ASP Cookies
Programmer, Darpac Inc.
ASP Cookies
Cookies are a powerful tool in ASP. You can use these to track a state or information on the client side. You can use cookies to track a user, save information on the client side or even simple authentication.
Setting a cookie:
Response.Cookies(nameofcookie) = somevalue
There are also 4 properties that can be set. These are Domain, Expires, Path and Secure.
-
Domain: This is the domain that the cookie is associated with. If no domain is entered the domain of the current page will be used. -
Expires: This is the date/time the cookie will expire. If none is set the cookie will be destroyed when the user closes his/her browser. -
Path: Much like the domain property, the path is where the cookie came from. If none is specified it will use the path of the page that it was created on. -
Secure: This is a TRUE or FALSE setting. If set to TRUE then the client will be required to be in secure mode (https) to return the cookie.
Setting a cookie property:
Response.Cookies(nameofcookie).Property = somevalue Example: Using a cookie for a simple login.
File: login.htm
<HTML>
<TITLE>Login</TITLE>
<BODY>
<FORM method="POST" action="login.asp">
Password: <input TYPE="PASSWORD" NAME ="PASSWORD">
<input TYPE="SUBMIT" VALUE="Login">
</FORM>
</BODY>
</HTML> Once we have the password we call the ASP script that will validate then set cookies if valid.
File: login.asp
<%@ LANGUAGE="VBSCRIPT" %>
<%
'Get the password from the last form.
PASSWORD = Request.form("PASSWORD")
If PASSWORD = "secretpassword" then
'Here we know that the user knows the password. We then
'create a cookie called "CDemo and set the value to
'"verified".
Response.Cookies ("CDemo") = "Verified"
'Now lets send them to the password protected page!
'Try bookmarking the page then go right to it without
'logging in.
'Note: You will need to set this path to go to your
'server/dir.
'Note: When using a redirect you can NOT print any headers
'to the screen.
'This means no <HTML> tags.
Response.Redirect("http://localhost/menu.asp")
Else
'Write out a little message to the user.
Response.Write "<CENTER><B>INVALID PASSWORD!</B></CENTER>"
End if
%> The user has logged on and the cookie is set. Now for the protected page.
File: menu.asp
<HTML>
<TITLE>Members Area</TITLE>
<BODY>
<%@ LANGUAGE="VBSCRIPT" %>
<% ' Check the client cookies to see if they have access. %>
<% UserVer = Request.Cookies ("CDemo") %>
<% if Request.Cookies ("CDemo") = "Verified" then %>
<CENTER>Welcome back member!</CENTER>
<BR><BR>Put any HTML here that you would like to have the 'members' see/use.
<% else %>
<% 'The cookie was invalid or not set. Hacker?! %>
<CENTER> <BR>
<B>We see that you are not member or have not logged
in!</B></CENTER>
<BR>
<% end if %>
</BODY>
</HTML>
What is another good use for cookies? Allowing customers to "customize" the web site to look as they want it. Give it a try!