ASP :: Response.Cookies Bug

Response.Cookies(x).Domain?
I am looking for a way to delete (expire) all the cookies that we've ever written to the user's machine. I have found several scripts, however I have come across one "gotcha."

The scripts I have found all look something like this:

response.buffer = "true"
dim x
for each x in Request.Cookies
Response.Cookies(x) = "must be something"
Response.Cookies(x).Expires = "January 1, 1999"
next

One cookie gets set like this:

Response.Cookies(x).Domain = ".henryschein.com"

so that we can retrieve it from 'www.henryschein.com' and
'info.henryschein.com'

The problem is that the script above does not delete it.

Anyone have any idea why this is?? Anyone have a script that properly deletes ALL the cookies that you've ever written to the user's machine?

Cookies And Response.redirect. Do They Work Together?
I am having trouble with ASP cookies.

Scenario 1
An ASP page creates a cookie then calls another page. This second ASP page then reads the cookie. This works fine.

Scenario 2
An ASP page calls a second ASP page. First page has a standard HTML form on it which the second page then validates the user input. If the user has made a mistake then page two writes a cookie (user details and error message) and a response.redirect sends us back to the first page. The first page recognises that it was the second page that called it (via a parameter sent as part of the URL) and reads the cookie that it knows page two created. This does NOT work. The cookie is either now not there or the contents are null.

Questions:
How can I tell if the cookie was created or not using IE6? Cookies are enabled and no cookie appears in the Temp Internat Files folder in either scenario.

Also it is possible to see what is in a cookie, apart from using ASP?

Is it not possible to use a cookie in conjunction with a response.redirect (seems unlikely)?

Creating Cookies In Global.asa Session_OnStart But Cannot Read Cookies On Subsequent Pages.
In my Session_OnStart in Global.asa, I am setting some cookies. One
of them, I set as follows:

dim UserID
UserID = Request.ServerVariables("LOGON_USER")
Response.Cookies("User")("ID") = UCASE(UserID)

When I immediately log the cookie value retrieved from
Request.Cookies("User")("ID") into the Windows Event Log, I get the
correct value. However, when I try to retrieve the cookie on the home
page of my application using the same code,

Request.Cookies("User")("ID"), it either cannot find the cookie or
cannot read the value. I am retrieving the cookie before all HTML
headers are written. It is my first statement on the page after
Option Explicit. I have even compared the session IDs. The SessionID
created in the Session_OnStart is the same value as the SessionID on
the home page.

I have read that the Session_OnStart only has access to the
Application, Session and Request objects. It does not explicitly say
that it does not have access to the Response object. Also, I was even
able to use Response.Write's in Global.asa to print out the values
although it looked like it had also stopped the session after I did
so. Cookies are definitely enabled on my machine. I have even tried
setting the session cookie's expiration to be persistent for a few
days to see if it was perhaps expiring before I was able to read it
but this did not work either.

Is there something preventing cookies to be created in Global.asa in
the Session_OnStart sub? Is the Response object not available???
Please let me know if anyone else has had this problem or solution.

Enable Permanent Cookies But Disable Session Cookies
Is it possible for a user to enable permanent cookies but disable session cookies.....this seems like a contradition yet this is what I appear to be
reading in online articles?

Creating Cookies File And Stored In Cookies Folder
I m creating a cookies in my application and it work properly but i can't see the cookies where it will sotred i checked the cookies folder but i didn't find that I want to create a cookies file as the other web site create and store where other cookies will stored in Cookies folder or Temprory Internet files folder eg:1. arvind@google.co[1].txt this stored in cookies folder 2. arvind@msn[2].txt ....

Response.Write To The HTTP Response Body
<a target="_blank"
href="IndividualGamePerformances.asp?MatchID=<%=RS("MatchID")%>&TeamID=<%=Request("TeamID")%>">

Can anyone please tell me what to enter after Response.Write to write the above to the HTTP Response body.

Response.redirect And Response.end
Is there any point in having response.end after response.redirect?

Cookies
I've added a cookie and I am able to read it when using the same window but
if I load up a new window and try to access it, it can't find the cookie.
Any one know why?

Cookies?
I am creating a user tracking app that tracks a user one of two ways...

1)First Method is cookies
2)Second Method MS SQL DB

I first check if the users browser accepts cookies if not I go to the db. If the user accepts cookies then I check for a specific crumb if it does not have the value I am looking for I kill it and rewrite it. This is working fine (im in the middle of testing it). The problem is I decieded to test the script with NN7 and not turn cookies off but block cookies from my site and all fell apart. The condition that I have set (detect if cookies are enabled) does not stop the script from trying to set a Session Variable because the browser accepts cookies and to keep a long story short it goes into an infinite loop because the script is looking for a Session value and Its not being stopped becaues the script thinks its alright to write cookies! Is there a way to detect if a user has your sites cookies blocked? This is important because Server.CreateObject("MSWC.BrowserType") will return .Cookies = True and you will not know that your script is not executing properly because a user has your sites cookies blocked but excepts them elsewhere...

Should We Use Cookies??
After a login we have a menu from where we have access to different operations such as add ,delete,update.. but if a user enters the appropriate URL he has access to these operations with out proper authorization.how do we solve this.

should we use cookies,if so how exactly?

Log-in Cookies
I've built a website which requires a user to log-in to access the site. I have already built a page that enters their details into a db (register.asp), and another page where the user enters their email address (the log-in ID) to actually log-in (login.asp).

How can I use a cookie to automatically log a user in??

More specifically, what are the commands to set a cookie (upon successful registration) and access it (upon re-logging in)?

Using Cookies
Hey i've spent the last few hours trying to work this problem out about cookies.

When a user logs in to the site the login.asp page checks the database to see the personal page that the user re directs to e.g if bob brown logged in he would be redirected to bob.brown.asp. This is stored in a field in the database table along with the username and password.

i would like to put a cookie onto the users computer that remembers the url they were redirected to so when they press the main page button it would look for the cookie and see what url they are meant to be redirected to and take them there

My current login system is this ....

Getting Cookies
I'm trying to load up a page through my asp page and get the cookie from that page so that I can use it later on when it needs to have it to access other parts of the site.

Basically the asp page is going to act like a browser and store the cookie from the other site, then send that cookie back when the asp page goes back to the other site again.

The problem is, I can only seem to access my own cookie. I didn't run into this problem when I was doing a similar thing inside my .cs scripts that were run by the server, as I suppose they were not coming from the actual domain that my page is running on (and thus, wasn't getting everything trampled by local cookies).

Is this possible, or should I just give up on it now?

Using Cookies - Best Way To Do This?
im building a site for a few doctors surgeries. the user is able to see what appointments are available and then book that date/time. i have a table (in my db) of dates/times and a checkbox to say whether the time has been booked or not (and display only times that havnt been booked). i was going to have the user add the time to a "cart" and then check the "booked" checkbox in my db when theyve paid for that appointment. but if i have lots of people looking at the site at the same time, then they may be able to see times that are just about to be booked. i think a better way is to have the date/time stuffed into a cookie which expires after 5 minutes. so when a user adds a time to their "cart", it will say something like: "this time will expire in 5 minutes until you book it or re-add it to your cart". does that make sense?
how can i do this with server-cide cookies (im using jscript)? can anyone think of a better way to do this?

Cookies
trying to delete a cookie, without success it seems. The following code
to delete and check a cookie produces "yes" where I expected "no"

Anyone tell me how to delete a cookie if this code is wrong.

response.cookies("savedforum").expires = date - 1
if request.cookies("savedforum").haskeys then
response.write "yes"
else
response.write "no"

Cookies
I have the code below which I know it is wrong where the cookies come in. I am trying to write the values collected from a database into cookies. However I am having difficulty trying to figure out how to write rows of cookies with different values. This may be a little difficult to explain - see the following code:

Cookies
I need to set a cookie on a user after they have logged in. I want to
use just the user's login name , since that is a unique field.

If rsPersonIDCheck.EOF Then
Session("blnValidUser") = False
Else
Session("login") = rsPersonIDCheck("login")

but:
set Cookies("User") = Session("login")
seems not to be creating the cookie

What Is Cookies
I know little abt asp.I have done aproject on asp but I don't know much on cookies.if u know then plz give me idea with some codes.

Asp Cookies
Not strictly a full asp question but Im sure someone here will have the
answer.I've read in several web sites that you can read and write to the same
cookie with asp and javascript.Does anyone have any sample coding showing how to do this with the javascript along with the asp code or were these websites I saw it mentioned
on bogus?

Cookies
In my web application i'm are able to store large data in
the browser cookie keeping in mind the limit of 300
cookies per browser, 20 keys per cookie per domain and 4KB
max size of each cookie. i'm are unable to retreive this
large amount of data immediately after storing through
document.cookie in IE browser (The same works fine in
Netscape).

Is there any limit on the size of the data that can be
retreived using document.cookie? Could you please suggest
a solution to this problem i'm are facing.

Cookies
If I Request.Cookies("cookiename") and the cookie doesnt exist could I use

If Request.Cookies("cookiename") = "" Then
Display Error Message
End If

or would i use

If Request.Cookies("cookiename") = Nothing Then
Display Error Message
End If

CDO + Cookies
I found that a number of my sites that send email using CDO failed withing the past 30 days. Consider the following. I know its not the best coding practice to open and close the connection so many times but Im curious why this would all of a sudden become an issue.

1. Have a few large sites essentially all variables such as SMTP server are set using cookies so I can deploy multiple sites quickly.

2. Within the site email appears to work correctly across all pages with 1 exception.

3. The exception is below, Im wondering if it has to do with cookies having to be retrieved multiple times from the client machine

--Call db run search loop data build array

--Based on data in array call another search alter and finalize array

--Do while <= uBound(myArray)

--Call Email sub (from,to,sub,body) ' Sub contains a request cookies for SMTP server.

--Loop

Doesnt matter if its 2 or 50 emails always fails when using request.cookies to set the SMTP in the sub. Works fine if I hard code the IP. This same sub is used multiple times throughout the website and works fine with cookies.

Just curious why it needs might need to be hard coded in the loop. Has been running for about 6 months fine and have recently started noticing failures.

Bad Cookies
All the cookies that i have don't show any bad cookies as i call them but only show the cookies that they want on the users computer but for some reason i am getting lots of bad cookies from my website at http://tmd-1.com/ and i don't know how to stop the bad cookies from downloading to the computer the cookies i am having trouble with will be in a red box in the image below.....

Cookies
I started using the following code, although, I have a feeling it is not working. Also, do I have to place the same code on all accessed pages? Code:

<%
Response.Cookies("ExpCookie") = "Expiration"
Response.Cookies("ExpCookie").Expires = DateAdd("d", 1, Now())
Response.Cookies("ExpCookie").Secure = True
Response.Cookies("LastVisit") = Date & " " & Time
%>
I am new at all of this, I can understand that this cookie will expire an hour after being access on a given day (is that right?), and it will create the cookie with the printed date and time of access. how can I make sure cookie expire on time.

Cart Cookies
I need to build my own simple cart that writes to cookies only. I can write
and read cookies, but don't have a clue as to how I can add multiple
products, change quantites, etc. All I need is a cart that stores
information in cookies and the user prints their order. That's it. Where can
I find such information?

Setting Cookies
I am not able to set cookies with the domain name on a
Windows 2000 server with IIS 5.0. If I use the IP address
it works. I have another machine running IIS and I
configured them together.

Cookies Problem...
I have two folders under root(wwwroot) Fol1 and Fol2.

Our customers logs on index.asp under Fol1 but when he/she wants to check
their order status it will take them to Fol2/account.asp where it checks for
userid cookie which was set in Fol1 index.asp when they log in. But seems
like I am not able to obtain the value in Fol2/account.asp. User Id cookie
is empty. I have set an expiration date for cookie as date + 1

Regarding Cookies Expiry
I got stuck with some cookies expiry date. I wanted my cookies to expired every 4 hours. I'm writing with ASP. Currently I'm using the below code:

Response.Cookies("announcement").Expires = date + 1

for the expiry of everyday. How can I write if I want the cookies to expire every 4 hours?

Cookies Across Domains
Is it possible to use cookies between different domains?

For my site I use 2 domains;

the first for my global site with ASP en HTML, the second is for my forum located on "hyperboards" a free forum domain. On de second domain i don't have any control and i can't put any new webpages on that site.

But I want to use the cookie of my forum on my global site.

Cookies And Session
Can cookies or session can be set to expired after the page closed, or page being refresh, or new uRL are enter to it?

Cookies And Firewall
I can write out cookies using response.cookies and read cooies with
request.cookies

If I enable a firewall like zonealarm then the cookies wiill write out but
the asp page will not read the cookies. This is if block third part
cookies is enabled. If I allow third party cookies the it will work.

If I display the cookie collection it will show a count of zero. I can
edit the cookie on the disk and see the data.

other web sites write and read info to my computer with cookies and zone
alarm is set to block them. why does request.cookies fail to get the
information back.

Cookies Problem (bug?)
Some of the visitors are complaining that they can't get in into the system
(using the login form of-course).

My login form includes e-mail and passwords fields, that I check within the
e-mail and passwords fields written in the database.
Then, if all is OK and the info the visitor enter is valid, I write it into
a cookie that next time the user get into my site, the system will recognize
him.

As I mentioned before, the problem is that some of the visitors are able to
connect/logon, and some are not. They are getting the regular screen.
I checked with them and the cookies were enabled. I also tried to add a
"Response.Buffer=TRUE" code in the first line of code there --- > NOTHING.

Some people are able to connect just after they clear the cookies from their
computer. For some it doesn't help...
Some can't logout when they are connected :

I am attaching here some code....

Cookies N Sessions
Using Session("variableName") to store data for the duration of a session. And using Response.Cookie("nameOfCookie") to store data as a "cookie" in ASP.....some questions here....

Session Variables. There's no disabling that CLIENT-SIDE is there? ASP Sessions are managed by the server, so as long as it's running fine, there's nothing the client can do to stop session variables from being created right?

"Session" Cookies? When using Response.Cookie, is that data actually written to the client's HDD like Javascript cookies would be? I noticed in MSIE 6 you can goto TOOL > INTERNET OPTIONS > PRIVACY > ADVANCED and Overide Session Cookie settings, but they don't seem to work.

I UNCHCKED to ALWAYS ALLOW SESSION COOKIES, and then did a

Code: ....

Are Cookies Stored In RAM?
I know that cookies are stored with a txt file in the client PC. but are cookies even stored in RAM? cuz i can access the cookie information but i cannot see the cookie a txt related to that in my PC...

Cookies , Session Which Is Better?
I need some help regarding cookies and session objects and also
global.asa file

I am creating one cookie when a user logs in on my website.
The cookie stores the login name of the user. I want that cookie
should get deleted when user closes the browser without signing out.

I think it is done in global.asa file . But i don;t know how to do it?
Please Explain me the working of global.asa file.

Also If I am creating a cookie and other site is also creating a
cookie of same name then does this will create a problem?.

which is safe and better .. creating cookies or creating session
variables.

Cookies IE Vs. Firefox
I am trying to create a cookie based on a querystring. Firefox creates and displays the cookie without a problem. IE on the other had seems to not even create the cookie. I HATE BUILDING FOR 2 BROWSERS!

Here is the creation code:

Verify Cookies
I'm having trouble verifying the cookie that I leave on a client's computer.

Here is the code: ....

Querystrings And Cookies
I've noticed a strange problem with setting cookies in ASP when the
cookie name you're setting exists in the querystring. The company I
work for has many partner sites who link to our site like this:
www.mycompany.com/partner.asp?PartnerID=??? The partner.asp page then
sets a cookie called PartnerID containing the value from the
querystring.

We have noticed, however, that if the partner calls the partner.asp
page and alters the capitalization of 'PartnerID' then another cookie
gets set which takes the capitalization of 'PartnerID' from the
querystring. All of the other asp pages in the site then seem to read
the first cookie set and thus it appears that the 'wrong' partner
settings are being used.

Has anyone experienced this problem before? Unfortunately altering the
cookie or querystring names would be a non-trivial task so this is not
an option at the moment.

Sessions Or Cookies ?
i'm creating a shopping cart and i need to know when users add products to their shopping cart, does it load a session for each visitor, which when a new customer tries to add it opens a session for him and he closes the site the session closes enabling another visitor to start with an empty basket ?

or does it use cookies instead of sessions ?

my shopping cart does not work properly...
i need to fix it in this way, when a new visitor tries to add products to the shopping cart it doesn't display the previous products of the previous visitor.

noting that i'm not using any registration as yet......

how can i fix that?

i have a file called shop.asp which list the type of products available in the database and then when a type is clicked a list of products under this type will be displayed, then customers can add to the cart whatever they want.....

but this does not work properly because if another user tries to access the cart he'll see the previous products in there....

Updating Cookies
Got a cookie problem, specifically with persisting it when I write to it a
second time on another ASP page. Here's the scenario:

Page1.asp:
- I have a cookie with serveral keys
- I set all the key values
- I then set the overall cookie expiration (you don't do this for all
the keys right, just at the top level?)
- This works fine, the cookie persists, but if I then go to page2.asp...

Page2.asp
- I simply use the response.cookie("cookiename")("KeyName") to update
some of the prior values.

Once page2.asp gets called, the cookie becomes a session cookie and does not
persist.

Questions:
1. I wasn't then re-setting the expiration, do I need to? I tried but still
the cookie wouldn't persist.

2. What is the correct order of setting the expiration, before, after
setting all the key values? Does it matter?

3. Can you in-fact update a cookie's key values, or is this fundamentally
incorrect, do you need to re-write the whole cookie?

4. Any other ideas?

Session Cookies
I narrowed down with the shopping cart system on my site to the fact that session cookies are not enabled (or being allowed) in IE on some browsers...

I guess the default setting is "Automatic Cookie Handling"

it says that it uses P3P(W3C standard) to determine what cookies should be allowed and what should not...

what is the criteria to allow or block the acceptance of the cookie? I guess I will have to modify the site accordingly? Also what about older browsers...

I need to be able to user session variables on the site..

obviously if users disables cookies all together it will not work.. but it should allow for session cookies to be used.. no?

Encrypting Cookies
I use cookies on my website to store details such as the colour scheme, email and username though I do not want people editing this data so I need to encrypt the cookie due to data such as post counts being stored in this way.

Sessions & Cookies
I want to do something very simpel. Make a part of my website available
only for users with a username and password. The site is mainly ASP
based. The webserver is an IIS6 and I do NOT have access to server
settings (session timeout, security,...).

I use sessions to set the validation for the users. Basically you are
redirected to a form where you can give a username and password, this is
validated with the values in a database. If the password and username
are ok a session value is set <%=Session("Validated")=True%>*.

At the beginning of each secured page I start with:
<%If Session("Validated")=False Then Response.Redirect("Login.asp") End
If%>

So if the session value "validated" is true you can see the secured
pages, else you are redirected to the logon page.

The default timeout value for session is 20 minutes. Because the session
should stay alive during the complete time of the visit I was thinking
of puting the session.timeout to 60 minutes. I set this at the beginning
of every secure page: <%Session.timeout=60%>

Now, Users keep on contacting me saying that they have to relogon quiet
often. This also seems to happen when a user is not on the website for
20 minutes already (session expired). I tested it myself and have the
feeling the I am indeed regularly redirected. Sometimes after 10
minutes, other times 30 minutes, ... There seems not to be any logic in
the time that users are redirected to the logon page.

Because the website is used to fill in a lot of long HTML forms, it is
very frustrating for the users when they are completing a form and then
pressing "Submit" being redirected to the logon page and lose all
entered data.

Is there somebody who can give me more info on the strange session
behavior? For me it is not normal that a session times out in that
unlogic way.

The only solution I can think of is passing the post information to the
logon page and then redirect after validation back to the transaction
page.

How can you reset the timeout counter on a session in ASP? What I was
thinking was that I am doing it maybe wrong?

Now the session variable that let a user have access to the site is set
once at logon time: (<%=Session("Validated")=True%*>*). Then it is
checked on every page that the user opens (<%If
Session("Validated")=False Then Response.Redirect("Login.asp") End If%>)

Would it be a good idea to re-set the variable every time a user
accesses page? Like <%If Session("Validated")=False Then
Response.Redirect("Login.asp") Else Session("Validated")=True End If%>
Would this reset the timer that times out the session? Or do I have to
add something like <%Session.Abandon%> before setting the variable
again?

What would this do on the server performance?
Is this a good way of working with sessions?

Swicth to cookies i.o. sessions?

I am open for all suggestions, please help! In the future there are also
money transactions going over this website, so it has to be a secure
method! I will use a seperate HTTPS host for this.

ASP And ASP.net Cookies - Delete It
During the development, I need to test cookies (ASP and ASP.net).

For the first time I test (First username), it writes the cookies into my computer using the First username, and when I want to test second time, using another user name (Second username), it wont't show up the login page, but instead it automatically let me access the protected page (using the first test username).

Question: I want to delete this cookies! How?

I have searched:

Temporary folder, and can't find it.
Document and settings (W2000 Professional), and can't find it as well.

Cookies Issue
I have an application that when it loads, it checks for a cookie on the client side. If the cookie exists, it sets a variable on the specific ASP page for certain fields to be populated. Our problem is that some user sessions have data left over in cookies that
are from a previous user session....

Cookies Problem
I am working on a project and stucked to maintain few cookies. I have few fields like username , email, company name. I am able to create cookies for username but how to create cookies for company name both are on the same page. I need that user when login then only the cookies for company name has been maintained how to do that...

Clearing Cookies
I have a page that creates a cookie on your computer. at that point it stores login information. Seeing that I am on the administration side and wish to login to accounts without the cookie getting in the way, I create a page to delete the cookie as follows:

Response.Buffer = True

Dim Cookie
For Each Cookie In Response.Cookies
Response.Cookies(Cookie) = "this must be something!"
Response.Cookies(Cookie).Expires = Date() - 1
session.clear
session.Abandon()
Next ' Cookie

For Each Cookie In Response.Cookies
Response.Cookies(Cookie) = "this must be something!"
Response.Cookies(Cookie).Domain = "hazsoft.com"
Response.Cookies(Cookie).Expires = Date() - 1
session.clear
session.Abandon()
Next

This removes the cookie like i desire but, I must first reopen my browser for the cookie to be totally removed. As you can see I have also removed the session variables. Is there a way to remove cookies and session variables, without having to close the browser window?