and then have 2 buttons. ie. accept or decline.
What I need to be able to do is set this up so that if the viewer tries to bypass the accept/ decline page they will get re-directed to it. If they have clicked the accept button then they can view anywhere on the site.
I understand that 'sessions' in IIS don't actually close until about 20 mins after the user has left the site and can live with that. But if they come back the next day they must go through the accept/decline page to get into the site. It doesn't have to have usernames or password, they just have to accept.
I understand that you set up several pages to do this, i.e. the accept/decline page, a 'checkterms' page (which sets the session cookie?) and then some code on every other page on the site to check for the presence of the session cookie and let you view if it is there. If not, redirects you to the Accept/Decline page.
The problem I have is I don't know what code to write and where to put it into the page.
I do contract work for an organization that has some of the word code I have ever seen. I think they are using some sort of screwy CMS or something.
The code on their pages are pages stacked on pages, in other word one page loaded into a browser might have 3 <html><body></body></html> sets. Its really bad. So I started working on a page that has a form. It is included in the main page with this line of code:
I have a quick signup for a friends page, and at the end of the signup I wanna destroy all the session variables using the nice session.abandon then create two session variables for the username and password so they're already signed in, then redirect them to the index page already logged in. Problem is the session variables don't get saved on the redirect when the session has been abandoned on the page. If I take the abandon out and destroy the session variables individually everything works fine and the new session variables survive. But if I abandon the session then set the new variables they do not. Yes, they are being set after the abandon, and do exist as I've written them to the browser before the redirect. Its not that big a deal in such a small scale to delete all the variables individually, but theres gotta be a way incase it was hundreds of session variables right.
I have a front end with all the code and a backend with some tables. Want to convert this into website database. Most probably convert the frontend into ASP. Is this the only way? Can one use the VBA code inside ASP with translating the VBA into ASP?
