"divya" <divya_sanam@yahoo.comwrote in message
news:1160746045.284552.50170@m73g2000cwd.googlegro ups.com...
Quote:
Thank you Mike, Anthony, Dave for the solutions.I used the session
variables method.
Just before entering the Edit.asp I initialized the variable
Session("Entered")=True
now when user clicks on EDIT I chk for the Session("Entered") and if
its true update the record and do Session.Abandon .
session.Abandon removes the session variables destroys that session.
Few observations I made while practicing session variables :-
1.The session id remains the same when I write response.write
session.sessionid before and after session.abandon.
>
response.write session.SessionId
session.Abandon
response.write session.SessionId
>
but now when I refresh the page the sessionid changes.
>
Session.Abandon marks the session as abandoned. The Session object will be
destroyed once the currently running script completes. Hence you can still
use the session object after an abandon in the script but any changes etc
will be lost as soon as the request is completed.
Quote:
2.Is there a way by which instead of closing the whole session using
session.abandon which removes all the session variables,I free only few
session variables which I know are not needed after a point??
>
As Evertjan points out use Session.Remove to destroy the marker you are
using rather than the session object as a whole
Quote:
3.When I say open in new window,the session id remains same for both
the windows.
My understanding:- I think this happens because the session id is
appended at the end of the URL when its sent to the server.Not sure
>
A the SessionID is sent returned as a temporary cookie rooted at the
application path. Hence any requests to pages and files within you
application will receive this ID cookie in the http headers. ASP can use
this cookie to look up and install the correct session object into the
script context for the ASP page.
A new window will not launch a new browser process just creates a new window
in the existing process. Hence any temporary cookies installed in the
process will be sent as appropriate in any requests generated by this new
window.
Quote:
4.assuming that there are no session variables used in any of the
pages, still Is the session id assigned to a user when he requests for
a page ??When does a session start??Is it when a session variable is
defined or when a user requests the server for a ASP page or a Static
Html page ?
>
When the first ASP request is made. Regardless of whether the ASP page make
use of the session object the script processor needs to create one to put
into the context in case it is needed.
Quote:
5. When a Isapi filter like cookie munger is used ,b4 sending an ASP
page to client it parses the HTML for hyperlinks and at the end of the
hyperlink URL adds the synthesized
Session id for the client.Is this added the same way a querystring is
added to URL" ?..."
Might be the synthesized Sessionid looks like something which a client
who accpets cookies sends to server ,but in this case is calculated by
Cookie Munger and added to all the hyperlinks present in the ASP page.
>
This sounds like a filter designed to make ASP work with browsers that
aggressively reject any form of cookie. The cookie munger is tracking at
least the Set-Cookies of ASPSessionXXXXX and adding them to the querystrings
of links, src, hrefs it finds in the outgoing response and any subsequent
responses.
When it sees these querystring entries on a request it extracts them and
creates the appropriate cookie headers in the response before passing the
request on. Hence ASP sees what it expects even though the client has
disallowed cookies.
Quote:
>
>
Dave Anderson wrote:
Quote:
divya wrote:
Quote:
I have a page name edit.asp which should expire immediately .The user
cannot open this page directly he has to provide a password for
entering this page.thus when the user enters edit.asp , it has a
button EDIT ,which when user clicks directs him to another page
(done.asp). Now the problem is that from this page (done.asp) if he
clicks on the back button on the toolbar then edit.asp opens.But I
don't want it to open It should show page has expired .Because he is
entering without providing password and can also edit the record
second time by hitting EDIT button. How do I make sure edit.asp page
expires immediately or is not stored in the history ??? I tried
using response.expires= - 400 but this doesn't work.Do I need some
javascript which stops edit.asp from getting stored in the HISTORY???
If edit.asp is posting back to itself, then you could always send this
on
Quote:
Quote:
successful submission:
window.location.replace("done.asp")
Alternately, you could put edit.asp in a pop-up, and close the window
upon
Quote:
Quote:
submission.
Either of these requires the client to cooperate, so Mike's session
variable
Quote:
Quote:
suggestion would be a good complement.
--
Dave Anderson
Unsolicited commercial email will be read at a cost of $500 per message.
Use
Quote:
Quote:
of this email address implies consent to these terms.
>
