Solved

what is the different between ASP Cookies and Session ?

Posted on 2001-06-03
12
260 Views
Last Modified: 2012-06-21
For me, there are the same thing.
Can any experts tell me what is exactly different
between them ? What is the advantage and disadvantage ?
0
Comment
Question by:decae2001
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +2
12 Comments
 
LVL 1

Expert Comment

by:moswa
ID: 6150676
a session is deleted when the browser is terminated,
a cookie is written on your computer and is still active the next time you visit the website

examples session and cookies:

session("name")=request.form("name")
and later call it by: <%=session("name")%> or
if session("name")="Tom Hanks" then ...

response.cookies("website")("name")= request.form("name")
response.cookies("website").Expires = DATE + 365
and later call it by:
<input NAME="name" value="<%=request.cookies("website")("name")%>">

0
 
LVL 2

Expert Comment

by:cybermoonlight
ID: 6150678
what was that?
the difference betweeen a cookie(response.cookies) and a session cookie(session("")) is where the cookie is stored(client/server)
your Q was "what is the difference between ASP cookie?..and what?
plz make this more clear
0
 
LVL 15

Accepted Solution

by:
robbert earned 30 total points
ID: 6150683
A Session cookie is a normal cookie with the name "ASPSESSIONID". A normal cookie don't having an expiration date.

Cookies without an expiration date expire when the browser closes. Session cookies, in opposite to other cookies, may also time out (at Session.SessionTimeout) - but that's not happening client-side, but server-side. That means IIS stops having this information stored and thus, a new Session cookie will be set when there's activity again.

So, Session cookies are client-side the same as normal cookies not having an expiration date.

You can set the expiration date with a normal cookie:
Response.Cookies("myCookie") = "myValue"
Response.Cookies("myCookie").Expires = "2010/1/1"

and delete it by:
Response.Cookies("myCookie").Expires = "1840/1/1"

We call that "persistant" cookies.

If the user's browser settings don't allow cookies, Session cookies won't work, too, and a new Session cookie will be set with loading another page.
IE5 differs and lets the user choose if to allow persistant or non-persistant cookies.

As for dis-/advantages:
+ If that isn't disabled server-side, a unique SessionID will be set with a Session cookie. You can also generate one, manually, (and identify the user by that) but the IIS Session engine only recognizes its own cookies. If it's able to do so, values you store in your custom Session cookies,

Session("x") = "y"

nextpage.asp:
x = Session("x")

can be retrieved. That's just easy and comfortable.

+ If you need to store values with the user for a longer time than this browser session, you would manually set cookies with an expiration date.
0
Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

 
LVL 15

Expert Comment

by:robbert
ID: 6150691
By,

> A normal cookie don't having an expiration
date.

(first line), I meant,

> A Session cookie is a normal cookie don't having an expiration date.

But it's the "one" cookie IIS' Session engine looks at when identifying the user.
0
 

Author Comment

by:decae2001
ID: 6150921
If The user's browser disable cookie, can I still use session ?
0
 
LVL 15

Expert Comment

by:robbert
ID: 6150940
No. When the user doesn't accept cookies, a new Session will be started with each page.
0
 

Author Comment

by:decae2001
ID: 6150947
robber,

Sound like to me, the session is created by ASP itself.
What if I want to use straight cookies, and not session
at all ?
0
 
LVL 15

Expert Comment

by:robbert
ID: 6150960
Session cookies will be set, though. That doesn't harm for most users but anyway, you can state at the top of your scripts,

<%@ ENABLESESSIONSSTATE=True|False %>

or set that in IIS, in the web application properties.
0
 

Author Comment

by:decae2001
ID: 6151129
Then, how do I know if the user has disabled the cookies ?
Will I get any return code number ?
0
 
LVL 15

Expert Comment

by:robbert
ID: 6151150
You need to check for cookies. There's a pitfall, so follow.

Set a test cookie:

Response.Cookies("test") = "test"

Then, (at the top of your script) check if the cookie has been accepted:

If Len(Request.Cookies("test")) = 0 Then
    Response.Redirect "wouldyoupleaseacceptcookies.asp"
End If

The pitfall (or bait) is that even if the user doesn't have cookies enabled - if you set a cookie and check it on the same page - it always appears to be set.

Thus, one strategy is to set a testcookie at all entry pages and to check the cookie on all follow-up pages.
Obviously, it's hard to pre-determine where the user comes in and where he navigates, next.

What I'm usually doing is, setting the testcookie by server-side ASP, and checking it by client-side JavaScript:

<%
Response.Cookies("testcookie") = "testcookie"
%>
<HTML>
<HEAD>
</HEAD>
<BODY>
<script language=javascript>
if (document.cookie.indexOf("testcookie=testcookie") >= 0)
document.location.href = "cookies.asp"
</script>
... regular HTML code ...
</BODY>
</HTML>

And, you apparently want to know it quite in-depth - you'ld also need to ensure that the user has JavaScript enabled:

<%
Response.Cookies("testcookie") = "testcookie"
%>
<HTML>
<HEAD>
</HEAD>
<BODY>
<script language=javascript>
if (document.cookie.indexOf("testcookie=testcookie") >= 0)
document.location.href = "cookies.asp"
</script>

<noscript language=javascript>
Please activate JavaScript.
</script>

... regular HTML code ...
</BODY>
</HTML>

There is a third option (beneath server-side setting and checking cookies on different pages, and doing that server- and client-side on the same page) - checking for cookies by using the www.browserhawk.com component in the global.asa, and from there, deciding what to do (it's great but not common).

These are the only options.
0
 
LVL 7

Expert Comment

by:weesiong
ID: 6151448
Robbert,

You always RIGHT!!

Regards,
Wee Siong!
0
 
LVL 1

Expert Comment

by:moswa
ID: 6151795
need a cookies.asp?! :)
http://rechten.kub.nl/projecten/cookiecheck.asp
(sorry, some text in dutch, but it says something about what cookies are and how you can accept cookies)

moswa
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:   The Exchange of informatio…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question