473,406 Members | 2,369 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > keeping a session after going off site to purchase

Join Bytes to post your question to a community of 473,406 software developers and data experts.

keeping a session after going off site to purchase

Hi there,

I have a problem that is probably very simple but I need a solution
quite quickly.. usual stuff... new to .net etc but would appreciate a
heads up...

I have a user logged in to my site and they can go off to world pay to
purchase their items.. Worldpay have a callback procedure which is
working fine.. I then return an HTML page for them to display and this
page has a link that should take the user back to their home page
after the transaction has completed.

The problem is that when this link is clicked it actually takes me to
the login page of my site (ie my site now thinks that this is a new
user). It has lost something on this "click". I noticed that
Request.IsAuthenticated is set false at this point!! I have trawled
the groups and either am not putting the correct keywords or I am
having a funny 5 minutes...

As an aside... is this something to do with the session being lost..
can I send the session in the URL (used to do PHP and SESS_ID could be
used) and will it pick this up automatically?

Really appreciate any help

Cheers

Rich
Nov 19 '05 #1
4 1508
Hi Richard,

You can do that very same thing with .Net. What you need to do is turn on
cookie-less Sessions. Then, by default, ASP.NET will use the SessionID in
the querystring.

Please see this link:
http://msdn.microsoft.com/library/de...ssionState.asp

HTH,
DotNet Coder

"richard" <rg*******@hotmail.com> wrote in message
news:84*************************@posting.google.co m...
Hi there,

I have a problem that is probably very simple but I need a solution
quite quickly.. usual stuff... new to .net etc but would appreciate a
heads up...

I have a user logged in to my site and they can go off to world pay to
purchase their items.. Worldpay have a callback procedure which is
working fine.. I then return an HTML page for them to display and this
page has a link that should take the user back to their home page
after the transaction has completed.

The problem is that when this link is clicked it actually takes me to
the login page of my site (ie my site now thinks that this is a new
user). It has lost something on this "click". I noticed that
Request.IsAuthenticated is set false at this point!! I have trawled
the groups and either am not putting the correct keywords or I am
having a funny 5 minutes...

As an aside... is this something to do with the session being lost..
can I send the session in the URL (used to do PHP and SESS_ID could be
used) and will it pick this up automatically?

Really appreciate any help

Cheers

Rich

Nov 19 '05 #2
Thanks for the reply... as you suggested I set the cookieless option in
the config file.. unfortunately the site that has been designed (that I
am taking the reigns from) failed drastically with this set....

I solved the problem in the end by doing the following, so I hope this
helps someone in the future.

1. Stored the username password against the session in in the database.
2. Sent the session id across to worldpay in a defined variable.
3. This variable is sent back in the callback therefore I can spit back
an HTML stream to worldpay with a session id referenced in my page.
4. User clicks the link on the page and this in fact goes to a
predefined httphandler that validates the sessionid by going back to
the database to log the user in automatically.

Phew... Works well and solved the problem...

Again thanks for the reply...

Cheers

Rich

Nov 19 '05 #3
Glad to hear it!

Enjoy!
~d

<rg*******@hotmail.com> wrote in message
news:11**********************@f14g2000cwb.googlegr oups.com...
Thanks for the reply... as you suggested I set the cookieless option in
the config file.. unfortunately the site that has been designed (that I
am taking the reigns from) failed drastically with this set....

I solved the problem in the end by doing the following, so I hope this
helps someone in the future.

1. Stored the username password against the session in in the database.
2. Sent the session id across to worldpay in a defined variable.
3. This variable is sent back in the callback therefore I can spit back
an HTML stream to worldpay with a session id referenced in my page.
4. User clicks the link on the page and this in fact goes to a
predefined httphandler that validates the sessionid by going back to
the database to log the user in automatically.

Phew... Works well and solved the problem...

Again thanks for the reply...

Cheers

Rich

Nov 19 '05 #4
Hi Paul

Yip, I was using the Junior Pro version of the cart..

And they allow you on a callback to pass variables to the call back
that they will return back to you when the user has cancelled/paid for
the goods..

So... What I did which may or may not be what you need is this.

I had my payment page pass the session id to the world pay hander
along with all the relevant user data like price, currency,
description of goods, cart number..... However on the call to their
payment page I store the username and password aganst the session id
in a table in the database (for later use).

The client then proceeds with the payment or cancels and returns to
the url defined in the account (this is set on the worldpay admin
pages). This URL is in fact an HTTP Handler that I have set up via web
config which effectively checks the return values and then loads a
template on MY system (thankyou.php) and writes a response BACK to
worldpay (Response.Redirect([template text]). I prepopulate this
template with a URL link which has the session id as a GET parameter.

The user clicks the link on the thankyou page which goes back to a
HTTP handler on my system which looks up the session id in the
database and logs them in with the corroosponding username/password..
I delete this entry from the table so this will not get large.

Not sure whether this is a standard technique but it works well.

Let me know how you get on or if you have more questions...

Cheers

Richard
Nov 19 '05 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

27
Reality Check: Session Hijacking
by: mrbog | last post by:
Tell me if my assertion is wrong here: The only way to prevent session hijacking is to NEVER store authentication information (such as name/password) in the session. Well, to never authenticate...
PHP
9
Session Variables Persist Across Window Close on Mac IE 4.5 and Greater
by: Pack Fan | last post by:
I've noticed that session variables will persist on Mac IE even after all browser windows have been closed. One must quit the program to clear the session variables. This presents a security risk...
ASP / Active Server Pages
4
session
by: David B | last post by:
Hi, Could somebody please tell me how I check whether a session is dead based soley on the Session.SessionID. At present the timeout is set to 20 minutes in IIS, I am aware that I can reset...
ASP / Active Server Pages
6
Keeping a login state when moving between http and https
by: Astra | last post by:
Hi All I've noticed on quite a few ASP sites that when they have a 'MyAccount' section they transfer the site to https and then when you have logged into your account successfully and gone back...
ASP / Active Server Pages
2
PayPal and Session Variables
by: Tommy | last post by:
I have written some code to use paypal for users to make purchases from my site. I am using the paypal instant payment notification. When i get the notification from paypal I send the user an...
ASP.NET
0
Keeping a session alive when accessing an ASP page with .Net code
by: Dave Alvarado | last post by:
I'm working on some code that gathers data from a web interface to one of our servers (classic ASP). The problem is that the site uses session variables to store login information, so to move from...
ASP.NET
4
Access session of another user
by: Nick Gilbert | last post by:
Hi, Is it possible to access the Session of an arbitary user from an aspx page? On an e-commerce site, I am notified of payment success via a callback from the payment server to an ASPX page...
ASP.NET
43
why a session-based program behaves different on different computers
by: davidkoree | last post by:
I mean not about cookie. Does it have something to do with operating system or browser plugin? I appreciate any help.
PHP
1
keeping session alive after browser closed, possible?
by: soni2926 | last post by:
hi, i'm working on a site, which has a session created after a user logins, each page checks to make sure the session is there onload otherwise redirects to the login page. now the clients are...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!