Monday, May 26, 2008

ASP Session

The Session object is used to store information about a user session. Session variables are used to store information about ONE single user, and are available to all pages in one application. Typically information stored in session variables are name, id, and preferences.

Internal mechanism:

Session is implemented by creating a unique id (session id) on the server for each user and embedding a cookie on the user machine with the session id. This is taken care of by isapi (internet server application programming interface) in server. If cookies are disabled in the user’s browser then isapi takes care of creating a cookie.
Session Starts when a new user requests an ASP file, and the Global.asa file includes a Session_OnStart procedure.
A session ends if a user has not requested or refreshed a page in the application for a specified period. By default, this is 20 minutes.

To set the timeout interval, Timeout property is used.
Session.Timeout=5

To end the session immediately, Abandon method is used.
Session.Abandon

Store session variables:
Session("username")="Donald Duck"

Retrieve session variables:
Response.Write(Session("username"))

Remove session variables:
If Session.Contents("age")<18

To remove all variables in a session, use the RemoveAll method:
Session.Contents.RemoveAll()
To know the number of items in the content collection: use Count property
Session.Contents.Count

To see the values of all objects stored in the session object:
dim i
For Each i in Session.StaticObjects
Response.Write(i)
Next

What is the difference between session and cookie?
# If you set the variable to "cookies", then your users will not have to log in each time they enter your community.
# The cookie will stay in place within the user’s browser until it is deleted by the user. But Sessions are popularly used, as the there is a chance of your cookies getting blocked if the user browser security setting is set high.
# If you set the variable to "sessions", then user activity will be tracked using browser sessions, and your users will have to log in each time they re-open their browser.
# The Key difference would be cookies are stored in your hard disk whereas a session isn’t stored in your hard disk. Sessions are basically like tokens, which are generated at authentication.
# A session is available as long as the browser is opened.
# Cookies are not secure where as sessions are secure.

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)