Session With Cookies Disabled?
I am using a couple of session variables in my site. From what I can figure
out, session information is stored on the users computer in a cookie -
If the user has cookies disabled, do session variables still work - just
without the option of setting the Timeout property, as I'm assuming?
View Complete Forum Thread with Replies
See Related Forum Messages: Follow the Links Below to View Complete Thread
VBScript Session() And Cookies Disabled
I am encountering errors with some legacy asp scripts. The erorr returned when accessing these pages is: Error Type: (0x80004005) Unspecified error and occurrs when cookies are disabled on the client's browser. Note, if cookies are enabled but no cookie exists, the script does not die, it is only when cookies are completely disabled. Code:
How Do You Make Asp Sessions Work If Cookies Are Completely Disabled?
As I understand it IE stores the session id in a cookie on the user machine. This identifies the session between pages. If cookies are disabled then session variables don't work... Is it possible to pass the session id between pages by posting them etc, and manually force the session id on each page.
Cookies And Session
Can cookies or session can be set to expired after the page closed, or page being refresh, or new uRL are enter to it?
Cookies , Session Which Is Better?
I need some help regarding cookies and session objects and also global.asa file I am creating one cookie when a user logs in on my website. The cookie stores the login name of the user. I want that cookie should get deleted when user closes the browser without signing out. I think it is done in global.asa file . But i don;t know how to do it? Please Explain me the working of global.asa file. Also If I am creating a cookie and other site is also creating a cookie of same name then does this will create a problem?. which is safe and better .. creating cookies or creating session variables.
Session Cookies
I narrowed down with the shopping cart system on my site to the fact that session cookies are not enabled (or being allowed) in IE on some browsers... I guess the default setting is "Automatic Cookie Handling" it says that it uses P3P(W3C standard) to determine what cookies should be allowed and what should not... what is the criteria to allow or block the acceptance of the cookie? I guess I will have to modify the site accordingly? Also what about older browsers... I need to be able to user session variables on the site.. obviously if users disables cookies all together it will not work.. but it should allow for session cookies to be used.. no?
ServerXMLHTTP, Session And Cookies
I try to use ServerXMLHTTP object to get the session infomation from a remote webpage, but it always returns nothing. the follwoing is my code: *local.asp* url = "http://domain/remote.asp" set xmlhttp = Server.CreateObject("MSXML2.ServerXMLHTTP") xmlhttp.open "GET", url, false xmlhttp.send "" Response.write xmlhttp.responseText set xmlhttp = nothing *remote.asp* bLogin = Session("login") sUserName = Request.Cookies("username") Response.Write(nUserID & " " & sUserName) although the session and cookie are not blank, but I cannot received any info.
Session Cookies Disappear!
I recently discovered that my session cookies on the web host disappear within 30 seconds. I created some very simple asp scripts (it took me a while until I discovered why my shopping cart acts very weird...) to check the session cookies. On one asp page I set up cookies: setcookie.asp <% Session("TransactionID") = 15 Session("CustomerID") = 1 %> and on readcookie.asp <% response.write "Session(""TransactionID"")=" & Session("TransactionID") & "<br>" response.write "Session(""CustomerID"")=" & Session("CustomerID") & "<br>" %> The same asp pages run on my XP Pro show that the session cookies don't expire as long as I close the browser, while on the remote web server, if I do a refresh on readcookie.asp after 30 seconds, they are gone. I run ASP on the server and all I know is that it is a Plesk server. No idea if it actually a Linux server or a Windows one... Do I have to setup expiry time or something for session cookies?
Session Management With Cookies
we are having a form where i can add products to my cart. so the user here can go on to no of pages giving details like no of products . i am using cookies for mantaining the session information like no of productds, product name, item price etc. now after all these process a page will apear where there wil be a button called "Pay Now". When the user clicks this button i should be able to clear all the cookies that are stored in the client side....
Using Cookies & Session Vars In Asp
I'm involved in quite a large project which has a slightly unusual form of login (at least I think it's unusual!). I'm creating a site in ASP (actually Chilisoft ASP) where access to all pages has to be secured via login. The odd bit is that while the login page will be on this site, the login process itself will be carried out on a completely separate domain - this is the client's requirement so I have no choice. On login, the user will be assigned a 24 hour cookie by this 2nd domain and then be passed back to the site I'm involved with. My site then needs to assign a similar cookie (I'm assming that I won't be able to read the other domain's cookie) and allow access to the site for 24 hours. I'm wondering if it's most efficient to assign a session variable to indicate the user is logged in once my cookie has been generated (rather than have every page check for a cookie again) and on subsequent sessions during the 24 hour period to 1st check for session var, then the cookie and then, if cookie exists, to assign the session variable again.
Session Variables And Cookies
We've just started getting a weird (and serious) problem with our ecommerce website. Customers are logging in, which sets a session variable to their username (retrieved from the db). Then for no apparent reason at all, they'll be asked to login again a couple of minutes later. e.g. Customer logs in, gets told they've logged in successfully, and they can access pages that require them to be logged in. Then, for example, they go to their 'My Account' page and are able to view it with no problems...simply refreshing the page a few times suddenly brings them back to the login page. Then a few more clicks on the 'My Account' button (without logging in a second time) and they're able to view it again. It's really strange, it's as though the server loses track of the session for a moment, and then finds it again. We're also getting problems with the shopping cart cookie that can display different quantities in the 'View Cart' page at different times without the customer actually changing the cart contents. Even after the customer completes an order and the cart contents are destroyed, the 'View Cart' page can continue to display the items they just purchased when it should be saying 'Your cart is empty'. Given that we're having problems with both the cart cookie AND the login session variable (which also uses a cookie), and I'm almost 100% certain I've not touched any code that could interfere with either of these, I'm guessing that this is probably a problem with our ISP's web server but I'm not really sure. I really just want to see what you all think - if you think it's server related then I'll stop tearing my hair out going through all my code to see if it's our problem.
How To Send Session Cookies
Anyone know how to send ASP Session cookies like the following: 'Set-Cookie: ASPSESSIONIDCSBRSDCT=IOLJEPNDANEDGDFGPEKLNGEA; path=/' using WinInet?
Stylesheet Switching, Session/cookies
Code: <% Dim currentDesign, tempCSS currentDesign = "default.css" tempCSS = Request.QueryString("cssfile") If tempCSS <> "" Then currentDesign = tempCSS %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"> <html> <head> <title>West Cheshire College</title> <link rel="stylesheet" type="text/css" href="<%=currentDesign%>" title="default" media="screen" /> </head> <body> <div class="content">chaaaaaaaaannnnnnnnggggggggeeee</div> <p> <a href="default.asp?cssfile=bluetext.css">Change Style</a> </body> </html> So I have the two style sheets, default and blue text...the asp switches the style sheets around. What I need now is for the var to be remembered...any suggestions?
Are Session Variables More Secure Then Cookies?
Are session variables more secure then cookies? Session cookies (cookies with no expiration) are destroyed when the browser is destroyed. Session variables are destroyed when the browser is destroyed OR after a time period. So, in that way, they are secure from the data persisting on the client. However, while they are in use, can cookies and/or session variables be made secure without encryption? How much more secure are session variables than cookies?
Session Variables And Cookies Breaking
The login state in my site relies on a combination of session variables and encrypted cookies. Some of my users are reporting that they are being "logged out" by the system - which seems to be related to their cookies being blanked out. I've checked all of the code and now that it's not being overwritten by my ASP. The weird thing is that my site has two domain names, both pointing to the same pages and directories (no redirect). If this problem is happening to them and they switch to the other domain name and log back into the site, they stay logged in no problem. It also seems to not recur if the person is "logged out" and then logs back into the site on their own. I had one problem like this in the past, because I had a tracking cookie that was being written on every page, and found that some browsers (don't remember which) had a limit of how many cookies could be written - and when they hit the limit the oldest cookie was tossed out. However, I don't have any code doing this now. Anybody have any ideas what could be going on? Are there any session variable/cookie limits on the server side?
Display Session Objects, Cookies From App On Other Server
I'm writing a reporting application in ASP. I want to have links to a CF app - specifically VeriSign's eCommerce Manager (on VeriSign's server). The links in my app will need current values for CFID and CFTOKEN in their HREFs - I think these are cookies or session objects the VeriSign/CF app sets once logged in, they appear on the url. Assume user has logged into VeriSign manager before my app.
ASP Session/Cookies, Help To Protect Page From Non Users
ASP Session/Cookies, Help to Protect Page from Non users I am a beginner and very urgently need some help I have created a asp page, that takes in a username and password and validates it as follows and then if true continues to the pages requested. Code: 'Read in the password for the user from the database If (((Request.Form("txtUser")) = rsCheckUser("User_pass")) and (rsCheckUser("User_lev") = 1) ) Then 'If rsCheckUser("User_level") = 1 Then 'THE ABOVE CHECKS THE INFO IS CORRECT AND IT REDIRECTS TO THE PAGE BELOW and Session=True 'If the password is correct then set the session variable to True Session("blnIsUserGood") = "True" 'Redirect to the authorised user page and send the users name Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & "" 'Close Objects before redirecting Set adoCon = Nothing Set strCon = Nothing Set rsCheckUser = Nothing End If Now this code takes you to page :Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & "" Which is something like /project/user_self_update_form.asp?ID=1 Since after the login you do to this, you are allowed to see this page. But The page user_self_update_form.asp?ID= can also be access if you just put the link on the browser. Lets say i log in as ID 2, and just change the ID to 3 on the address bar in the browser, i will log into someone elses page. How to i block this from random access and only the SPECIFIC USER? Code for user_self_update_form.asp (the protected page unless you are logged it): The Session = False part just does not work here, so if you get this link of someone, you can just get it, and you are not redirected. <% 'If the session variable is False or does not exsist then redirect the user to the unauthorised user page If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) = True then 'Redirect to unathorised user page Response.Redirect"unauthorised_user_page.htm" End If %> <% 'Dimension variables Dim adoCon 'Holds the Database Connection Object Dim rsGuestbook 'Holds the recordset for the record to be updated Dim strSQL 'Holds the SQL query for the database Dim lngRecordNo 'Holds the record number to be updated 'Read in the record number to be updated lngRecordNo = CLng(Request.QueryString("ID")) and all the other protected into here:
Username/Password Form And Session Cookies
I am new to asp. I am trying to setup a log-in screen and am having trouble figuring out how to set the session cookie. I found the bit of code below, and it works if I enter a specific 'email' and 'password' into the "if" statement, however we have multiple users logging into the section. How can I set it up so that if the form is successfully submitted using any of the multiple email/password combos then it creates the session? Example found... <% Username=Request.Form("email") Password=Request.Form("Password") If email="emailaddress" AND Password="password" Then Session("Loggedin")=True End If %>
Accept /decline Page - Session Cookies
I need help with setting up a page where the viewer has to accept terms before they can access the rest of the website. The page will have a bit of text explaining why they need to accept oor decline the terms and then have 2 buttons. ie. accept or decline. What I need to be able to do is set this up so that if the viewer tries to bypass the accept/ decline page they will get re-directed to it. If they have clicked the accept button then they can view anywhere on the site. I understand that 'sessions' in IIS don't actually close until about 20 mins after the user has left the site and can live with that. But if they come back the next day they must go through the accept/decline page to get into the site. It doesn't have to have usernames or password, they just have to accept. I understand that you set up several pages to do this, i.e. the accept/decline page, a 'checkterms' page (which sets the session cookie?) and then some code on every other page on the site to check for the presence of the session cookie and let you view if it is there. If not, redirects you to the Accept/Decline page. The problem I have is I don't know what code to write and where to put it into the page.
Session Cookies - Detecting Specific User-agent/IP?
I'm new to using session cookies and need just a bit of help. On the introduction page to my project, I'm setting: <%@ Language=VBScript %> <% response.cookies("user")="authenticated" %> Then, on subsequent pages, I'm checking for the cookie, and redirecting if it's not there: <%@ Language=VBScript %> <% If NOT request.cookies("user") = "authenticated" Then response.redirect "http://somepage" End If %> What I need to do is incorporate an ignore element (by user-agent or IP) into where it checks for the cookie. For instance, if a user has an IP of 127.0.0.1, it ignores whether they have the cookie or not and lets them view the page. The reason I'm doing this is I have a search engine that's crawling the site and it doesn't always go through the front page - therefore, it's getting redirected on most of the pages it sees. So what I'd like to do is have the script see that user-agent or IP, then ignore the cookie requirement. Is that possible?
Setting Session Variables In Cookies For Personalized Content
I have these 3 tabs that I want the user to be able to select, a variable to be set, and then each page they visit in the site to read that variable and subsequently display content based on the variable that is set. So, Sheridan tab sees "Sheridan" variable content, Gillette sees "Gillette" variable content, etc.....
Disabled Or Not Disabled
I have a quick question. I have a form loading up, within this update form I have a few fields disabled: ex: <input type="text" name=record value = "<%=record %> " disabled>. when I submit this file to asp for updating, it goes to the next page but it does not allow the updates of the disabled fields to come through. How can I get pass that other than using a session variable.
Get The Value Of A Disabled Listbox
I found out that I can't get the value of a disabled field with Request("myField"). An alternative could be 'readonly', but my field, that is a listbox <select>, doesn't have this attribute.
Disabled Textboxes
The input forms are created using FORMMANGER of MS Visual Interdev 6.0(ASP Code). The forms containing textboxes and bottons (with disable property) are shown correctly in IE5. But when same forms are viewed in IE6 the disabled textboxes and buttons are shown distorted.
Getting The Value Of A Disabled <select> Control
I'm trying (without any success) to get the value of a disabled select control. From reviewing: http://www.w3.org/TR/html401/intera...l#adef-disabled It doesn't sound like it's going to be possible directly. I'm thinking that I can get around it by enabling the select control during some javascript that gets executed during the submit.
Creating Cookies In Global.asa Session_OnStart But Cannot Read Cookies On Subsequent Pages.
In my Session_OnStart in Global.asa, I am setting some cookies. One of them, I set as follows: dim UserID UserID = Request.ServerVariables("LOGON_USER") Response.Cookies("User")("ID") = UCASE(UserID) When I immediately log the cookie value retrieved from Request.Cookies("User")("ID") into the Windows Event Log, I get the correct value. However, when I try to retrieve the cookie on the home page of my application using the same code, Request.Cookies("User")("ID"), it either cannot find the cookie or cannot read the value. I am retrieving the cookie before all HTML headers are written. It is my first statement on the page after Option Explicit. I have even compared the session IDs. The SessionID created in the Session_OnStart is the same value as the SessionID on the home page. I have read that the Session_OnStart only has access to the Application, Session and Request objects. It does not explicitly say that it does not have access to the Response object. Also, I was even able to use Response.Write's in Global.asa to print out the values although it looked like it had also stopped the session after I did so. Cookies are definitely enabled on my machine. I have even tried setting the session cookie's expiration to be persistent for a few days to see if it was perhaps expiring before I was able to read it but this did not work either. Is there something preventing cookies to be created in Global.asa in the Session_OnStart sub? Is the Response object not available??? Please let me know if anyone else has had this problem or solution.
Readonly Versus Disabled Attributes
what's the differences between readonly and disabled attribute? When I do the post, it couldn't get both values <%= fname %>. any ideas? <input type="text" name="fname" value="Joe" readOnly> <input type="text" name="fname" value="Joe" disabled>
Detect If Users Have Disabled Javascript In Their Browser By Using ASP
And recently i have just encountered a problem. The problem's that how we can find out if users have disabled their browser's javascript support ability. Most of my visitors are using Internet Explorer. so it means thier browser can already support Javascript. but when they disable javascript, is there anyway we can detect that in ASP?
Creating Cookies File And Stored In Cookies Folder
I m creating a cookies in my application and it work properly but i can't see the cookies where it will sotred i checked the cookies folder but i didn't find that I want to create a cookies file as the other web site create and store where other cookies will stored in Cookies folder or Temprory Internet files folder eg:1. arvind@google.co[1].txt this stored in cookies folder 2. arvind@msn[2].txt ....
Get Data From Previous Page And Display It As Before But With Disabled Mode.
how can i get the data submitted by the previous form using " for each x in Request.Form " and display them same as the the previous form before and the only different is tat this time the all the data in this form is being disabled. (the data may consists from text box, combo box, radio button, etc.) . just wondering is there any way to perfrom like this..
Error: CDONTS.NewMail.1 (0x80020009) Component Is Disabled.
I have just inherited a web site with ASP coding. There is a contact form that when submitted sends an e-mail to the administrator. The site was on a Windows server and is now on a Apache *nix server using Sun ONE ASP. I've included the code and error I am receiving. Some suggestions/directions would be much appreciated. I also have included the original error and line of code I changed it from in case it was necessary? ERROR 1 CDONTS.NewMail.1 (0x80020009) Component is disabled /thankyou.asp, line 61 Code:.....
Problem In Detecting Whether The Cookie Is Enabled/disabled At Client Browser
I am writing an application in ASP which needs to decide at server side while the ASP code is executing whether the cookie is enabled/disabled at the client browser or not. I do got the code which runs accurately when the IP Address is given of the server. It does not work when I access the web server(local development server) by it's name. Please note that the code below sometimes does not work even when the IP Address was given to access the web site. The code snippet is as under:-
Accessing ASP Session From ASP.NET Via Session Cookie
I have a site that I'm trying to migrate to ASP.NET from ASP, and the foremost stumbling block I'm hitting is session state between the ASP and ASP.NET applications. In order to access this information, I'm doing a HttpWebRequest from the ASP.NET side into an .asp page, passing the session name on the get in order to request it from the ASP side and write it back to the response stream, giving ASP.NET access to it. Of course I change sessions each time I make the call from the ASP.NET side. Soooooo, I'm thinking to myself, "Self, shouldn't you be able to fake out the server by getting the session cookie from the initial usage of the asp, pass that data to the ASP.NET, and use that to send a request back the ASP side under the appropriate session?" From a real high level, I enter the site via a .asp page. This page in turn calls .aspx page from within a frame ......
Tracking Session Variables From Outside The Session
I want to create an administration page which lists all the current users who are on the site at the moment. I know coldfusion has this feature built in using the SessionTracker class... does ASP have something similar? If not... is there any way I can just iterate through all the session files on the server...?
Cookies
I've added a cookie and I am able to read it when using the same window but if I load up a new window and try to access it, it can't find the cookie. Any one know why?
Cookies?
I am creating a user tracking app that tracks a user one of two ways... 1)First Method is cookies 2)Second Method MS SQL DB I first check if the users browser accepts cookies if not I go to the db. If the user accepts cookies then I check for a specific crumb if it does not have the value I am looking for I kill it and rewrite it. This is working fine (im in the middle of testing it). The problem is I decieded to test the script with NN7 and not turn cookies off but block cookies from my site and all fell apart. The condition that I have set (detect if cookies are enabled) does not stop the script from trying to set a Session Variable because the browser accepts cookies and to keep a long story short it goes into an infinite loop because the script is looking for a Session value and Its not being stopped becaues the script thinks its alright to write cookies! Is there a way to detect if a user has your sites cookies blocked? This is important because Server.CreateObject("MSWC.BrowserType") will return .Cookies = True and you will not know that your script is not executing properly because a user has your sites cookies blocked but excepts them elsewhere...
Should We Use Cookies??
After a login we have a menu from where we have access to different operations such as add ,delete,update.. but if a user enters the appropriate URL he has access to these operations with out proper authorization.how do we solve this. should we use cookies,if so how exactly?
Log-in Cookies
I've built a website which requires a user to log-in to access the site. I have already built a page that enters their details into a db (register.asp), and another page where the user enters their email address (the log-in ID) to actually log-in (login.asp). How can I use a cookie to automatically log a user in?? More specifically, what are the commands to set a cookie (upon successful registration) and access it (upon re-logging in)?
Using Cookies
Hey i've spent the last few hours trying to work this problem out about cookies. When a user logs in to the site the login.asp page checks the database to see the personal page that the user re directs to e.g if bob brown logged in he would be redirected to bob.brown.asp. This is stored in a field in the database table along with the username and password. i would like to put a cookie onto the users computer that remembers the url they were redirected to so when they press the main page button it would look for the cookie and see what url they are meant to be redirected to and take them there My current login system is this ....
Getting Cookies
I'm trying to load up a page through my asp page and get the cookie from that page so that I can use it later on when it needs to have it to access other parts of the site. Basically the asp page is going to act like a browser and store the cookie from the other site, then send that cookie back when the asp page goes back to the other site again. The problem is, I can only seem to access my own cookie. I didn't run into this problem when I was doing a similar thing inside my .cs scripts that were run by the server, as I suppose they were not coming from the actual domain that my page is running on (and thus, wasn't getting everything trampled by local cookies). Is this possible, or should I just give up on it now?
Using Cookies - Best Way To Do This?
im building a site for a few doctors surgeries. the user is able to see what appointments are available and then book that date/time. i have a table (in my db) of dates/times and a checkbox to say whether the time has been booked or not (and display only times that havnt been booked). i was going to have the user add the time to a "cart" and then check the "booked" checkbox in my db when theyve paid for that appointment. but if i have lots of people looking at the site at the same time, then they may be able to see times that are just about to be booked. i think a better way is to have the date/time stuffed into a cookie which expires after 5 minutes. so when a user adds a time to their "cart", it will say something like: "this time will expire in 5 minutes until you book it or re-add it to your cart". does that make sense? how can i do this with server-cide cookies (im using jscript)? can anyone think of a better way to do this?
Cookies
trying to delete a cookie, without success it seems. The following code to delete and check a cookie produces "yes" where I expected "no" Anyone tell me how to delete a cookie if this code is wrong. response.cookies("savedforum").expires = date - 1 if request.cookies("savedforum").haskeys then response.write "yes" else response.write "no"
Cookies
I have the code below which I know it is wrong where the cookies come in. I am trying to write the values collected from a database into cookies. However I am having difficulty trying to figure out how to write rows of cookies with different values. This may be a little difficult to explain - see the following code:
|
TRACKER
