Session Variables In Trusted Sites
I have an asp based site which for various reasons has to go in either
Trusted Sites or Intranet under security in IE7. However as soon as I
place it in either of these zoneI can no longer use session variables.
These session variables work fine when it is in the Internet zone. Any
Is it possible to add a domain name to trusted zones from an ASP page?
I want to create an administration page which lists all the current users who are on the site at the moment.
I know coldfusion has this feature built in using the SessionTracker class... does ASP have something similar? If not... is there any way I can just iterate through all the session files on the server...?
We have this application that uses ASP and requires the user to add our website as Trusted Site before he could proceed or even work well using our website.
I know it's just a simple click click click with the Internet Options but with would like our users to be prompted that the site need to be added as Trusted Site so that they will not encounter issues later on.
Is there a way to detect if the servers domain is added to the user's trusted zone?
Not sure if this is the right place but I need to get this website going and am having problems with the ODBC driver connecting to the SQL server When setting up the driver I am getting a sql error 18452 login failed reason: not associated with a trusted SQL connection I am at a loss as I installed this on another machine and it worked.
I am using Session variables in my ASP application. I have tested the
application on a Win2k professional and it works fine. When the same web
app is installed on a win2k advanced server from the client browser when the
app is accessed the session variable returns null inspite of a value being
already set. I have checked the IIS enable session state settings. When i
use the server machine as client and access the app as localhost then the
session variable has correct value.
How can this be solved? What other settings if any, need to be changed to
get it work.
Do session variables carry over if you've left your site and come back?
My shopping cart uses PayPal/IPN to transact and then enter details of the transaction into my database. All of the data entry takes place after IPN has returned all of the data to my site.
A couple of the fields I need to populate are held in session variables throughout the application. When the customer clicks on the checkout button, and is sent over to PayPal's server to complete the transaction, will the session variables still be available to me upon returning to my site?
Is there a way to close a single session variable, once it's been created? I have an application that requires a several session variables to be created once a person enteres a certian section of my site. When they leave the variables are set to nothing, as they are no longer needed. I'd like to just close them out, but I will still need to keep the session open, so Session.Abandon will not work in this case.
I recently reformatted my PC and reinstalled ISS onto Windows 2000.
Since I have done that, my local sites don't work as they used to.
By that I mean, if I have a login page, such as this: Code:
On my IIS 5.0 i have enable session state set to 20 minutes
ASP SCRIPT TIMEOUT set to 200 seconds.
On my asp pages i even coded in session.timeout = 60
When i check the value of one of my sessions on a page i
am being returned to main page.
i.e If session("basket") = "" then
go to mainpage.asp
When i check the session.timeout on the page this is set
If i wait around for a few minutes i.e 5 then i am taken
back to mainpage.asp...
The server is not given me the 20 minutes session state.
I cannot seem to get session variables to work on our test server.
The test server is running windows server 2000 with service pack 4, iis 5.0.2195.6620, and sql server 2000.
However, on our main server, NT 4.0 fully updated, they do work.
Could anyone enlighten me as to why session variables don't work on Windows Server 2000?
We have different types of logins for our accounts on our intranet. When a
person logs in, a Session variable is set to determine their level of
access. For sake of argument, say the two LoginTypes are Manager and
Employee.When I log in (as a Manager), I get a certain set of options on the
homepage. Then I return to the login page, after logging in as myself, and
log in as an Employee. For some reason, the page seems "cached" and the
manager options will still display. If I refresh this page, it will appear
the way it should. I *think* this only happens when I copy/paste a URL that
I was at as a Manager. I believe that if I click a link, it displays
properly.Is there a way to prevent this? I do a ton of copying/pasting
I would like to declare a session variable.
' Use session variables for the recordsets for the GetSubordinates and IsManager functions
set orgStructRS = Server.CreateObject("ADODB.Recordset")
Where can I declare this session variables?
Once I use the recordset in both the functions, where do I close these recordsets?
I have read couple of articles warning against the use of storing VB COM
objects (Apartment Threading) in Session Variables due to the fact that
these variables could go bad.My question is what's the workaround this?
I have also read about making ASP Stateless...I'm guessing that means
turning the session and application variables off and if you do that
then how do you pass information for a particular user from one page to
another?I'm confused about how to get an ASP site working without using
Application and Session variables as well as not storing VB COM objects
in Session Variables.
I have a session variable in a login page. Then I go to a form page where I
uses the ProfileID and the UserID. Then I go to a result page where I would
like to use the UserID as a filter, but I can't get the value is stored in it.
I'm loading a variable into the session variables that will be for checking to see if the user can access a certain area of the website. When the user logs out or gives and incorrect login password is it better to kill off all the variables using session.abandon or to set the session access variable to False?
I'm not really concerned about using the servers resources with this one variable, but I would like to keep the server as free as possible.
I've noticed that in my ASP application that session variables are not carried over from
one IE6 open browser window to another.
Can anyone tell me how IE can do this? It seems like it's a useful protection mechanism
that I can add to my application.
BTW, I'm looking for a way to determine if someone is moving cookies between computers.
How IE and/or ASP handles sessions might give me some insights (and I'm open to
suggestions as to how to prevent cookie stealing?)
I have an ASP [Classic] application running under IIS 5 & 6 [on different
I need to implement Session() variables to cache some frequently looked up
data. Because of the nature of the data, it is best held in the Session()
rather than the Application() object.Is there a limit to the how long the parameter name can be?
Session("HairColour") - the parameter name length her is 10 characters -
what's the max length (is there a max length)?
I ask because my code will generate these parameter names on the fly and I
don't want them to break anything
I have a question regarding ASP session variables.
My assumption was that a session variable has the same lifetime as the
session itself: as a consequence, given that closing the browser doesn't
terminate the session, the session variable is kept alive until the
session expires.But, surprisingly, I've found this to be true for the session variables
whose value is set in the global.asa file, but if the value is set in an
..asp script, it appears to be erased from the session object as soon as
the browser is closed although the session is still alive. Strange. Is
this a bug?What I'd need to know is: how I can make session variables whose value
is set in an .asp script persistent as long as the session is alive.
In my GLOBAL.ASA file I'm trying to create a session variable for reference
in the various webpages of my site....
When referring to Session("LoggedOn") on my various ASP pages, it is coming
up as "".
I'm obviously misunderstanding how this works... Can anyone point me the
Eventually I'll need to access a database and I'm assuming that if I need to
connect to that database, that I'll need to create the connection in the
Session_OnStart event and destroy the connection in the Session_OnEnd event
of the GLOBAL.ASA file.
I need to hold some session variables on an intermediate page for later use . My problem is I dont know Where to store the session command. Do I put it in the head of the page of the form I get the Variable from , do I put it into the response page (I am using The POST method) or Where ?
On the index page of my site the following code creates a unique user id in the form:
if session("userid") = "" then
session("userid") = left(createobject("scriptlet.typelib").guid,38)
This is checked in every page to make sure the user has an id with the following code:
if session("userid") = "" then
When the user has finally finished filling their webcart the userid is posted to the database but for some reason, with about 1 in 5 visitors to the site the database saves an empty field for the userid.
Does anyone know of any issues with session variables or any browser / config that could cause this to happen.
In client-side script (<script> codes </script>), how can set / get session
I am having some trouble with seesion variables.
I have just moved hosting companies to Brinkster.com but have been
having problems with my applications holding session.
They say they can't guarantee sessions and recomend another method of
storing persistant data.
I questioned them on why, only on their servers, my sessions are being
reset as often as they are. They said it must be a coding issue.
However, I have not had trouble before, with same applications on
different or local servers.
So my question is this, what can reset session data? Just a reset of
I'm having problems with carrying variables over from one page to another and then using them in if/then statements. I can carry the variables over fine (because I can print them) but if I try to compare it to a value I pull from a database it acts like the value is null and won't display. I'm not the best at explaining things so here's my code:
I have a website written in asp that uses session variables. On
one workstation the session variable always comes back as an empty
string, like it doesn't exist. What could cause this? Is there a
browser setting or some type of security that can control whether
session variables are created?
I have some pages in an asp site. Page one collects some data through a form and posts it to page two. Page two inserts the data into an access database and sets three of them as session variables. Page three is supposed to display those variables. My problem is that page three does not display any variables. All the variables are declared correctly and when i tried displaying them with page 2, they displayed properly but between page 2 and 3, they get lost.
I have an web application framework that uses sessions to
maintain a userID and some other variables. If a userID
is not present in the session collection, it redirects the
user to a login page, assuming their session expired.
However, this has been happening seemingly at random on
some of our implementations. The configuration is
basically the same... IIS 5.0, Win2k, IE6, etc. Also,
this happens even when a user goes from screen to screen
so it isn't a timeout issue.
Is it client-side? Server-side? Is it due to some additional security features added
in updates to IE? I don't think we ever had this problem
in IE5.5, but I don't have a written history of that.
I’m experiencing a problem regarding Session Variables and/or Cookies.
I'm doing a a web survey now which can only be done once. I send email to all with a id append to the URL so i can do checking. If he didnt do be4 I will direct him to the survey page.
After he finish and submit, I do an insert statement backend but the problem is I cant seems to retrieve the session which is the guy's id so i can insert into the DB. When I insert the id is always 0.
My asp application needs 2 variables (uid, password) which i need for
running sql statements.
This is not the same uid , password used for the logging by the user, but
are supplied by a Radius server. My problem is i'm supplied with the uid,
password only once by the Radius server(on the first page) , so i need to
store them. The thing is if i store them in the session they are visible to
the user. So that should be avoided... Been thinking about encrypting the
variabels, but cant find default vb code to encrypt the data. Actualy i don't
want to send any info at all...
I need users to login to my site. so now i have a login page. Users enter their username and pasword and then gets redirected to another page.
The address bar at the top changes to the new page. Is there a way that this can be prevented? Because after someone logs in once, and get that address, they can use it as a "shortcut" and get into the site without logging in at a later stage.
And then, once a user is logged in, they can fill in all forms and it would automatically add which user completed the form. Instead of re-entering their name / special code. Sort of like a datestamp but with the login details?