Bob,
I give you my testing codes as below.
To reproduce the problem, do the following:
1. start test.asp, and click on Development
2. it pops up a new window. In the Login field, it shows “lpang” then click
“Submit”
3. Apphome.asp page shows the user id
4. click on Development link on test.asp page again
5. it pops up another window. In Login field replace “lpang” by “Bob” and
click on “Submit”
6. the page shows Bob as user id, now click on “refresh”
7. The page shows “Bob” as user id
8. Go to first page click “refresh”, it shows “Bob” as well (“lpang” is
overwritten)
test.asp
<html>
<head>
<meta NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
</head>
<BODY>
<TABLE WIDTH="100%" HEIGHT="100%">
<TR>
<TD><a target="_blank" href="../TestApp/app.asp">Development</a>
</TD>
</TR>
</TABLE>
</BODY>
</html>
App.asp
<%
Session.Abandon
%>
<html>
<head>
<meta NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
</head>
<BODY>
<form name="form1" name=form1 action=Apphome.asp method=POST>
<table valign="center" ALIGN="center" BORDER="0" CELLSPACING="2"
CELLPADDING="2">
<tr>
<th style='color=black' colspan="3">Login</th>
</tr>
<tr>
<td align="right">Login:</td>
<td><input type="text" name="login" class="ipText" size="20"
value="lpang"></td>
</tr>
<tr>
<td></td>
<td align="center"><a href="javascript
:form1.submit();">Submit</a></td>
</tr>
</table>
</form>
</BODY>
</html>
Apphome.asp
<%
'Session.Abandon
session("uid") = request.form("login")
%>
<html>
<head>
<meta NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
</head>
<BODY>
<form name="form1" name=form1 action=Apphome.asp method=POST>
<table valign="center" ALIGN="center" BORDER="0" CELLSPACING="2"
CELLPADDING="2">
<tr>
<th style='color=black' colspan="3">Home</th>
</tr>
<tr>
<td>user id: </td>
<td><B><%=session("uid")%></B></td>
</tr>
<tr>
<td></td>
<td></td>
</tr>
<tr>
<td></td>
<td align="center"><INPUT name=showinfo type=button value="Show
User"style="HEIGHT: 24px; WIDTH: 75px; cursor:hand"
onclick="alert('<%=session("uid")%>');"></td>
</tr>
<TR>
<TD align="center"><a href="App2.asp">refresh</a></TD>
</TR>
</table>
</form>
</BODY>
</html>
App2.asp
<%
'Session.Abandon
'session("uid") = "XXX"
%>
<html>
<head>
<meta NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
</head>
<BODY>
<form name="form1" name=form1 action=App2.asp method=POST>
<table valign="center" ALIGN="center" BORDER="0" CELLSPACING="2"
CELLPADDING="2">
<tr>
<th style='color=black' colspan="3">Home</th>
</tr>
<tr>
<td>user id: </td>
<td><B><%=session("uid")%></B></td>
</tr>
<tr>
<td></td>
<td></td>
</tr>
<tr>
<td></td>
<td align="center"><INPUT name=showinfo type=button value="Show User"
style="HEIGHT: 24px; WIDTH: 75px; cursor:hand"
onclick="alert('<%=session("uid")%>');"></td>
</tr>
</table>
</form>
</BODY>
</html>
"Bob Barrows [MVP]" wrote:
Li Pang wrote: Hi Bob,
You said that "The session has already started". Is it still true if
the calling page and the called page are located at the different
servers?
If they are on different servers, then, by definition, they cannot have the
same session.
There is no point in abandoning a session in Session_OnStart because that
event only fires when a session is starting.
How the session really works?
If the calling page A calls the called page B then the session of
page B started (from the server B).
Correct. A new session starts on server B
If the calling page A calls second time the page B, how the asp or
iis knows that the session has been already started?
Because the server B session cookie still exists on the user's machine.
Is the session of page B depends on the parent page A?
No. the session depends on a session cookie written to the user's machine by
server B.
The session cookies remain until all browser windows are closed
Is that possible to use the javascript function "window.open"
enforcing to open a new sessions?
Only by issuing a Session.Abandon call in the server-side code of the page
being called.
You could have a SessionAbandon.asp page to which you pass a querystring
argument to control a Response.Redirect statement which is executed after
the session is abandoned ...
Bob Barrows
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.