Hi all,
Anyone know of any issues with setting the value of a Session object
to the value of a submitted form item via
'Session("mySessionObj")=Request.Form("myFrmElem") ' ?
In my case the Session object gets set fine. But when the user links
to another page, the value of the session object is EMPTY.
thanks in advance..
-BB
9  2393 
Brian Burgess wrote on 30 aug 2003 in
microsoft.public.inetserver.asp.general: Anyone know of any issues with setting the value of a Session object
to the value of a submitted form item via
'Session("mySessionObj")=Request.Form("myFrmElem") ' ?
This is not "the session object", it is just a variable stored on the
server for use by all asp pages during that session.
"The session object" is the collection of all these variables.
In my case the Session object gets set fine.
See above.
But when the user links to another page,
the value of the session object is EMPTY.
If that page is not in the same session, yes, otherwise it is available.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Well I tried two ways...
1st:
If (Session("login") = Empty) Then
Session("login") = Request.Form("login")
End If
2nd:
If (Session("login") = "") Then
Session("login") = Request.Form("login")
End If
I should also mention that the user could be transfered to this page
from some other pages .. in this case we would not have the
'Request.Form("login")' available to us. HOWEVER, in this case we
should have already been through the login process, and therefore the
Session collection item(login) should already be set.
Got it? :-)
Thnks again,
-BB
On 30 Aug 2003 12:56:19 GMT, "Evertjan."
<ex**************@interxnl.net> wrote: Brian Burgess wrote on 30 aug 2003 in
microsoft.public.inetserver.asp.general:
It IS in the same session! .. the user is linking .. in fact this all
WAS working .. until I changed the code to only set the value of a
Session collection item IF that item did not already have a value.
I think we would need to see that piece of code.
looks like a logical flaw
on your login page, it would be better to use this
If Request.Form("login") <> "" then
Session("login") = true
End if
if the user comes from another page having already logged in, to check
if session("login") <> true then
else
end if
jason
"Brian Burgess" <bb********@hotmail.com> wrote in message
news:k1********************************@4ax.com... Well I tried two ways...
1st:
If (Session("login") = Empty) Then
Session("login") = Request.Form("login")
End If
2nd:
If (Session("login") = "") Then
Session("login") = Request.Form("login")
End If
I should also mention that the user could be transfered to this page
from some other pages .. in this case we would not have the
'Request.Form("login")' available to us. HOWEVER, in this case we
should have already been through the login process, and therefore the
Session collection item(login) should already be set.
Got it? :-)
Thnks again,
-BB
On 30 Aug 2003 12:56:19 GMT, "Evertjan."
<ex**************@interxnl.net> wrote:
Brian Burgess wrote on 30 aug 2003 in
microsoft.public.inetserver.asp.general:
It IS in the same session! .. the user is linking .. in fact this all
WAS working .. until I changed the code to only set the value of a
Session collection item IF that item did not already have a value.
I think we would need to see that piece of code.
Cool!
That might work better to check if the user had logged in. But I
also need the actual lgoin value in some of the pages. Do you think
that the following would work then?
If Request.Form("login") <> "" Then
Session("login") = Request.Form("login")
End if
Thanks
-BB
On Sat, 30 Aug 2003 14:31:35 +0100, "jason kennedy" <ja***@pinhut.com>
wrote: looks like a logical flaw
on your login page, it would be better to use this
If Request.Form("login") <> "" then
Session("login") = true
End if
if the user comes from another page having already logged in, to check
if session("login") <> true then
else
end if
jason
"Brian Burgess" <bb********@hotmail.com> wrote in message
news:k1********************************@4ax.com.. . Well I tried two ways...
1st:
If (Session("login") = Empty) Then
Session("login") = Request.Form("login")
End If
2nd:
If (Session("login") = "") Then
Session("login") = Request.Form("login")
End If
I should also mention that the user could be transfered to this page
from some other pages .. in this case we would not have the
'Request.Form("login")' available to us. HOWEVER, in this case we
should have already been through the login process, and therefore the
Session collection item(login) should already be set.
Got it? :-)
Thnks again,
-BB
On 30 Aug 2003 12:56:19 GMT, "Evertjan."
<ex**************@interxnl.net> wrote:
>Brian Burgess wrote on 30 aug 2003 in
>microsoft.public.inetserver.asp.general:
>
>> It IS in the same session! .. the user is linking .. in fact this all
>> WAS working .. until I changed the code to only set the value of a
>> Session collection item IF that item did not already have a value.
>
>I think we would need to see that piece of code.
what is that advocacy doc about? and what exactly is underquoting?
i've been posting in newsgroups via OE for a couple of years, and have never
seen a thread advocating quoting below a post rather than above
jason
"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29... jason kennedy wrote on 30 aug 2003 in
microsoft.public.inetserver.asp.general: On 30 Aug 2003 12:56:19 GMT, "Evertjan."
<ex**************@interxnl.net> wrote:
>Brian Burgess wrote on 30 aug 2003 in
>microsoft.public.inetserver.asp.general:
>
>> It IS in the same session! .. the user is linking .. in fact this
>> all WAS working .. until I changed the code to only set the value
>> of a Session collection item IF that item did not already have a
>> value.
>
>I think we would need to see that piece of code.
"Brian Burgess" <bb********@hotmail.com> wrote in message Well I tried two ways...
1st:
If (Session("login") = Empty) Then
Session("login") = Request.Form("login")
End If
2nd:
If (Session("login") = "") Then
Session("login") = Request.Form("login")
End If
I should also mention that the user could be transfered to this page
from some other pages .. in this case we would not have the
'Request.Form("login")' available to us. HOWEVER, in this case we
should have already been through the login process, and therefore the
Session collection item(login) should already be set.
looks like a logical flaw
on your login page, it would be better to use this
If Request.Form("login") <> "" then
Session("login") = true
End if
if the user comes from another page having already logged in, to check
if session("login") <> true then
else
end if
[first I would like to stress, please do not underquote
<http://www.xs4all.nl/%7ewijnands/nnq/nquote.html>]
Brian is right, but do not accept the login confirmation from clientside,
that can be attacked.
"If true = true then" is superfluous, so this is enough:
<%
If Session("loggedin") Then
Response.redirect "mainpage.asp"
End If
If Lcase(Request.Form("loginname")) = "john" AND _
Request.Form("loginpassword") = "QWERty" then
Session("loggedin") = true
Response.redirect "mainpage.asp"
End If
Response.redirect "loginpage.asp"
%>
==========================
And on mainpage.asp and all other pages:
<%
If NOT Session("loggedin") Then
Response.redirect "loginpage.asp"
End If
%>
If you have far more than one name/password combination,
a database becomes usefull.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Ok I just tried the following:
If Request.Form("login") <> "" then
Session("login") = Request.Form("login")
End if
The Session item gets set correctly as before, but is still reset to
'Empty' once the user clicks the link to another page... any ideas?
Thanks
-bB
On Sat, 30 Aug 2003 17:15:15 +0100, "jason kennedy" <ja***@pinhut.com>
wrote: what is that advocacy doc about? and what exactly is underquoting?
i've been posting in newsgroups via OE for a couple of years, and have never
seen a thread advocating quoting below a post rather than above
jason
"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29... jason kennedy wrote on 30 aug 2003 in
microsoft.public.inetserver.asp.general: >> On 30 Aug 2003 12:56:19 GMT, "Evertjan."
>> <ex**************@interxnl.net> wrote:
>> >Brian Burgess wrote on 30 aug 2003 in
>> >microsoft.public.inetserver.asp.general:
>> >
>> >> It IS in the same session! .. the user is linking .. in fact this
>> >> all WAS working .. until I changed the code to only set the value
>> >> of a Session collection item IF that item did not already have a
>> >> value.
>> >
>> >I think we would need to see that piece of code.
>>
> "Brian Burgess" <bb********@hotmail.com> wrote in message
>> Well I tried two ways...
>> 1st:
>> If (Session("login") = Empty) Then
>> Session("login") = Request.Form("login")
>> End If
>>
>> 2nd:
>> If (Session("login") = "") Then
>> Session("login") = Request.Form("login")
>> End If
>>
>>
>> I should also mention that the user could be transfered to this page
>> from some other pages .. in this case we would not have the
>> 'Request.Form("login")' available to us. HOWEVER, in this case we
>> should have already been through the login process, and therefore the
>> Session collection item(login) should already be set.
> looks like a logical flaw
> on your login page, it would be better to use this
>
> If Request.Form("login") <> "" then
> Session("login") = true
> End if
>
> if the user comes from another page having already logged in, to check
>
> if session("login") <> true then
>
> else
>
> end if
[first I would like to stress, please do not underquote
<http://www.xs4all.nl/%7ewijnands/nnq/nquote.html>]
Brian is right, but do not accept the login confirmation from clientside,
that can be attacked.
"If true = true then" is superfluous, so this is enough:
<%
If Session("loggedin") Then
Response.redirect "mainpage.asp"
End If
If Lcase(Request.Form("loginname")) = "john" AND _
Request.Form("loginpassword") = "QWERty" then
Session("loggedin") = true
Response.redirect "mainpage.asp"
End If
Response.redirect "loginpage.asp"
%>
==========================
And on mainpage.asp and all other pages:
<%
If NOT Session("loggedin") Then
Response.redirect "loginpage.asp"
End If
%>
If you have far more than one name/password combination,
a database becomes usefull.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
jason kennedy wrote on 30 aug 2003 in
microsoft.public.inetserver.asp.general: and what exactly is underquoting?
i've been posting in newsgroups via OE for a couple of years, and have
never seen a thread advocating quoting below a post rather than above
But that is what you were doing. You were quoting under your post. This
answer is topquoting.
It does not matter what programme ["OE"] you use, it is against netiquette
on usenet NG.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
How about the original question .. Any one have ideas?
thanks
-BB
On 30 Aug 2003 17:52:53 GMT, "Evertjan."
<ex**************@interxnl.net> wrote: jason kennedy wrote on 30 aug 2003 in
microsoft.public.inetserver.asp.general: and what exactly is underquoting?
i've been posting in newsgroups via OE for a couple of years, and have
never seen a thread advocating quoting below a post rather than above
But that is what you were doing. You were quoting under your post. This
answer is topquoting.
It does not matter what programme ["OE"] you use, it is against netiquette
on usenet NG.
I figured this one out with everyones help along an article(2157) in
ASPFAQ.com. The trouble was my initial code AND related to an MS security
patch. A KB article(Q316112) describes it.
My code now is more or less it is like the following, and it is working
properly:
<%
Option Explicit
If (Request.Form("loginName") <> "") Then
Session("loginName") = Request.Form("loginName")
End If
Dim strLoginName
strLoginName = Session("loginName")
....
'Do your stuff here
....
%>
Thanks all,
-BB
"Brian Burgess" <bb********@hotmail.com> wrote in message
news:is********************************@4ax.com... Hi all,
Anyone know of any issues with setting the value of a Session object
to the value of a submitted form item via
'Session("mySessionObj")=Request.Form("myFrmElem") ' ?
In my case the Session object gets set fine. But when the user links
to another page, the value of the session object is EMPTY.
thanks in advance..
-BB This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: bateman |
last post by:
Hi, I have a rather puzzling problem, have asked the ASP experts at work with
no joy and its driving me mad! I'll explain the steps in more detail below
but the general problem is I am manually...
|
by: Alex Stevens |
last post by:
I'd already posted this in microsoft.public.dotnet.framework.windowsforms
and microsoft.public.dotnet.framework.windowsforms.controls to no avail so
apologies for the cross-posting.
Hi,
I'm...
|
by: Jack |
last post by:
Hi,
I have the following problem.
I have a main data entry form which has a link to a detailed data entry
form. The value of the link in the main form is the sum total of all the
line items...
|
by: Billy Horne |
last post by:
Hi - I need to write a basic order page for our web site. It is very
straight-forward, in that we don't need a whole "shopping cart" system.
Instead we just need a list of products displayed with...
|
by: antonyliu2002 |
last post by:
I am not new to programming, but I am new to VB .NET.
I have a multiselect listbox like this:
Please select your favorite fruit:
Apple
Banana
Coconut
Date
|
by: Mr Newbie |
last post by:
I have written a Custom Control Menu. Its fairly simple but it works well
enough. In order to simplify things I decided to store the Menu1 custom
control in Session. In the page load event below,...
|
by: James Vickers |
last post by:
All,
I am a bit of noob to ASP.NET, and I am writing some OO based pages to try
and emerge myself into it, however, I have come across a problem that has me
completely stumped!
What I want to...
|
by: Kermit Piper |
last post by:
Hello,
I thought this should be easy, but... all I want to do is set the value
of this state drop-down based on a session var I'm getting back from a
redirect (from the processing page):
<%...
|
by: Nick Gilbert |
last post by:
Hi,
Is it possible to access the Session of an arbitary user from an aspx page?
On an e-commerce site, I am notified of payment success via a callback
from the payment server to an ASPX page...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
