session

[David B]

Hi,

Could somebody please tell me how I check whether a session is dead based
soley on the Session.SessionID.
At present the timeout is set to 20 minutes in IIS, I am aware that I can
reset this on the page. However after 22 minutes, or some interval longer
than the session timeout, the Session.SessionID values is still availible.

What I want to achieve is this. There is a small section of my site that
must have an active session. When a user enteres this part of the site I
must check if the session is still active because I am going to want to
create variable in the sesion object. If the session is dead, I have to
figure out how I am going to handle this,
Can anybody suggest how to do this?? I am thinking I could either bring the
session back to life, is this possible?? or use some sort of client side
script to open a new window.

cheers

martin.

[Ray at]

"David B" <david1234@yahoo.com> wrote in message
news:%23DlikkUYDHA.1640@TK2MSFTNGP10.phx.gbl...

> Hi,
>
> Could somebody please tell me how I check whether a session is dead

based

> soley on the Session.SessionID.
> At present the timeout is set to 20 minutes in IIS, I am aware that I can
> reset this on the page. However after 22 minutes, or some interval longer
> than the session timeout, the Session.SessionID values is still availible.

A new ID will be created.

>
> What I want to achieve is this. There is a small section of my site that
> must have an active session.

The user will have an active session if he hits your site, even if that
section is the first place he goes.

> When a user enteres this part of the site I
> must check if the session is still active because I am going to want to
> create variable in the sesion object. If the session is dead, I have to
> figure out how I am going to handle this,
> Can anybody suggest how to do this?? I am thinking I could either bring

the

> session back to life, is this possible??

It happens on its own by the user hitting the server.

What is it that you really want to do? What is it that makes you need what
you describe?

Ray at home

[David B]

Ray, Cheers for the (exceptionally quick) reply,

This is the senariono, A user goes to my site and initially we are not
concernecd with sessions.
They then go onto a booking section. This booking section stores all
information in a database.
When a user starts a booking a new record is stored in the database with a
PK (integer) this PK is stored in a session variable (session("ID") so that
the user on the site can always connect to their required records in the
database.
However if the session expires then session("ID") is not availible.

At this point I want to tell the user that their session has expired.

However, the following code ALWAYS tells me the Session("ID") is numeric,
even if it does not exist.

if ISNUMERIC(Session("ID")) then
Response.Write("Session('ID') is numeric -- it is Alive -- session ID is
")
else
Response.Write("Session('ID') is not numeric -- it is dead") end if

I guess what I am asking in a nutshell is how I tell if the sesion has
expired.

Or maybe ISNUMERIC has a bug, returning true when the Session("ID") is
clearly empty ...:)

There are two different senarios for checking if the session has expired.

1. The user has not been assigned a session("ID") yet --- This seems to be
the most difficult case,

2. They are midway through the process, they have already been assigned a
session ID but the session has expired.

cheers

martin.


"Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in message
news:uuPb7tUYDHA.1872@TK2MSFTNGP12.phx.gbl...

> "David B" <david1234@yahoo.com> wrote in message
> news:%23DlikkUYDHA.1640@TK2MSFTNGP10.phx.gbl...

> > Hi,
> >
> > Could somebody please tell me how I check whether a session is dead

> based

> > soley on the Session.SessionID.
> > At present the timeout is set to 20 minutes in IIS, I am aware that I

can

> > reset this on the page. However after 22 minutes, or some interval

longer

> > than the session timeout, the Session.SessionID values is still

availible.

>
> A new ID will be created.
>

> >
> > What I want to achieve is this. There is a small section of my site that
> > must have an active session.

>
> The user will have an active session if he hits your site, even if that
> section is the first place he goes.
>

> > When a user enteres this part of the site I
> > must check if the session is still active because I am going to want to
> > create variable in the sesion object. If the session is dead, I have to
> > figure out how I am going to handle this,
> > Can anybody suggest how to do this?? I am thinking I could either bring

> the

> > session back to life, is this possible??

>
> It happens on its own by the user hitting the server.
>
> What is it that you really want to do? What is it that makes you need

what

> you describe?
>
> Ray at home
>
>

[Guinness Mann]

In article <#DlikkUYDHA.1640@TK2MSFTNGP10.phx.gbl>, [email]david1234@yahoo.com[/email]
says...

> Could somebody please tell me how I check whether a session is dead based
> soley on the Session.SessionID.

I don't think that changes until the browser closes.

> What I want to achieve is this. There is a small section of my site that
> must have an active session. When a user enteres this part of the site I
> must check if the session is still active because I am going to want to
> create variable in the sesion object.

I test a session variable that I know should be available:

If session("userId") = "" Then
figure out what to do
End If

> If the session is dead, I have to figure out how I am going to
> handle this...

I have the luxury of requiring my users to use IE6, so I use cookies. I
even have a class that figures out for itself if it needs to reload from
the cookies. Here's a short example:

Private Sub Class_Initialize( )

If session("FirstName") = "" Then
'Session must have expired - reload from the cookies
session("FirstName") = Request.Cookies ("User")("FName")
...
session("Rank") = Request.Cookies ("User")("UserRank")
End If

m_firstName = session("FirstName")
...
m_userRank = session("Rank")

End Sub


-- Rick

[David B]

Thank you all for the input.

I am now a lot clearer on when and how a session expires.

cheers

dave.


"Guinness Mann" <GMann@dublin.com> wrote in message
news:MPG.19a419506a7cab40989696@news.newsguy.com.. .

> In article <#DlikkUYDHA.1640@TK2MSFTNGP10.phx.gbl>, [email]david1234@yahoo.com[/email]
> says...

> > Could somebody please tell me how I check whether a session is dead

based

> > soley on the Session.SessionID.

>
> I don't think that changes until the browser closes.
>

> > What I want to achieve is this. There is a small section of my site that
> > must have an active session. When a user enteres this part of the site I
> > must check if the session is still active because I am going to want to
> > create variable in the sesion object.

>
> I test a session variable that I know should be available:
>
> If session("userId") = "" Then
> figure out what to do
> End If
>

> > If the session is dead, I have to figure out how I am going to
> > handle this...

>
> I have the luxury of requiring my users to use IE6, so I use cookies. I
> even have a class that figures out for itself if it needs to reload from
> the cookies. Here's a short example:
>
> Private Sub Class_Initialize( )
>
> If session("FirstName") = "" Then
> 'Session must have expired - reload from the cookies
> session("FirstName") = Request.Cookies ("User")("FName")
> ...
> session("Rank") = Request.Cookies ("User")("UserRank")
> End If
>
> m_firstName = session("FirstName")
> ...
> m_userRank = session("Rank")
>
> End Sub
>
>
> -- Rick

[Pierre]

Bonjour,

quand j'utilise header apres une authentification pour redirection, je perds
mes parametres de connexion.

est ce normal ? que puis-je faire pour y remédier ? existe t il une autre
commande qui me permetterai de faire la mm chose sans perdre mes parametres
?


Merci pour vos lumieres.

"Pierre" <pfe_nospam@freesurf.fr> wrote in message
news:bvqltb$cmg$1@biggoron.nerim.net...

> Bonjour,
>
> quand j'utilise header apres une authentification pour redirection, je

perds

> mes parametres de connexion.
>
> est ce normal ? que puis-je faire pour y remédier ? existe t il une autre
> commande qui me permetterai de faire la mm chose sans perdre mes

parametres

> ?
>
>
> Merci pour vos lumieres.
>
>

Pourquoi ne pas inclure les paramètres avec la redirection?

header("Location: newpage.php?var1=value1&var2=value2");

[Pierre]

en fait j'ai trouvé :

il faut préciser en haut de chaque page start_session.

et on récupere tout ce qu'on a stocké

<xyzzy> a écrit dans le message de
news:wpWdnbsvSq_GmrzdRVn-hw@comcast.com...

>
> "Pierre" <pfe_nospam@freesurf.fr> wrote in message
> news:bvqltb$cmg$1@biggoron.nerim.net...

> > Bonjour,
> >
> > quand j'utilise header apres une authentification pour redirection, je

> perds

> > mes parametres de connexion.
> >
> > est ce normal ? que puis-je faire pour y remédier ? existe t il une

autre

> > commande qui me permetterai de faire la mm chose sans perdre mes

> parametres

> > ?
> >
> >
> > Merci pour vos lumieres.
> >
> >

> Pourquoi ne pas inclure les paramètres avec la redirection?
>
> header("Location: newpage.php?var1=value1&var2=value2");
>
>
>

[Phil Barber]

I have a web project, and I am using the session variable. On rare
occasions, a user of my web site will call and tell me they can see another
users account information. This is, to say the least disturbing. I can not
seem to duplicate the problem. Has any one else heard of experienced this
issue?

thanks

Phil.