cookie null references in c#

Without knowing anything about cookies, I can see the following places
in your code that could cause a null reference exception.

cookie.Values["Name"].ToString*();

What if there is no value called "Name" in your cookie? You will try to
call ToString() on null. Doesn't work.

iRoomId=int.Par se(lstRooms.Sel *ectedValue);

What if nothing is selected in your list? SelectedValue will be null,
and the Parse method will barf... although it should barf with an
ArgumentNullExc eption, not a NullReferenceEx ception.

this.UserLogin( Session.Session ID,iSiteId,sUse rId,sPwd,fal*se ,iRoomId,ref
iErr,ref sErr)

OK... this isn't the actual code, is it? I say that because sUserId is
declared inside the "then" part of an "if", up above, but you're using
it down here, so this wouldn't compile.

Could you post the actual code that is failing, and indicate where the
exception is happening?

here is the code, sorry wrong code pasted, thanx for the reply

private void Button1_Click(o bject sender, System.EventArg s e)
{
Session["unused"]=0;//this is a hack to work around the bug with
session state not being initialized

int iSiteId=int.Par se(this.SiteIdG et());
// This is just a sample. In real application you would take those
// variable form session, form, cookies or any other method that you
use.

HttpCookie cookie = Request.Cookies["snitz00use r"];

if(cookie == null)
{
//CookieValue represents a WebForm Label control
//try
lblMsg.Text=str ing.Format("log in first"); //test, sUserId was here
}
//}
// catch
else
{
lblMsg.Text=str ing.Format("You have to login before you can chat");
}

string sUserId = cookie.Values["Name"].ToString();

// string sUserId="user1" ;
string sPwd="";
int iRoomId=-2; //room ID -2 will not enter any room, -1 will not
enter any room
try
{
iRoomId=int.Par se(lstRooms.Sel ectedValue);
}
catch(Exception ){}

string sErr="";int iErr=0;
if(this.UserLog in(Session.Sess ionID,iSiteId,s UserId,sPwd,fal se,iRoomI
d,ref iErr,ref sErr))
{
lblMsg.Text=str ing.Format("Suc cessfully logged in user {0} into site
{1}, room {2}.",sUserId,i SiteId,iRoomId) ;
//instead you can just put all this code in your page_load event and
use redirect to chat page here.
lnkChat.Visible =true;

RoomListRender( );
}
else
{
//depending on error code you may take different action here
lblMsg.Text=str ing.Format("Fai led to log in user {0} into site {1},
room {2}. Error ({3}) {4}",sUserId,iS iteId,iRoomId,i Err,sErr);
lnkChat.Visible =false;
}
}

*** Sent via Developersdex http://www.developersdex.com ***

here is the code, sorry wrong code pasted, thanx for the reply

private void Button1_Click(o bject sender, System.EventArg s e)
{
Session["unused"]=0;//this is a hack to work around the bug with
session state not being initialized

int iSiteId=int.Par se(this.SiteIdG et());
// This is just a sample. In real application you would take those
// variable form session, form, cookies or any other method that you
use.

HttpCookie cookie = Request.Cookies["snitz00use r"];

if(cookie == null)
{
//CookieValue represents a WebForm Label control
//try
lblMsg.Text=str ing.Format("log in first"); //test, sUserId was here
}
//}
// catch
else
{
lblMsg.Text=str ing.Format("You have to login before you can chat");
}

string sUserId = cookie.Values["Name"].ToString();

// string sUserId="user1" ;
string sPwd="";
int iRoomId=-2; //room ID -2 will not enter any room, -1 will not
enter any room
try
{
iRoomId=int.Par se(lstRooms.Sel ectedValue);
}
catch(Exception ){}

string sErr="";int iErr=0;
if(this.UserLog in(Session.Sess ionID,iSiteId,s UserId,sPwd,fal se,iRoomI
d,ref iErr,ref sErr))
{
lblMsg.Text=str ing.Format("Suc cessfully logged in user {0} into site
{1}, room {2}.",sUserId,i SiteId,iRoomId) ;
//instead you can just put all this code in your page_load event and
use redirect to chat page here.
lnkChat.Visible =true;

RoomListRender( );
}
else
{
//depending on error code you may take different action here
lblMsg.Text=str ing.Format("Fai led to log in user {0} into site {1},
room {2}. Error ({3}) {4}",sUserId,iS iteId,iRoomId,i Err,sErr);
lnkChat.Visible =false;
}
}

*** Sent via Developersdex http://www.developersdex.com ***

What's the actual text of the exception, and which line in your posted
code is it happening on?

here is the error:

Server Error in '/CHAT' Application.
------------------------------------------------------------------------
--------

Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.NullRefe renceException: Object reference not
set to an instance of an object.

Source Error:

An unhandled exception was generated during the execution of the current
web request. Information regarding the origin and location of the
exception can be identified using the exception stack trace below.

Stack Trace:
[NullReferenceEx ception: Object reference not set to an instance of an
object.]
av.a(String A_0) +32
bw.a(String A_0) +15
a3.a(Int32 A_0, String A_1) +78
chat_net3.ZbCha tPage.UserLogou t(Int32 iSiteId, String sUserName,
Int32& iErr, String& sErr) +78
ChatAPISample.C ustomLogin.Butt on2_Click(Objec t sender, EventArgs e)
System.Web.UI.W ebControls.Butt on.OnClick(Even tArgs e) +108

System.Web.UI.W ebControls.Butt on.System.Web.U I.IPostBackEven tHandler.Rai
sePostBackEvent (String eventArgument) +57
System.Web.UI.P age.RaisePostBa ckEvent(IPostBa ckEventHandler
sourceControl, String eventArgument) +18
System.Web.UI.P age.RaisePostBa ckEvent(NameVal ueCollection postData)
+33
System.Web.UI.P age.ProcessRequ estMain() +1292

it happens when there is no cookie in the machine accessing the page
and this is the button2_click code:

private void Button2_Click(o bject sender, System.EventArg s e)
{

int iSiteId=int.Par se(this.SiteIdG et());
// This is just a sample. In real application you would take those
// variable form session, form, cookies or any other method that you
use.
//string sUserId="user1" ;
HttpCookie cookie = Request.Cookies["snitz00use r"];

if(cookie == null)
{
//CookieValue represents a WebForm Label control
lblMsg.Text=str ing.Format("Fai led to log in user");
}
else
{
//CookieValue represents a WebForm Label control
lblMsg.Text=str ing.Format("wor k");
}
try

{
sUserId = cookie.Values["Name"].ToString();
}

catch
{
lblMsg.Text=str ing.Format("Fai led to log in user");
}

// string sUserId="user1" ;
string sErr="";int iErr=0;
if(this.UserLog out(iSiteId,sUs erId,ref iErr,ref sErr))
{
lblLogout.Text= string.Format(" Successfully logged out user {0} from
site {1}.",sUserId,i SiteId);
//instead you can just put all this code in your page_load event and
use redirect to chat page here.
//lnkChat.Visible =true;

}
else
{
//depending on error code you may take different action here

lblLogout.Text= string.Format(" Failed to log out user {0} from site
{1}. Error ({2}) {3}",sUserId,iS iteId,iErr,sErr );

}
RoomListRender( );
lnkChat.Visible =false;
------------------------------------------------------------------------
--------
Version Information: Microsoft .NET Framework Version:1.1.432 2.2300;
ASP.NET Version:1.1.432 2.2300

*** Sent via Developersdex http://www.developersdex.com ***

So the problem seems to be that sUserId is set only when there is a
cookie. That is, inside the try...catch you have

sUserId = cookie.Values["Name"].ToString*();

However, if that fails, what should sUserId contain? Obviously it
contains a null reference in the current implementation.

Or, perhaps that's the wrong question. A better question would be: If
the attempt to fetch the cookie fails, what do you want to do? Do you
really want to log the user out? Calling

this.UserLogout (iSiteId,sUs*er Id,ref iErr,ref sErr)

with a null sUserId appears to make it blow up. If the user has no
cookie, or the "Name" value isn't in the cookie, doesn't that mean that
they're not logged in? Or, at the very least, that you can't determine
who it is, so you can't log them out? Perhaps you want this:

HttpCookie cookie = Request.Cookies["snitz00use r"]*;
if(cookie == null)
{
//CookieValue represents a WebForm Label control
lblMsg.Text=str ing.Format("Fai *led to log in user");
}
else
{
sUserId = cookie.Values.G et("Name");
if (sUserId == null)
{
lblMsg.Text = string.Format(" Failed to log in user");
}
else
{
//CookieValue represents a WebForm Label control
lblMsg.Text=str ing.Format("wor *k");

string sErr="";int iErr=0;
if(this.UserLog out(iSiteId,sUs *erId,ref iErr,ref sErr))
{
lblLogout.Text= string.Format(" *Successfully logged out
user {0} from site {1}.",sUserId,i SiteId);
}
else
{
lblLogout.Text= string.Format(" *Failed to log out user {0}
from site {1}. Error ({2}) {3}",sUserId,iS iteId,iErr,sErr *);
}
}
}

This way, the code will do the UserLogout only if the attempt to fetch
the cookie succeeds, and the attempt to fetch the "Name" value from the
cookie succeeds. By using the HttpCookie.Valu es.Get method, you also
avoid the overhead of an exception, making the code run a little faster
(trivially so) and making it clearer what's going on (more important).

Lastly, if you do use exceptions, you don't want to use a blanket
"catch" or "catch (Exception)" unless you have no documentation telling
you what the exceptions are. In your case, if you were to use an
exception, you would want:

catch (ArgumentOutOfR angeException)

because this is the exception that is thrown if the "Name" value isn't
in the cookie. Other exceptions should be allowed to crash the
application, since they indicate something horrible and unanticipated
happened.

Be sure to wrap your references in a try block:
try {string sUserId = cookie.Values["Name"].ToString*();}

Sample C# Code:
const stringNAME_COOK IE = "YourCookieName ";
const stringNAME_USER ID = "inpUserIDField ";
const stringNAME_SERV ER = "inpServerField ";

private void Page_Load(objec t sender, System.EventArg s e)
{
// Retrieve settings from last visit
try
{
if (Request.Cookie s != null)
{
inpUserID.Value =
Server.HtmlEnco de(Request.Cook ies[NAME_COOKIE][NAME_USERID]).ToString();
inpServer.Value =
Server.HtmlEnco de(Request.Cook ies[NAME_COOKIE][NAME_SERVER]).ToString();
}
}
catch {}
}

private void Submit_ServerCl ick(object sender, System.EventArg s e)
{
// Save user settings
try
{
Response.Cookie s[NAME_COOKIE][NAME_USERID] = inpUserID.Value ;
Response.Cookie s[NAME_COOKIE][NAME_SERVER] = inpServer.Value ;
Response.Cookie s[NAME_COOKIE].Expires = DateTime.MaxVal ue;
}
catch {}
}
www.VoiceInformation.com - <a href="http://www.VoiceInform ation.com">
Virtual Office, Automated Virtual Phone Assistant, Web VMail </a><br>

www.TekGuard.com - <a href="http://www.TekGuard.co m">
Free Mail Server, AntiSpam, PlugIn, WebMail, Free Source Code </a>