When something doesn't work, disable error skipping stuff like "on error resume next" which just tend to cover up the problems, sweeping them under the rug as it were...
Echo important variables as you go along to make sure they are getting set as you expect: what is the "query" variable, is it the string you are expecting?
Response.Write "inside Database Recordset Loop, query has a value of" & query & "<br />" & VbCrLf
If not, echo each of the three pieces and see if one or more is not getting passed from the form.
1.Want to expire or time out asp pages and have them automatically log user out and clear all sessions.
2. Log out gracefully.My current logout is a 2 step process that click logout on the menu, then the user get a message
that they need to either choose to log in again or close browser.I do have a simple Session.Abandon and a prayer that they don't use the BACK button.If the user does use the back button,everything is back like they never even logged out.
Now when some one click on the page and go to page 2 and then click browser back button to come back to page 1, i want the page to expire. I want the user to click the link from page 2 to go back to page 1 and not the browser back button. IT is not happening.
i am making a quiz program. User answers a question, clicks next, and new question aperas. i want that user cannot answer one question twice. but user can click browser back button to go back and re-answer the previous question. I want that user, cannot go on the previous page.
the username field must have the last user who connected ( saved using cookie) When i press the "cancel " botton of the form this username should disappear and appear again once i close and open the browser again
Please need your help in writing the cookies code to enter the user automaticly to the comments page with out login if he entered before to the site...
these are the code i wrote but now i need the cookies code to vlaideat if the user enterd before or not (if yes, redirect him to the comments page otherwoise let him login in)
ASP Session/Cookies, Help to Protect Page from Non users I am a beginner and very urgently need some help
I have created a asp page, that takes in a username and password and validates it as follows and then if true continues to the pages requested.
Code:
'Read in the password for the user from the database If (((Request.Form("txtUser")) = rsCheckUser("User_pass")) and (rsCheckUser("User_lev") = 1) ) Then 'If rsCheckUser("User_level") = 1 Then 'THE ABOVE CHECKS THE INFO IS CORRECT AND IT REDIRECTS TO THE PAGE BELOW and Session=True
'If the password is correct then set the session variable to True Session("blnIsUserGood") = "True"
'Redirect to the authorised user page and send the users name Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
'Close Objects before redirecting Set adoCon = Nothing Set strCon = Nothing Set rsCheckUser = Nothing
End If
Now this code takes you to page :Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & "" Which is something like /project/user_self_update_form.asp?ID=1
Since after the login you do to this, you are allowed to see this page.
But The page user_self_update_form.asp?ID= can also be access if you just put the link on the browser. Lets say i log in as ID 2, and just change the ID to 3 on the address bar in the browser, i will log into someone elses page.
How to i block this from random access and only the SPECIFIC USER?
Code for user_self_update_form.asp (the protected page unless you are logged it): The Session = False part just does not work here, so if you get this link of someone, you can just get it, and you are not redirected.
<% 'If the session variable is False or does not exsist then redirect the user to the unauthorised user page If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) = True then 'Redirect to unathorised user page Response.Redirect"unauthorised_user_page.htm" End If %>
<% 'Dimension variables Dim adoCon 'Holds the Database Connection Object Dim rsGuestbook 'Holds the recordset for the record to be updated Dim strSQL 'Holds the SQL query for the database Dim lngRecordNo 'Holds the record number to be updated 'Read in the record number to be updated lngRecordNo = CLng(Request.QueryString("ID"))
I need help with setting up a page where the viewer has to accept terms before they can access the rest of the website.
The page will have a bit of text explaining why they need to accept oor decline the terms and then have 2 buttons. ie. accept or decline.
What I need to be able to do is set this up so that if the viewer tries to bypass the accept/ decline page they will get re-directed to it. If they have clicked the accept button then they can view anywhere on the site.
I understand that 'sessions' in IIS don't actually close until about 20 mins after the user has left the site and can live with that. But if they come back the next day they must go through the accept/decline page to get into the site. It doesn't have to have usernames or password, they just have to accept.
I understand that you set up several pages to do this, i.e. the accept/decline page, a 'checkterms' page (which sets the session cookie?) and then some code on every other page on the site to check for the presence of the session cookie and let you view if it is there. If not, redirects you to the Accept/Decline page.
The problem I have is I don't know what code to write and where to put it into the page.
I have a form which sibmits data to another page. Trouble is when the user refreshes the page it resubmits all the data again. Is there anyway to expire the page immediatly so this cant happen?
When I set a session to expiry in say 20 minutes, the session will only last about a minute. I looked at pretty much everything, but can not find the reason Code used to set sessions: Code:
Why doesn't Session_OnEnd detect when the user closes the browser window. I have a .log file where i record the user information when he clicks logout button. But when the user closes the window, my code does not record the log. It looks like the Session_OnEnd is not fired atall.
I did google on this and found solution's using Javascript. Is there a way to resolve this issue other than using some client-side like Javascript. Isn't there any Vbscript to do this.
I have added this like of code I found on an ASP book:
<% Session.Timeout = 30 %>
My understanding of this code is that if the user leaves the page on idle for more than 30 minutes, it will automatically close the session, and if they decide to continue using the site, then it will automatically send them to the login page so that they can log on again. Is that right? Code:
In my Session_OnStart in Global.asa, I am setting some cookies. One of them, I set as follows:
dim UserID UserID = Request.ServerVariables("LOGON_USER") Response.Cookies("User")("ID") = UCASE(UserID)
When I immediately log the cookie value retrieved from Request.Cookies("User")("ID") into the Windows Event Log, I get the correct value. However, when I try to retrieve the cookie on the home page of my application using the same code,
Request.Cookies("User")("ID"), it either cannot find the cookie or cannot read the value. I am retrieving the cookie before all HTML headers are written. It is my first statement on the page after Option Explicit. I have even compared the session IDs. The SessionID created in the Session_OnStart is the same value as the SessionID on the home page.
I have read that the Session_OnStart only has access to the Application, Session and Request objects. It does not explicitly say that it does not have access to the Response object. Also, I was even able to use Response.Write's in Global.asa to print out the values although it looked like it had also stopped the session after I did so. Cookies are definitely enabled on my machine. I have even tried setting the session cookie's expiration to be persistent for a few days to see if it was perhaps expiring before I was able to read it but this did not work either.
Is there something preventing cookies to be created in Global.asa in the Session_OnStart sub? Is the Response object not available??? Please let me know if anyone else has had this problem or solution.
If I start a session on our web app then close all browsers, I expect that the session cookie would be deleted and that the session itself would exist until it expired. I then start a new instance of the browser expecting to get a new session id and a new session, but instead I reconnect to the unexpired session. Does anyone know why the session cookie is persisting despite the closure of all the IE windows?
This is a strange thing. My Session object is expiring when the page is refreshed.This is happening in just one partiular page. Rest of the pages are working fine
I have a password protected website. I save the user's permission information in a session variable. I'm trying to extend the life of the session variable beyond 20 minutes, but it's not working. At first I tried putting the code in the global.asa file, but when that didn't work, I put it at the top of the page.
Session.Timeout=60
When I refresh the page after 30 minutes, the session variable has expired.
I recently moved an application from W2K / IIS5 to W2K3 / IIS6.
In the new environment user sessions expire after 2-3 minutes? I can't find any solution to this, although I found quite a few references to this problem on the web.
I am using TinyMCE WYSWIG editor in a CMS built in ASP. Now whenever I try to insert an Image Into the WYSWIG editor, the Session variable used in the Page is getting Expired. can someone tell me how this can be solved.
Is it possible for a user to enable permanent cookies but disable session cookies.....this seems like a contradition yet this is what I appear to be reading in online articles?
I m creating a cookies in my application and it work properly but i can't see the cookies where it will sotred i checked the cookies folder but i didn't find that I want to create a cookies file as the other web site create and store where other cookies will stored in Cookies folder or Temprory Internet files folder eg:1. arvind@google.co[1].txt this stored in cookies folder 2. arvind@msn[2].txt ....
I've added a cookie and I am able to read it when using the same window but if I load up a new window and try to access it, it can't find the cookie. Any one know why?
I am creating a user tracking app that tracks a user one of two ways...
1)First Method is cookies 2)Second Method MS SQL DB
I first check if the users browser accepts cookies if not I go to the db. If the user accepts cookies then I check for a specific crumb if it does not have the value I am looking for I kill it and rewrite it. This is working fine (im in the middle of testing it). The problem is I decieded to test the script with NN7 and not turn cookies off but block cookies from my site and all fell apart. The condition that I have set (detect if cookies are enabled) does not stop the script from trying to set a Session Variable because the browser accepts cookies and to keep a long story short it goes into an infinite loop because the script is looking for a Session value and Its not being stopped becaues the script thinks its alright to write cookies! Is there a way to detect if a user has your sites cookies blocked? This is important because Server.CreateObject("MSWC.BrowserType") will return .Cookies = True and you will not know that your script is not executing properly because a user has your sites cookies blocked but excepts them elsewhere...
After a login we have a menu from where we have access to different operations such as add ,delete,update.. but if a user enters the appropriate URL he has access to these operations with out proper authorization.how do we solve this.
I've built a website which requires a user to log-in to access the site. I have already built a page that enters their details into a db (register.asp), and another page where the user enters their email address (the log-in ID) to actually log-in (login.asp).
How can I use a cookie to automatically log a user in??
More specifically, what are the commands to set a cookie (upon successful registration) and access it (upon re-logging in)?
Hey i've spent the last few hours trying to work this problem out about cookies.
When a user logs in to the site the login.asp page checks the database to see the personal page that the user re directs to e.g if bob brown logged in he would be redirected to bob.brown.asp. This is stored in a field in the database table along with the username and password.
i would like to put a cookie onto the users computer that remembers the url they were redirected to so when they press the main page button it would look for the cookie and see what url they are meant to be redirected to and take them there
I'm trying to load up a page through my asp page and get the cookie from that page so that I can use it later on when it needs to have it to access other parts of the site.
Basically the asp page is going to act like a browser and store the cookie from the other site, then send that cookie back when the asp page goes back to the other site again.
The problem is, I can only seem to access my own cookie. I didn't run into this problem when I was doing a similar thing inside my .cs scripts that were run by the server, as I suppose they were not coming from the actual domain that my page is running on (and thus, wasn't getting everything trampled by local cookies).
Is this possible, or should I just give up on it now?
im building a site for a few doctors surgeries. the user is able to see what appointments are available and then book that date/time. i have a table (in my db) of dates/times and a checkbox to say whether the time has been booked or not (and display only times that havnt been booked). i was going to have the user add the time to a "cart" and then check the "booked" checkbox in my db when theyve paid for that appointment. but if i have lots of people looking at the site at the same time, then they may be able to see times that are just about to be booked. i think a better way is to have the date/time stuffed into a cookie which expires after 5 minutes. so when a user adds a time to their "cart", it will say something like: "this time will expire in 5 minutes until you book it or re-add it to your cart". does that make sense? how can i do this with server-cide cookies (im using jscript)? can anyone think of a better way to do this?
I have the code below which I know it is wrong where the cookies come in. I am trying to write the values collected from a database into cookies. However I am having difficulty trying to figure out how to write rows of cookies with different values. This may be a little difficult to explain - see the following code:
