PDA

View Full Version : Session shows but doesnt work?

Crash1hd
06-16-2003, 10:05 AM
The following code doesnt seem to be working

<%@Language=VBScript%>
<!--#INCLUDE Virtual="/Include/Header.asp"-->
<%
If Request.Cookies("userid") <> "" Then
Session("username") = Request.Cookies("username")
Member1Query = "SELECT * FROM members WHERE username = '" & Session("username") & "'"
Set RSL = Conn.Execute(Member1Query)
If NOT RSL.EOF Then
Session("allow") = "Lok"
Session("clearance") = Request.Cookies("clearance")
Session("userid") = Request.Cookies("userid")
End If
End If
%>
<!--#INCLUDE Virtual="/Include/level1.asp"-->


<% response.expires = -15000 %>
<%Response.CacheControl = "no-cache" 'this stops people from click back after logging out%>

<html><head><title>Members.AlwaysRemember.ca</title></head>
<body>
<%
SQL = "Select * From members Order By userid"
Set RS = Conn.Execute(SQL)

do until RS.EOF
IF RS.fields("userid") = Session("userid") Then%>

<P Class=title>You are now logged in, <% Response.Write RS.fields("username") %>. Yay!</p>
<%
Response.Write "Welcome... " & RS.fields("username")
Response.Write "<p>You have been logged <b>In</b>."
Response.Write "<br />Your clearance level is <b>" & Session("Clearance") & "</b>."
Response.write "<br />Your Userid is <b>" & Session("userid") & "</b>."

End If
RS.movenext
Loop
CleanUp1(RS)
%>

<%response.write ("<font color=red>" & Session("Clearance") & " " & Session("username") & " " & Session("userid") & "</font>")%>



</body>
</html>
<%CleanUp()%>

now the output of the page is as follows matching the colors

clearance username userid
raf
06-16-2003, 11:30 AM
I think you're not correctly referencing to the cookie-values. Normally it's Request.Cookies("cookiename")("keyname").
For instance : Request.Cookies("yourcookiename")("userid")
So the first check
If Request.Cookies("userid") <> "" Then
would then be false (the value would be empty) so none of the sessionvariabels would then be set.

The rest of the code also looks funny. Don't use select * unless you really need all variables !
And use a where clause to get the records for that users, instead of selecting the complete memberstable and then looping through it!
So all this:

SQL = "Select * From members Order By userid"
Set RS = Conn.Execute(SQL)

do until RS.EOF
IF RS.fields("userid") = Session("userid") Then%>

End If
RS.movenext
Loop

Should be replaced with

SQL = "Select username From members WHERE userid=theid"
SQL = replace(SQL,"theid",Session("userid"))
Set RS = Conn.Execute(SQL)

if RS.EOF=True then
response.write("Databaseproblem")
else
...
end if
Crash1hd
06-16-2003, 08:43 PM
When you say "yourcookiename" say that the cookie name is Cookie:username@www.website.com/ is that what you put in the script so like so

Request.Cookies("Cookie:username@www.website.com/")("userid")

or

Request.Cookies("username@www.website.com/")("userid")

or

Request.Cookies("www.website.com/")("userid")

???:confused:???

But its really wiered because If you notice that as I was saying the stuff at the bottem of my first post in read comes up on the page its just the stuff in the database file that doesnt come up even though the session has been noted if I where to add the words session("userid") = 6 then the database stuff works fine?
raf
06-16-2003, 10:56 PM
No. What you refer to is what you see in your explorer. (the app only reads cookies from its own domain --> security ! + the windows user is registered in the name for shared pc's.)

check out this info on setting and reading cookies
-------------------------------
The Cookies collection sets the value of a cookie. If the specified cookie does not exist, it is created. If the cookie exists, it takes the new value and the old value is discarded.

Syntax
Response.Cookies(cookie)[(key)|.attribute] = value

Parameters
cookie
The name of the cookie.
key
An optional parameter. If key is specified, cookie is a dictionary, and key is set to value.
attribute
Specifies information about the cookie itself. The attribute parameter can be one of the following. Name Description
Domain Write-only. If specified, the cookie is sent only to requests to this domain.
Expires Write-only. The date on which the cookie expires. This date must be set in order for the cookie to be stored on the client's disk after the session ends. If this attribute is not set to a date beyond the current date, the cookie will expire when the session ends.
HasKeys Read-only. Specifies whether the cookie contains keys.
Path Write-only. If specified, the cookie is sent only to requests to this path. If this attribute is not set, the application path is used.
Secure Write-only. Specifies whether the cookie is secure.


Value
Specifies the value to assign to key or attribute.
Remarks
If a cookie with a key is created, as in the following script,

<%
Response.Cookies("mycookie")("type1") = "sugar"
Response.Cookies("mycookie")("type2") = "ginger snap"
%>

this header is sent.

Set-Cookie:MYCOOKIE=TYPE1=sugar&TYPE2=ginger+snap

A subsequent assignment to myCookie without specifying a key, would destroy type1 and type2. This is shown in the following example.

<% Response.Cookies("myCookie") = "chocolate chip" %>

In the preceding example, the keys type1 and type2 are destroyed and their values are discarded. The myCookie cookie now has the value chocolate chip.

Conversely, if you call a cookie with a key, it destroys any nonkey values the cookie contained. For example, if after the preceding code you call Response.Cookies with the following

<% Response.Cookies("myCookie")("newType") = "peanut butter" %>

The value chocolate chip is discarded and newType would be set to peanut butter.

To determine whether a cookie has keys, use the following syntax.

<%= Response.Cookies("myCookie").HasKeys %>

If myCookie is a cookie dictionary, the preceding value is TRUE. Otherwise, it is FALSE.

You can use an iterator to set cookie attributes. For example, to set all of the cookies to expire on a particular date, use the following syntax.

<%
For Each cookie in Response.Cookies
Response.Cookie(cookie).Expires = #July 4, 1997#
Next
%>

You can also use an iterator to set the values of all the cookies in a collection, or all the keys in a cookie. However, the iterator, when invoked on a cookie that does not have keys, does not execute. To avoid this, you can first use the .HasKeys syntax to check whether a cookie has any keys. This is demonstrated in the following example.

<%
If Not cookie.HasKeys Then
'Set the value of the cookie
Response.Cookies(cookie) = ""
Else
'Set the value for each key in the cookie collection
For Each key in Response.Cookies(cookie)
Response.Cookies(cookie)(key) = ""
Next key
%>

Examples
The following examples demonstrate how you can set a value for a cookie and assign values to its attributes.

<%
Response.Cookies("Type") = "Chocolate Chip"
Response.Cookies("Type").Expires = "July 31, 1997"
Response.Cookies("Type").Domain = "msn.com"
Response.Cookies("Type").Path = "/www/home/"
Response.Cookies("Type").Secure = FALSE
%>

Applies To



reading cookies

Cookies
The Cookies collection enables you to retrieve the values of the cookies sent in an HTTP request.

Syntax
Request.Cookies(cookie)[(key)|.attribute]

Parameters
cookie
Specifies the cookie whose value should be retrieved.
key
An optional parameter used to retrieve subkey values from cookie dictionaries.
attribute
Specifies information about the cookie itself. The attribute parameter can be the following. Name Description
HasKeys Read-only. Specifies whether the cookie contains keys.


Remarks
You can access the subkeys of a cookie dictionary by including a value for key. If a cookie dictionary is accessed without specifying key, all of the keys are returned as a single query string. For example, if MyCookie has two keys, First and Second, and you do not specify either of these keys in a call to Request.Cookies, the following string is returned.

First=firstkeyvalue&Second=secondkeyvalue

If two cookies with the same name are sent by the client browser, Request.Cookies returns the one with the deeper path structure. For example, if two cookies had the same name but one had a path attribute of /www/ and the other of /www/home/, the client browser would send both cookies to the /www/home/ directory, but Request.Cookies would only return the second cookie.

To determine whether a cookie is a cookie dictionary (whether the cookie has keys), use the following script.

<%= Request.Cookies("myCookie").HasKeys %>

If myCookie is a cookie dictionary, the preceding value evaluates to TRUE. Otherwise, it evaluates to FALSE.

You can use an iterator to cycle through all the cookies in the Cookie collection, or all the keys in a cookie. However, iterating through keys on a cookie that does not have keys will not produce any output. You can avoid this situation by first checking to see whether a cookie has keys by using the .HasKeys syntax. This is demonstrated in the following example.

<%
'Print out the entire cookie collection.
For Each cookie in Request.Cookies
If Not cookie.HasKeys Then
'Print out the cookie string
%>
<%= cookie %> = <%= Request.Cookies(cookie)%>
<%
Else
'Print out the cookie collection
For Each key in Request.Cookies(cookie)
%>
<%= cookie %> (<%= key %>) = <%= Request.Cookies(cookie)(key)%>
<%
Next
End If
Next
%>

Examples
The following example prints the value of myCookie in a Web page.

Here is the value of the cookie named myCookie:
<%= Request.Cookies("myCookie") %>

Applies To
Request Object
Crash1hd
06-17-2003, 03:58 AM
Thanks Raf for all that info! It has given me a much better understanding of cookies! :cool:


So I had to change

If Request.Cookies("userid") <> "" Then
Session("username") = Request.Cookies("username")
Member1Query = "SELECT * FROM members WHERE username = '" & Session("username") & "'"
Set RSL = Conn.Execute(Member1Query)
If NOT RSL.EOF Then
Session("allow") = "Lok"
Session("clearance") = Request.Cookies("clearance")
Session("userid") = Request.Cookies("userid")
End If
End If

To

If Request.Cookies("userid") <> "" Then
Session("username") = Request.Cookies("username")
Member1Query = "SELECT * FROM members WHERE username = '" & Session("username") & "'"
Set RSL = Conn.Execute(Member1Query)
If NOT RSL.EOF Then
Session("allow") = "Lok"
Session("clearance") = RSL.Fields("clearance")
Session("userid") = RSL.Fields("userid")
End If
End If

Now it works great?

P.s. Is there a way to make the content in the cookie go on multiple line or are they only one liners?
raf
06-17-2003, 08:46 AM
Euhhh. I don't see the differnce

So I had to change

If Request.Cookies("userid") <> "" Then
Session("username") = Request.Cookies("username")
Member1Query = "SELECT * FROM members WHERE username = '" & Session("username") & "'"
Set RSL = Conn.Execute(Member1Query)
If NOT RSL.EOF Then
Session("allow") = "Lok"
Session("clearance") = Request.Cookies("clearance")
Session("userid") = Request.Cookies("userid")
End If
End If

To

If Request.Cookies("userid") <> "" Then
Session("username") = Request.Cookies("username")
Member1Query = "SELECT * FROM members WHERE username = '" & Session("username") & "'"
Set RSL = Conn.Execute(Member1Query)
If NOT RSL.EOF Then
Session("allow") = "Lok"
Session("clearance") = RSL.Fields("clearance")
Session("userid") = RSL.Fields("userid")
End If
End If


When you set your cookie, you use something like
Response.Cookies("mycookie")("type1") = "sugar"
and to get the value for variable "type1", you use
Request.Cookies("mycookie")("type1")
Nothing more to it.

P.s. Is there a way to make the content in the cookie go on multiple line or are they only one liners?

What do you mean? The cookievalue is just one long string. like
First=firstkeyvalue&Second=secondkeyvalue
(see info on previous post)ASP takes care of selecting the value for the variabels you specifyed.
Crash1hd
06-17-2003, 09:46 AM
Ok the difference is in red

So I had to change

If Request.Cookies("userid") <> "" Then
Session("username") = Request.Cookies("username")
Member1Query = "SELECT * FROM members WHERE username = '" & Session("username") & "'"
Set RSL = Conn.Execute(Member1Query)
If NOT RSL.EOF Then
Session("allow") = "Lok"
Session("clearance") = Request.Cookies("clearance")
Session("userid") = Request.Cookies("userid")
End If
End If

To

If Request.Cookies("userid") <> "" Then
Session("username") = Request.Cookies("username")
Member1Query = "SELECT * FROM members WHERE username = '" & Session("username") & "'"
Set RSL = Conn.Execute(Member1Query)
If NOT RSL.EOF Then
Session("allow") = "Lok"
Session("clearance") = RSL.Fields("clearance")
Session("userid") = RSL.Fields("userid")
End If

Not sure why but it works :)

Yep the cookie thing is one long line I was just wondering if it was possible to make it into 2 lines one line for each field
End If
raf
06-17-2003, 10:40 AM
Not sure why but it works

Good.good. But i can't imagen how. Unless you stored each value in a separate cookie or if the sessionvariable is set somewhere else.

I was just wondering if it was possible to make it into 2 lines one line for each field
The only one that ever sees this cookievalue is someone who cracks your cookie (don't think you really care about there comfort :D )
Crash1hd
06-17-2003, 11:30 AM
The only one that ever sees this cookievalue is someone who cracks your cookie (don't think you really care about there comfort :D )

True that true that :thumbsup: Thanks again!