By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
437,913 Members | 1,356 Online
Bytes IT Community
Submit an Article
Got Smarts?
Share your bits of IT knowledge by writing an article on Bytes.

Sessions - How To Pass Information Between Web Pages

Frinavale
Expert Mod 5K+
P: 9,731
One of the most fundamental topics in web design is understanding how to pass information collected on one web page to another web page. There are many different ways you could do this: Cookies, Database... However, I'm going to cover how to use Sessions.

Sessions are used to store information in order to use it during later page requests or in other web pages in a web application. By default Cookies are used to identify which session belongs to which browser. There is an option that you can set in your web.config file to use Cookieless Sessions; however you should keep in mind that for most web applications the Session ID should be kept private and when using Cookieless Sessions the Session ID is displayed in the query string.

In .NET there are three session states: InProc, StateServer, and SQLServer.
By default web applications are set up to use InProc.


Where are Sessions stored?
InProc
The session is kept as live objects on web server (aspnet_wp.exe). It is stored in memory and is the fastest out of the three options; however, you should keep in mind that the more data you store in session, the more memory on the web server is consumed. This could affect the performance of your applications running on the web server. Also keep in mind that you cannot use InProc sessions in a web garden for many reasons I'm not going to get into.

StateServer
The session is serialized and stored in memory in a separate process (aspnet_state.exe). State Server can run on another machine, whereas InProc is specific to the machine the website is running on. You should keep in mind that the cost of serialization/deserialization of the session can affect performance if you're storing lots of objects.

SQLServer
The session is serialized and stored in a table in an SQL server. It requires you have a database available and you should think about how you are going to secure the connection to the database. This is the slowest of the three options but is required in order to store persistent data.

How do I use Sessions in my web application

It's really quite simple.
In the following example I use VB.NET to store the text value (userName) of a text box in session during a button click:
Expand|Select|Wrap|Line Numbers
  1.  Private Sub btn_button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btn_button1.Click
  2.    Session("userName") = txt_userName.Text
  3. End Sub
  4.  
In the following example I use VB.NET to display the text value (userName) stored session. This can be used on another web page within the web application:
Expand|Select|Wrap|Line Numbers
  1.  Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
  2.      Dim userName as String = Session("userName")
  3.      lbl_welcome.Text= "Welcome to working with Sessions " + userName + "!"
  4. End Sub
  5.  
May 9 '07 #1
Share this Article
Share on Google+
13 Comments


P: 1
Hello Frinavale

Iam trying to implement the example "How do I use Sessions in my web application"
I am new to Development.
Would you have the complete tutorial for it?

Thank You
Melissa
May 15 '07 #2

Frinavale
Expert Mod 5K+
P: 9,731
Hello Frinavale

Iam trying to implement the example "How do I use Sessions in my web application"
I am new to Development.
Would you have the complete tutorial for it?

Thank You
Melissa

Sorry I don't have a complete tutorial for it because I didn't write this article based on any tutorials.

You could try to create an web application with two aspx web pages.

The first page should have a text box and a button.
It should have the server side code that stores the text found in the text box into session on the button click event. Once the information is stored in Session, redirect the user to the next web page (use Response.Redirect("nameOfNextPage.aspx") to transfer them)

On the second page, retrieve the information from session and display it into a label in the Page_Load() method.

It's pretty easy to use. If you still need more help try looking up Sessions on the MSDN Library, there may be a tutorial there. Or you could just keep asking for help here on theScripts.

Cheers! :)

-Frinny
May 22 '07 #3

P: 2
There are so many ways to pass the information from one web page to another.

1)QueryString
2)Session - 3 modes(Statemode,sqlserver,inmemory) - load on sever if the data is too large.
3)Application - Application wise globally.
4)Cookie - useful but risky. depends on client browser either it supports the cookie or not.

There are also facility for ViewState--maintaining the state for one page.

ViewState - encrypted and good. but if it contains the large data the perfiomance goes down.


HiidenFields and hiddenframes are also there.
Aug 9 '07 #4

Sakalicek
P: 51
Yes, agree.
I always also pass informations in QueryString.
It seems to be more difficult but I think its better than to store informations in sessions objects.


There are so many ways to pass the information from one web page to another.

1)QueryString
2)Session - 3 modes(Statemode,sqlserver,inmemory) - load on sever if the data is too large.
3)Application - Application wise globally.
4)Cookie - useful but risky. depends on client browser either it supports the cookie or not.

There are also facility for ViewState--maintaining the state for one page.

ViewState - encrypted and good. but if it contains the large data the perfiomance goes down.


HiidenFields and hiddenframes are also there.
Sep 4 '07 #5

Plater
Expert 5K+
P: 7,872
Yes, agree.
I always also pass informations in QueryString.
It seems to be more difficult but I think its better than to store informations in sessions objects.
QueryString is visible to the user and any thirdparties watching and is very easy to see since it's part of the URL. Session objects do not expose that information to the outside.
It's all just subtle differences in what you need.
Sep 4 '07 #6

P: 18
Hi Everybody,

Well passing information from one page to another is something that we use quite often..and we need it always.

Well i cannot tell you exactly and the proper technical reason for not using Session Variables. Its not considered to be the best practice.

Yes there are some situation where you cannot avoid it at all. But then i believe we are talking about something more general which we will use in many pages. Passing of Data.

Well Querystring is the best practice for passing data.
Now as you have mentioned above, about the URL is displayed and the client or User can see what you are passing, which is not good if he sees, plus it is open to hackers. !!!

Well in that case, you should use HTTP Handler or HTTP modules.
It hides your physical URL and passing dummy one..

You can go to this link which covers the whole topic.

http://msdn2.microsoft.com/en-us/library/ms972974.aspx

I hope it helps you guys...i also learnt from here ... :)

Cheers

mady
Sep 21 '07 #7

P: 6
Mady pointed out the issue of passing data via query strings (particularly usernames and passwords). The military was horrified when they found out the web page we were designing was going to pass data using query strings, and absolutely forbade it. When wanted to use session variables but since our site was a combination of some of the old classic ASP pages as well as ASP.net pages it was not possible to pass Session variables across the boundary. What we had to do was to pass the data into a database on the ASP side and then read it out of the database on the ASP.net side. This required use to store a connection string in a config file that would be available to both session on_start events, and limit the connection string to access only to that one table and that one database. The stored procedure that read back the data to the ASP.Net side would also clear that data out of the table. When also had the issue of passing objects and collections containing data from one page to another. This would not have been possible with query strings, but it was possible with Session variables.
Jan 9 '08 #8

Frinavale
Expert Mod 5K+
P: 9,731
Thanks for that bit of information Joeller, I'm sure it'll help a lot of people facing the same problem. It's a nice solution :)

-Frinny
Jan 9 '08 #9

P: 41
There are so many ways to pass the information from one web page to another.

1)QueryString
2)Session - 3 modes(Statemode,sqlserver,inmemory) - load on sever if the data is too large.
3)Application - Application wise globally.
4)Cookie - useful but risky. depends on client browser either it supports the cookie or not.

There are also facility for ViewState--maintaining the state for one page.

ViewState - encrypted and good. but if it contains the large data the perfiomance goes down.


HiidenFields and hiddenframes are also there.


i am aware of 1st 4 types u explaied including viewstate. but i have 1 doubt.
hiddenfield n hiddenframe r wh exactly , r they related to viewstate or something different, can u explain hiddenfield n hiddenframe more
Mar 5 '08 #10

Frinavale
Expert Mod 5K+
P: 9,731
i am aware of 1st 4 types u explaied including viewstate. but i have 1 doubt.
hiddenfield n hiddenframe r wh exactly , r they related to viewstate or something different, can u explain hiddenfield n hiddenframe more
ViewState is used to remember the state of your ASP.NET controls.
Hidden Fields are html that hold temporary information for the page...it remembers information but not necessarily about an ASP.NET Control.

Hidden fields can be used to pass information between JavaScript and your .NET code. Eg. your JavaScript function does something and then stores the result into a hidden field, this filed can then be accessed by the server side code to do further calculations.

-Frinny
Mar 6 '08 #11

Ewan
P: 18
Hi Frinavale, thanks for this info.
i had a doubt, i have i multiple users who would be accessing different records at the same time.
and if im using Session to pass the values as required, could this result in a slow performance for my web app. also is there any way to remove a session after the value is passed..
would this affect another user if his command(button click) tries to create the session again with the same name?
Feb 26 '11 #12

Frinavale
Expert Mod 5K+
P: 9,731
If you have several users then you, and you are storing a lot of information in session, then you run the risk of using a lot of memory resources on the server computer. If you use more memory than is allocated to your website, then the web application process will be recycled.

I'm not sure about the effects of speed performance Session will have on your application; however, it is much faster than accessing a database every request. (Likewise storing things in ASP.NET's Cache is even faster).

Do some tests to determine what is best for your solution.


-Frinny
Feb 27 '11 #13

P: 13
Thanks u sir i have don it.... love this forum
Dec 7 '11 #14