By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,967 Members | 815 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,967 IT Pros & Developers. It's quick & easy.

Disappearing Session Variables

P: 8
I have been struggling with unexpected error messages on an ASP.NET system, using SQL and C#. The application draws organisation charts, based on data stored in the SQL database. Some of the chart editing processes place a very heavy load on the server as the effects of the edit ripple through the organisation structure, requiring potentially large numbers of rows in one of the tables to be updated. (I have done it this way to make the more commonly used reading process fast.)

The errors that I am getting all relate to apparently uninitialised session variables, namely: “System.NullReferenceException: Object reference not set to an instance of an object”. After lots of checking, I have come to the conclusion that the server is somehow losing the session variables or that the absence of any SQL table locking during these updates might be involved.

When users first log in, they land on what I call the “User Home Page”, which sets defaults for the session variables. Unfortunately, if the session times out and the user later tries to continue working, the ASP.NET system logs him in again and takes him straight back to the page he was working on previously. This means that the session variables are not set because the user did not get there via the User Home Page. To solve this, I added the following code to the top of the User Home Page:

Expand|Select|Wrap|Line Numbers
  1.  
  2. if ((Session["TimeOut"] != null) && (Session["TimeOut"].ToString() != "False"))
  3. {
  4.      Time_Out_Label.Text = "Suitable error message";
  5. }
  6. Session["TimeOut"] = "False";
  7.  
  8.  
This prints an error message if the session variable “TimeOut” is initialised and set to anything other than false. (Note that the second part of the “if” statement is not evaluated if “TimeOut” is not initialised, which would otherwise result in the very error message I am trying to sort out.) At the top of all the other pages, I added the following code:

Expand|Select|Wrap|Line Numbers
  1.  
  2. if (Session["TimeOut"] == null)
  3. {
  4.      Session["TimeOut"] = "True";
  5.      Response.Redirect("../Members/user_home.aspx");
  6. }
  7.  
  8.  
The idea is that if the session times out, but ASP.NET allows the user to log in again and carry on working without going via the User Home page, then “TimeOut” will be uninitialised (because the session has timed out); this will be caught by the “if” statement and the user will be redirected to the User Home Page with “TimeOut” set to true.

It seems to work, in that if I allow the session to time out and then attempt to continue, I get transferred to the User Home Page (with the intended error message) instead of having everything collapse in a big heap when the code tries to access an uninitialised session variable on the page that the user was attempting to view.

The problem is that I also occasionally get transferred to the User Home Page in this way during normal operation, i.e. within a few seconds of executing some other action, when clearly the session should not have timed out. I guess that in one sense this is good news, because it means that the original uninitialised-variable error messages were not due to errors in the code, but why are the session variables being forgotten by the system?

The site is hosted on a shared server at One and One. I’ve since been wondering what the server does if it runs out of storage space for session variables. Does it just kill off a few? Maybe at busy times, it doesn’t like my organisation chart editing process, which could involve several hundred separate database accesses for a single page update and therefore it simply kills the process (and the session variables). I have checked the entire project and there are no other references to "TimeOut" anywhere in the code.

Any ideas would be very much appreciated.

ChrisAtWokingham
Aug 1 '08 #1
Share this Question
Share on Google+
6 Replies


shweta123
Expert 100+
P: 692
Hi,

I have following suggestion regarding the error you are getting in your code :

1> When the user will login through the Home page of the website his Login name should be set in a Session variable.
e.g. Session["Login"] = username

2> Now , you can use this Session variable in all your web pages in order to check if some user has logged in or not.
e.g. if(Session["Login"] == "")
{
Response.Redirect("HomePage.aspx");
}

3> Everytime when user Logs out OR session is time out , in that case, you
should make session variable as empty.
On Logout.aspx page you should write this code :
e.g. Session["Login"] = ""
Aug 1 '08 #2

P: 8
Hi,


Thank you for your reply. What you are suggesting is not materially different to what I am already doing. You are using the word "Login" as the session variable instead of "TimeOut" and you are putting the username or null in it whereas I am putting "true", false" or null in it. I am not trying to check whether someone has logged in or out; the ASP.NET system can tell me that. I'm trying to stop code running when the session variables have been erased through a time-out and renewed log in. That bit already works.

The problem is that the session variables are being cleared by the server when neither a log-out nor a time-out has occured. The Response.Redirect route is sometimes being taken when the user causes a page re-submit even though the user has not logged out and has only been inactive for a few seconds, which is well within the typical 20 minute time out period. Under normal operation, when the user neither logs out nor is idle for more than a minute or so, the Response.Redirect should never execute, but it is doing so.

regards,


ChrisAtWokingham
Aug 1 '08 #3

Plater
Expert 5K+
P: 7,872
A number of things can lead to session loss.
The client broswer can reject the cookie for whatever reason (generally it's either a "I can use session cookies" or "no session cookies allowed" right from the start, and not mid-way through using a site)

Anytime you make changes to the code/upload/publish your website, all session data is dropped and reset.

I *think* IIS will prune Session data if the Session is using up a lot of space, i.e. more then it's allowed. If you suspect this, get in contact with your host and see if they have any log of IIS performing these actions.


Your global.asax file could be usefull here, as it contains the event handler for when a Session_End or Session_Start occurs. there is also the Application_Start, Application_End and Application_Error that could be usefull.
Aug 1 '08 #4

P: 8
Many thanks - you have given me a couple of pointers to investigate. The session variables are being lost occasionally in the middle of browsing, so it is not that the browser is rejecting cookies. I had already deduced that uploading revised code etc. would kill the session and I'm not doing anything like that, but I do have quite a few session variables. I'll see if I can reduce the number and if the problem persists, then contact the host as you suggest. Many thanks again.

regards,


ChrisAtWokingham
Aug 5 '08 #5

shweta123
Expert 100+
P: 692
Hi,

If it is possible to replace session variables in your code you can try for other methods :
e.g.
1>You can pass the data from one page to another using querystring
2> Also you can use hidden fields for your requirement.
Aug 5 '08 #6

Frinavale
Expert Mod 5K+
P: 9,731
Many thanks - you have given me a couple of pointers to investigate. The session variables are being lost occasionally in the middle of browsing, so it is not that the browser is rejecting cookies. I had already deduced that uploading revised code etc. would kill the session and I'm not doing anything like that, but I do have quite a few session variables. I'll see if I can reduce the number and if the problem persists, then contact the host as you suggest. Many thanks again.

regards,


ChrisAtWokingham

My initial guess would be that you are running out of memory because your process is quite intensive. When this happens your worker process is recycled and your session is lost.

To get around this I would recommend changing your session from being InProc to SQLServer or something else instead. See this article on Sessions for more information.

-Frinny
Aug 5 '08 #7

Post your reply

Sign in to post your reply or Sign up for a free account.