Session Variables Retain Values Even After The .Abandon
I am developing a membership based website for car auctions. It uses the session object on many pages, most importantly on user personal pages. When the user session ends, i.e., on logout, I use the Session.Abandon to destroy a session object associated with a particular user, and also turn a boolean variable session("Valid_User")=False (which was turned ON at the time of successful login and used on user personal pages for authentication).
But, when I go BACK and browse the previous pages, they still appear with the specific user's data, who logged in last time on the same browser. Why is it so? When I refresh the pages, only then the session variables' values are erased.
Secondly, my site doesn't allow me to login as a different user, even after logout, because I have put a check on the login page so that it doesn't allow a user to login again during his current session, which again means that the logout process doesn't destroy his session.
I know that cookies can store an array of values, which can be accessed like this:
tempid = Request("cookiename")(i)
Is it possible to use session variables in the same way? Store a array of values in the same session variable and access them on another page by indexing?
I've looked around alot and I've not found anything suggesting that this is possible.
Right now I'm using a single set of cookies to store info on a series of purchaces of the same type of item. I'm hoping to use session variables to replace the cookies.
Does anyone know for certain if this is not possible?
I have learned asp just for a short time and now I have a problem.If I open a new window from a parent window, then open another new window again from the parent window, can the session of the 1st child window be abandoned when the 2nd child window is opened?
I use ASP pages With RDC to post Crystal Reports on a Web. Everything works fine, until I realized that I cannot use "Back" button. It destroys all session variable I need in my application. CR require include Clinup.asp page with this code:
'The JavaScript code is used to close the newly opened browser window once the page has run Session.Abandon Response.End
'These last two lines terminate that user's active session and flushes html to the browser. So session.abandon is my problem! What should I do?
I am passing form data to a distant server that is out of my control. The destination server (posting to) rejects all postings beyond ONE from the same session ID. I am trying to get around this...my postings are valid but I can't get the programmers on the other end to accomodate me.
I am doing the following:
Data is posted, from elsewhere, to me in an ASP page. I process the data then redirect to a 2nd page (on my server) w/ a QryStr The 2nd page populates a dummy form w/the QryStr data and OnLoad submits.
I have a Session.Abandon command JUST BEFORE the redirect to MY 2nd page (the one that populates the dummy form and submits itself)
My subsequent postings beyond the first are still being rejected due to "Same Session ID"
how do i retian values in the textfield even after it is submitted ? Like for example, when you fill out most application forms, after submitting if there is an error it redirects you back to the first page alerting you of the error but the other values still remain. I would like to incoporate this function. where i can find them ?
how do i retian values in the textfield even after it is submitted ?
Like for example, when you fill out most application forms, after submitting if there is an error it redirects you back to the first page alerting you of the error but the other values still remain..
I want to abandon session everytime when user come to login page. The problem is that if 1) user comes from login page to welcome page and session is created 2) but if he clicks the "back" button session is not abandoned. I have
Session.Abandon
on login page, but it does not work untill page refreshed. Is there any way to refresh page if user comes back to it using button "back" of browser? Or may be the right way is very different to what i try to do?
How to store form's textbox values in VBScript variables? I tried something similar likr this: Dim myVariable myVariable=Document.myFormname.myFieldName.Value
I want to create an administration page which lists all the current users who are on the site at the moment.
I know coldfusion has this feature built in using the SessionTracker class... does ASP have something similar? If not... is there any way I can just iterate through all the session files on the server...?
I have created a nice funky 500 - 100 error page which gives a nicer error; happily loops through and supplies querysting information, all headers, server variables..etc but it has a limitation. On a normal error page you can always use a response.write then response.end to look a the value of a local variable.
What I would LOVE would be to be able to loop through all the local variables (not form or querystring, they're sorted) on the previous page and display their values so a developer would see the complete state of the page on the error page without having to use any on error statements. Has anyone achieved this, I can't think of a way at all.
well in session we got session.abandon and all the bad sessions gone... i need to delete cookies from users side, there is option for this in asp dot net but in classic asp how we can do it?
I am using Session variables in my ASP application. I have tested the application on a Win2k professional and it works fine. When the same web app is installed on a win2k advanced server from the client browser when the app is accessed the session variable returns null inspite of a value being already set. I have checked the IIS enable session state settings. When i use the server machine as client and access the app as localhost then the session variable has correct value.
How can this be solved? What other settings if any, need to be changed to get it work.
Do session variables carry over if you've left your site and come back?
My shopping cart uses PayPal/IPN to transact and then enter details of the transaction into my database. All of the data entry takes place after IPN has returned all of the data to my site.
A couple of the fields I need to populate are held in session variables throughout the application. When the customer clicks on the checkout button, and is sent over to PayPal's server to complete the transaction, will the session variables still be available to me upon returning to my site?
Is there a way to close a single session variable, once it's been created? I have an application that requires a several session variables to be created once a person enteres a certian section of my site. When they leave the variables are set to nothing, as they are no longer needed. I'd like to just close them out, but I will still need to keep the session open, so Session.Abandon will not work in this case.
We have different types of logins for our accounts on our intranet. When a person logs in, a Session variable is set to determine their level of access. For sake of argument, say the two LoginTypes are Manager and Employee.When I log in (as a Manager), I get a certain set of options on the homepage. Then I return to the login page, after logging in as myself, and log in as an Employee. For some reason, the page seems "cached" and the manager options will still display. If I refresh this page, it will appear the way it should. I *think* this only happens when I copy/paste a URL that I was at as a Manager. I believe that if I click a link, it displays properly.Is there a way to prevent this? I do a ton of copying/pasting URLs.
I would like to declare a session variable. ' Use session variables for the recordsets for the GetSubordinates and IsManager functions Dim orgStructRS set orgStructRS = Server.CreateObject("ADODB.Recordset")
Where can I declare this session variables? Once I use the recordset in both the functions, where do I close these recordsets?
I have read couple of articles warning against the use of storing VB COM objects (Apartment Threading) in Session Variables due to the fact that these variables could go bad.My question is what's the workaround this? I have also read about making ASP Stateless...I'm guessing that means turning the session and application variables off and if you do that then how do you pass information for a particular user from one page to another?I'm confused about how to get an ASP site working without using Application and Session variables as well as not storing VB COM objects in Session Variables.
I have a session variable in a login page. Then I go to a form page where I uses the ProfileID and the UserID. Then I go to a result page where I would like to use the UserID as a filter, but I can't get the value is stored in it.
I'm loading a variable into the session variables that will be for checking to see if the user can access a certain area of the website. When the user logs out or gives and incorrect login password is it better to kill off all the variables using session.abandon or to set the session access variable to False? I'm not really concerned about using the servers resources with this one variable, but I would like to keep the server as free as possible.
I've noticed that in my ASP application that session variables are not carried over from one IE6 open browser window to another. Can anyone tell me how IE can do this? It seems like it's a useful protection mechanism that I can add to my application. BTW, I'm looking for a way to determine if someone is moving cookies between computers. How IE and/or ASP handles sessions might give me some insights (and I'm open to suggestions as to how to prevent cookie stealing?)
I have an ASP [Classic] application running under IIS 5 & 6 [on different servers (obviously)] I need to implement Session() variables to cache some frequently looked up data. Because of the nature of the data, it is best held in the Session() rather than the Application() object.Is there a limit to the how long the parameter name can be? For example: Session("HairColour") - the parameter name length her is 10 characters - what's the max length (is there a max length)? I ask because my code will generate these parameter names on the fly and I don't want them to break anything
I have a question regarding ASP session variables. My assumption was that a session variable has the same lifetime as the session itself: as a consequence, given that closing the browser doesn't terminate the session, the session variable is kept alive until the session expires.But, surprisingly, I've found this to be true for the session variables whose value is set in the global.asa file, but if the value is set in an ..asp script, it appears to be erased from the session object as soon as the browser is closed although the session is still alive. Strange. Is this a bug?What I'd need to know is: how I can make session variables whose value is set in an .asp script persistent as long as the session is alive.
In my GLOBAL.ASA file I'm trying to create a session variable for reference in the various webpages of my site....
Sub Session_OnStart Session("LoggedOn")="Y" End Sub
When referring to Session("LoggedOn") on my various ASP pages, it is coming up as "".
I'm obviously misunderstanding how this works... Can anyone point me the right direction?
Eventually I'll need to access a database and I'm assuming that if I need to connect to that database, that I'll need to create the connection in the Session_OnStart event and destroy the connection in the Session_OnEnd event of the GLOBAL.ASA file.
I need to hold some session variables on an intermediate page for later use . My problem is I dont know Where to store the session command. Do I put it in the head of the page of the form I get the Variable from , do I put it into the response page (I am using The POST method) or Where ?
On the index page of my site the following code creates a unique user id in the form: {B851C038-989D-4BE9-B280-32F6A97FEDEC}
if session("userid") = "" then session("userid") = left(createobject("scriptlet.typelib").guid,38) end if
This is checked in every page to make sure the user has an id with the following code:
if session("userid") = "" then response.redirect "index.asp" end if
When the user has finally finished filling their webcart the userid is posted to the database but for some reason, with about 1 in 5 visitors to the site the database saves an empty field for the userid.
Does anyone know of any issues with session variables or any browser / config that could cause this to happen.
