I have these 3 tabs that I want the user to be able to select, a variable to be set, and then each page they visit in the site to read that variable and subsequently display content based on the variable that is set. So, Sheridan tab sees "Sheridan" variable content, Gillette sees "Gillette" variable content, etc.....
View RepliesI have an ASP application (and associated .DLL) that generates HTML code.On one of my pages it generates a series of buttons (Input ... Language=vbscript ) each with an On Click sub associated with it. Once the ASP is expanded. each Onclick has only one statement in it, that is:
<% set session("Answer") = "001" %>
What I am trying to do is set a session variable based upon what button is pressed, because I want to use the "Answer" in future ASP pages.
We've just started getting a weird (and serious) problem with our ecommerce website.
Customers are logging in, which sets a session variable to their username (retrieved from the db). Then for no apparent reason at all, they'll be asked to login again a couple of minutes later.
e.g. Customer logs in, gets told they've logged in successfully, and they can access pages that require them to be logged in. Then, for example, they go to their 'My Account' page and are able to view it with no problems...simply refreshing the page a few times suddenly brings them back to the login page. Then a few more clicks on the 'My Account' button (without logging in a second time) and they're able to view it again.
It's really strange, it's as though the server loses track of the session for a moment, and then finds it again.
We're also getting problems with the shopping cart cookie that can display different quantities in the 'View Cart' page at different times without the customer actually changing the cart contents. Even after the customer completes an order and the cart contents are destroyed, the 'View Cart' page can continue to display the items they just purchased when it should be saying 'Your cart is empty'.
Given that we're having problems with both the cart cookie AND the login session variable (which also uses a cookie), and I'm almost 100% certain I've not touched any code that could interfere with either of these, I'm guessing that this is probably a problem with our ISP's web server but I'm not really sure. I really just want to see what you all think - if you think it's server related then I'll stop tearing my hair out going through all my code to see if it's our problem.
Are session variables more secure then cookies?
Session cookies (cookies with no expiration) are destroyed when the browser is destroyed.
Session variables are destroyed when the browser is destroyed OR after a time period.
So, in that way, they are secure from the data persisting on the client.
However, while they are in use, can cookies and/or session variables be made secure without encryption?
How much more secure are session variables than cookies?
The login state in my site relies on a combination of session variables and encrypted cookies. Some of my users are reporting that they are being "logged out" by the system - which seems to be related to their cookies being blanked out. I've checked all of the code and now that it's not being overwritten by my ASP.
The weird thing is that my site has two domain names, both pointing to the same pages and directories (no redirect). If this problem is happening to them and they switch to the other domain name and log back into the site, they stay logged in no problem. It also seems to not recur if the person is "logged out" and then logs back into the site on their own.
I had one problem like this in the past, because I had a tracking cookie that was being written on every page, and found that some browsers (don't remember which) had a limit of how many cookies could be written - and when they hit the limit the oldest cookie was tossed out. However, I don't have any code doing this now.
Anybody have any ideas what could be going on? Are there any session variable/cookie limits on the server side?
I am not able to set cookies with the domain name on a
Windows 2000 server with IIS 5.0. If I use the IP address
it works. I have another machine running IIS and I
configured them together.
I have a simple textbox in a form, and I want to set a cookie in the whole process, plus go to a new ASP page. Here's the code for setting the cookie:
<% Response.Cookies("FirstName")='(contents of text box)' %>
but I don't see where to put it in the input form. Am I able to set a cookie and process the form to go to the second page, all on the first form? Can someone enlighten me?
PHP Code:
<%
If (not (session("MM_UserAuthorization") = "")) Then
Response.cookies ("UserAuthorization")=Session("MM_UserAuthorization")
Response.Cookies("MM_Username")=Session("MM_Username")
Response.cookies ("UserAuthorization").Expires= Now
Response.cookies ("MM_Username").Expires= Now
strAuthorization = Session("MM_UserAuthorization")
End if
If (Request.Cookies("UserAuthorization")="") Then
Response.redirect ("login.asp")
Response.End
Else
strAuthorization = request.cookies("UserAuthorization")
End If
%>
1st Question:
Why I cannot use the [asp][/asp] for my asp code posting? I need to use the [php][/php/] which lead to display PHP: header?
2nd Question:
My codes displayed above created using the Ultradev, and since I use free member services from brinkster, which does not allow the session authentication, I "convert" the session into cookies. My question is that:
Response.cookies ("UserAuthorization").Expires= Now
Response.cookies ("MM_Username").Expires= Now
What mean ... Expires= Now, and if i want to set the cookies expire based on session (per browser), what are the codes?
i have this script named check.asp which checks a users login.
it won't redirect to the sucess page when the login is successful, and it's got me stumped why it won't..
here's the script ....
Is it possible for a user to enable permanent cookies but disable session cookies.....this seems like a contradition yet this is what I appear to be
reading in online articles?
I have a form on a page which I need to auto set certain fields from values stored in a Cookie.
<SCRIPT LANGUAGE="vbscript">
RegisterForm.Prefix.value = Request.Cookies("store")("id1")
</SCRIPT>
That is how it is in my file yet it just appears empty but I know there is valid data in the cookie as I printed it on screen using:
<%
Response.Write(Request.Cookies("store")("id1"))
%>
So I figured maybe it was something to do with the script tags so I tried using the <% %> tags instead and I got an error saying something like Microsoft VBScript runtime object required.
I have a function that I'm using to loop through some db query results and put them into a table. Inside the function, I have a line to add certain values to a series of cookies (kind of like a cookie array) as such:
response.cookies("sclot" & ZZ) = LotNum
'response.write(request.cookies("sclot" & ZZ))
If I uncomment the second line, I pull my values just fine from inside the function. The problem is, if I use the exact same line to try to pull the values outside of the function, or from another page, it returns nothing. The whole reason I'm putting these values into cookies is so that I can pull this list up on another page, but I don't seem to be able to. Is there some reason that I would not be able to read a cookie that I set inside a function outside of it?
I am using the following to delete the contents of a cookie
Response.Cookies("maincookie").expires = DateAdd("d",-2,now)
Response.redirect "login.asp"
If i try to alert the value of the cookie in the same page, it shows
the old value. As well as when it is alerted from the login.asp it
shows the old value.
The problem is when i try to update the value of the cookie in the
login page, it does not update the new value.
Only if i close the browser and reopen, the new value gets updated and
even if the old value is originally present in the cookie.
I am specifying the domain and path when creating the cookie. the
expires property is set to date + 1 when creating.
What should be done to delete the contents of the cookie? Should i
specify the domain as well as path when changing the expires property?
I have this large include file that will change based upon the page that includes it. Is there a way to make the include dynamic, for it to know which file is calling it and use variables based on that file?
View Replies View RelatedI am looking for the code to enable me to change the content of my asp site through the ajustment of variables.
I have index.asp (content included into this)
Would like to be able to have 'index.asp?page=Contact'
And it would 'include' the contact.asp information into index.asp
I found some code in another thread but didnt want to hijack it. This is down the right lines but it wouldnt work for me
Quote: Server object error 'ASP 0230 : 80004005'
Server.Transfer Error
/SITETEST/test2/index.asp, line 28
The call to Server.Transfer failed while loading the page. and it doesnt control content through includes. Code:
I have a login that I want to be able to set a session so if they are not logged in they cannot view other pages from the main page. I also wanted to know how to display the persons name that is logged in using sessions. There first name and last name are in the database. I did it before but i cannot remember how to do it.
View Replies View RelatedI have another problem regarding the session.timeout command . I m setting its value to be 30 mins but still my session expires after the default time out that is 20 mins.
I even have set the value of connection timeout in the IIS settings to be 30 mins but still no use........... its is stll taking the default time
My goal is this - to use cookies to remember items viewed by a specific user.
There is no registration process so need to identify each visitor & was thinking about using the session ID of the first visit as the identifier, is this okay?
So now I've identified a user I wish to attach to the cookie the imageID of every item that person has viewed i.e.
response.cookies("Mysite")(SessionID)=1.jpg
then
response.cookies("Mysite")(SessionID)=2.jpg
I want to set the asp session id path property. How can I do that?
I mean, asp session id is stored in a cookie and like any other cookie it should have properties (or attributes), how can I control it?
I've received some mail pointing me to go to a URL customized to me. For example someone named "John Smith" would receive the following URL:
http://www.somesite.com/john.smith
When going to that URL, it redirects to a page highly customized for John Smith. Any idea how this is done? I can't figure out how the redirect occurs.
I have an ASP application that has been running for 5 years that I am now modifying. Since then, I have installed asp.net 1.1 and 2.0 on my xp pro box. Whenever I run the "login" code for the app, it crashes as my dllhost goes to 98% cpu. I have traced the code to this line:
Session("SCHUserID")=123
What is strange is if I set the value to 11 or lower, this does not fail. What is also strange is if I set Session("SCH1UserID")= 123 it works. I know this has to have something to do with running asp.net on this box as well. I have tried running the app in its own process (High) and creating it's own virtual directory with no luck.
I have a problem with personalization of error pages. I hav'n't find a way to insert an image in the 403-9 page (too many users).
View Replies View RelatedCan cookies or session can be set to expired after the page closed, or page being refresh, or new uRL are enter to it?
View Replies View RelatedI need some help regarding cookies and session objects and also
global.asa file
I am creating one cookie when a user logs in on my website.
The cookie stores the login name of the user. I want that cookie
should get deleted when user closes the browser without signing out.
I think it is done in global.asa file . But i don;t know how to do it?
Please Explain me the working of global.asa file.
Also If I am creating a cookie and other site is also creating a
cookie of same name then does this will create a problem?.
which is safe and better .. creating cookies or creating session
variables.
I narrowed down with the shopping cart system on my site to the fact that session cookies are not enabled (or being allowed) in IE on some browsers...
I guess the default setting is "Automatic Cookie Handling"
it says that it uses P3P(W3C standard) to determine what cookies should be allowed and what should not...
what is the criteria to allow or block the acceptance of the cookie? I guess I will have to modify the site accordingly? Also what about older browsers...
I need to be able to user session variables on the site..
obviously if users disables cookies all together it will not work.. but it should allow for session cookies to be used.. no?
I try to use ServerXMLHTTP object to get the session infomation from a
remote webpage, but it always returns nothing.
the follwoing is my code:
*local.asp*
url = "http://domain/remote.asp"
set xmlhttp = Server.CreateObject("MSXML2.ServerXMLHTTP")
xmlhttp.open "GET", url, false
xmlhttp.send ""
Response.write xmlhttp.responseText
set xmlhttp = nothing
*remote.asp*
bLogin = Session("login")
sUserName = Request.Cookies("username")
Response.Write(nUserID & " " & sUserName)
although the session and cookie are not blank, but I cannot received any
info.
I am using a couple of session variables in my site. From what I can figure
out, session information is stored on the users computer in a cookie -
If the user has cookies disabled, do session variables still work - just
without the option of setting the Timeout property, as I'm assuming?
I recently discovered that my session cookies on the web host disappear within 30 seconds. I created some very simple asp scripts (it took me a while until I
discovered why my shopping cart acts very weird...) to check the session
cookies.
On one asp page I set up cookies:
setcookie.asp
<%
Session("TransactionID") = 15
Session("CustomerID") = 1
%>
and on
readcookie.asp
<%
response.write "Session(""TransactionID"")=" & Session("TransactionID") &
"<br>"
response.write "Session(""CustomerID"")=" & Session("CustomerID") & "<br>"
%>
The same asp pages run on my XP Pro show that the session cookies don't
expire as long as I close the browser, while on the remote web server, if I
do a refresh on readcookie.asp after 30 seconds, they are gone.
I run ASP on the server and all I know is that it is a Plesk server. No idea
if it actually a Linux server or a Windows one...
Do I have to setup expiry time or something for session cookies?
we are having a form where i can add products to my cart. so the user here can go on to no of pages giving details like no of products . i am using cookies for mantaining the session information like no of productds, product name, item price etc. now after all these process a page will apear where there wil be a button called "Pay Now". When the user clicks this button i should be able to clear all the cookies that are stored in the client side....
View Replies View RelatedI'm involved in quite a large project which has a slightly unusual
form of login (at least I think it's unusual!). I'm creating a site in
ASP (actually Chilisoft ASP) where access to all pages has to be
secured via login. The odd bit is that while the login page will be on
this site, the login process itself will be carried out on a
completely separate domain - this is the client's requirement so I
have no choice.
On login, the user will be assigned a 24 hour cookie by this 2nd
domain and then be passed back to the site I'm involved with. My site
then needs to assign a similar cookie (I'm assming that I won't be
able to read the other domain's cookie) and allow access to the site
for 24 hours.
I'm wondering if it's most efficient to assign a session variable to
indicate the user is logged in once my cookie has been generated
(rather than have every page check for a cookie again) and on
subsequent sessions during the 24 hour period to 1st check for session
var, then the cookie and then, if cookie exists, to assign the session
variable again.
what do you prefer ?
1. using session or cookies?
2. why?
3. how long the expired time?
Anyone know how to send ASP Session cookies like the following:
'Set-Cookie: ASPSESSIONIDCSBRSDCT=IOLJEPNDANEDGDFGPEKLNGEA; path=/'
using WinInet?
Code:
<%
Dim currentDesign, tempCSS
currentDesign = "default.css"
tempCSS = Request.QueryString("cssfile")
If tempCSS <> "" Then currentDesign = tempCSS
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>West Cheshire College</title>
<link rel="stylesheet" type="text/css" href="<%=currentDesign%>" title="default" media="screen" />
</head>
<body>
<div class="content">chaaaaaaaaannnnnnnnggggggggeeee</div>
<p>
<a href="default.asp?cssfile=bluetext.css">Change Style</a>
</body>
</html>
So I have the two style sheets, default and blue text...the asp switches the style sheets around.
What I need now is for the var to be remembered...any suggestions?