Solved

Force the creation of a new Session object

Posted on 2002-04-30
14
250 Views
Last Modified: 2008-02-01
I recently encountered a bit of a problem with one of my sites, whereby when I opened a new browser window (Ctrl + N), and started navigating through the site, the session variables created in the old window were overwritten with the new ones.

So, in my function where I declare the session variables for each navigational element in my site, can I create these inside new Session objects, that way forcing the two windows to use different sessions, as apposed to the same one?

Something like:

Function CreateNavigation(route)
     Select Case route
     Case "press_releases"
          Session.New()
          Session("page1") = "one.asp"
          Session("page2") = "two.asp"
     End Select
End Function
0
Comment
Question by:AlfaNoMore
  • 6
  • 4
  • 2
  • +2
14 Comments
 
LVL 20

Expert Comment

by:Silvers5
ID: 6980362
no.. it's a client side issue (browser settings) you can't controle it from server side.

0
 
LVL 4

Accepted Solution

by:
DJDoug earned 50 total points
ID: 6980399
Session objects are based on cookies put on the client.  ASP uses a cookie to provide a user session.  When you open your page again in a new browser, the server is seeing the same cookie on your client machine and thinks it is still in the same session.  That is why it is overwriting your session variable values on the other browser.  If you create a new session in a new browser, you will still have the same problem.  Your old window session variables will contain the new window values.  My recommendation is not to use session variables.

Can you explain what you are using the session variables for, and why you would want to open two browsers with the same page?  Perhaps I can recommend how to code it without using session variables.  Then you won't run into the above problem.

Hope my explanation helps.
0
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6980405
The only way I know to force a new session is to call the session.abondon method. As soon as you visit the page again, new session variables will be created.

Fritz the Blank
0
 
LVL 9

Author Comment

by:AlfaNoMore
ID: 6980459
I'm using a Session variable (in this case an Array), to store the path to be taken through an administration site. This way, I don;t have to have lots of checking on each page to determine what the next page is going to be, I just look in the Session variable.

I doubt the two browser issue will ever come up, but I was half way through one route, and needed some info from another part of the site. So I opened up a new browser window, found the info I wanted, and then went back to my original window. But I'd had a new route created for me, and instead of being on page X, I was taken to page Y, and it was a little confusing.

The code I'm using is as follows:

Sub CreateSessionVariables(sPageSelection)
'// creates a cookie holding the information needed for this selection
     Dim strSessConfirm, strSessRoute, intSessPreview, strSectionHeader

     Select Case sPageSelection '// current page selection
          Case "press_release_convert"
               strSessRoute = "../press_release.asp," _
                              &  "preview.asp," _
                              &  "xt_data-upload.asp," _
                              &  "attach.asp," _
                              &  "confirm.asp," _
                              &  "xt_go-live.asp," _
                              &  "result.asp," _
                              &  "newsbox.asp"
               strSessConfirm = "dsp_summary.asp," _
                              &  "dsp_files.asp"
               intSessPreview = 0
               strSectionHeader = "Press Release Upload"

          Case "press_release_display"
               strSessRoute = "../press_release.asp," _
                              &  "preview.asp," _
                              &  "xt_data-upload.asp," _
                              &  "xt_go-live.asp," _
                              &  "result.asp," _
                              &  "newsbox.asp"
               strSessConfirm = "dsp_summary.asp," _
                              &  "dsp_text.asp"
               intSessPreview = 1
               strSectionHeader = "Press Release Upload"
     End Select
     Response.Cookies("SelfService") = "" 'delete it first!!!
     Response.Cookies("SelfService").Expires = DateAdd("d", 1, Date())
     Response.Cookies("SelfService")("Route") = strSessRoute
     Response.Cookies("SelfService")("Confirm") = strSessConfirm
     Response.Cookies("SelfService")("Preview") = intSessPreview '// how many of strSessConfirm to use for the Preview
     Response.Cookies("SelfService")("SectionHeader") = strSectionHeader
End Sub

Sub ReadSessionVariables()
'// This creates three local variables based on the cookie written to the users' machine.
     astrSessRoute = Split(Request.Cookies("SelfService")("Route"), ",")
     astrSessConfirm = Split(Request.Cookies("SelfService")("Confirm"), ",")
     intSessPreview = Request.Cookies("SelfService")("Preview")
     'DeBug Request.Cookies("SelfService")("Route")
End Sub

Function NavigateRoute(iAdd)
     Dim thisIndex, allElem, thisPage
     Dim iLoop, iCurrInd
     Call ReadSessionVariables()
     allElem = Split(Request.ServerVariables("SCRIPT_NAME"), "/")
     thisPage = allElem(uBound(allElem))
     '// find the current index of astrSessRoute for this page
     For iLoop = lBound(astrSessRoute) To uBound(astrSessRoute)
          If thisPage = astrSessRoute(iLoop) Then
               iCurrInd = iLoop
               Exit For
          End If
     Next
     NavigateRoute = astrSessRoute(iCurrInd + iAdd)
End Function

/////////////////////////////
WHOA! Show's how much attention I pay to my own code, as this is using Cookies. Same problem though.

Maybe there is a solution in creating new cookies every time? But managing those could be a problem. Any ideas?
0
 
LVL 4

Expert Comment

by:DJDoug
ID: 6980536
Alfa, you will run into the same problem with creating cookies.

Fritz...you are right, but...I assume you meant you would put the session.abandon in the application_onstart event in the global.asa.  Because a new application is never started with the CTRL-N method of opening a new browser window, the session.abandon would never be called again.  If you put the session.abandon on the page load, then everytime the page is refreshed, either through submitting, or button clicking, or other, then all the session variable values will be killed.  Thus, session.abandon will not work for his problem.

Alfa...the chances that someone will use CTRL-N to open a new window are slim.  Most common users, if they want to open a new window, will go to their browser icon or startup menu, open the browser, then navigate to the page again.  If they do that, then a new application is started with a new user session, new cookies and everything works perfect.  CTRL-N stays in the same session, but I doubt very many people would use that way to open a new browser window.  Rather than changing your whole code to not use session variables and cookies to prevent the slim chance of this problem occurring, I would just stick with what you got, unless you have some time to fix the code.  In the future, it is a good idea to avoid session variables.  There is always a way around them.

If you want help in changing the code to eliminate the session variables, I will, but then you will have the cookie problem, too.  And from your code, it looks like those cookies are pretty important to your site.  My recommendation is to leave the site as is.  Everything cannot always be perfect.
0
 
LVL 4

Expert Comment

by:DJDoug
ID: 6980646
Alfa, if you want, you can disable CTRL-N.  I found this code at:

http://p2p.wrox.com/archive/javascript_howto/2001-09/27.asp

There is a way to trap the keys on IE5.0 and above. It involves using the
event object, which stores all the current information about the mouse and
key strokes, as well as other stuff.

To check if CTRL+N is being pressed, you can use this quick bit of code

--------------------
<script>
// function called every time a key is pressed down
function checkKP()
{
  if(event.ctrlKey)
    if((event.keyCode == 78) || (event.keyCode == 104))
      event.returnValue = false;
}
</script>
<body onkeydown="checkKP()">
</body>
--------------------
When any key is pressed, the checkKP() function is called. If the CTRL key
is being held down, it then checks the ASCII code for the other key that
has just been pressed.  If this is 78 (N) or 104 (n), it cancels the event
being run, by calling event.returnValue = false;


...This should solve your problem by forcing users to open a new browser by going to their icon or start menu.  Then, they will have to navigate to the page again and that will create a new session and preserve the old window's session.

Cheers.
0
 
LVL 9

Author Comment

by:AlfaNoMore
ID: 6980698
It was just me who had this problem. It hasn't come to light for the real users, so assume it probably never will (they're not that technical, as you say ;-))

I was just seeing if there was a way to override the session states, but as you all so rightly say, there isn't!

As for closing this question off then, should I just ask CS to remove it, or do you want to fight for the points? LOL.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 4

Expert Comment

by:DJDoug
ID: 6980752
As I said, the problem only happens when you open with CTRL-N.  Most of your users aren't having the problem because CTRL-N only works for some browsers (I.E. 4 and above, I believe.)  They probably are not using that browser and if they open a second window, they are doing it through their browser icon or start menu and navigating to the page, thus starting a new application and creating a new user session.  Thought I explained all that (excepting the browser specific CTRL-N).

Certainly some points should be awarded.  Your discretion as to how much to who.
0
 
LVL 6

Expert Comment

by:Mindphaser
ID: 6981322
Per request I will split the points between "DJDoug" and "fritz_the_blank". There will be a separate question for fritz_the_blank with the points.

** Mindphaser - Community Support Moderator **
0
 
LVL 20

Expert Comment

by:Silvers5
ID: 6981517
I disagree with you guys.. this is a typical browser issue and dependant from the client side and you can't handle it from the server.. check the link below:


http://www.aspfaq.com/show.asp?id=2172


so I guess you'll have to handle your points to me :o)) lool
0
 
LVL 4

Expert Comment

by:DJDoug
ID: 6981527
Silver, if you read my comments (all of them) you will see I am saying exactly what you are, even mentioning different browsers producing different results.  Neither I, nor Fritz suggested that this be handled from the server, as you say.  I am not stingy with the points, but both Fritz and I stated it was client and not able to be handled from server side.
0
 
LVL 20

Expert Comment

by:Silvers5
ID: 6981748
>If they do that, then a new application is started with a new user session,
new cookies and everything works perfect.  CTRL-N stays in the same session


.. I was correcting your erronous statements..

All this is browser dependent.. besides what you do with netscape.. etc..
I said first it is not possible and why.. I don't need the points (it was a joke) but I need to put the points over the i's


0
 
LVL 4

Expert Comment

by:DJDoug
ID: 6981791
That was not erroneous, that was absolutely correct for IE4 and above.  I am using IE 5.5 right now and that's exactly what happened when I tried it on my machine.  Researching CTRL-N, I found it applies to IE4 and above, and I specified that in a later comment.

Silver, I respect your expertise as I have used many of your answers as solutions to my own questions.  But, I think Alpha got the point.  You gave the first answer about it being a client problem, but you gave no explanation.  I was just trying to give Alpha some info on what session objects actually are, and a little explanation about why nothing could be done server side.  And I think he understood there was nothing that could be done server-side to resolve his problem.

...I use this site to share as much info as possible, not a point competition, and I think I provided some good information.  If you want the points, I'll freely give you the points I got for this answer.  No big deal to me either.  I just thought we were trying to help each other out here, not try to twist comments to try and prove someone wrong when, if you read all the comments together, it was explained.
0
 
LVL 20

Expert Comment

by:Silvers5
ID: 6981835
> am using IE 5.5 right now
and that's exactly what happened when I tried it on my machine.

if you read the ms qb articles in the links i gave you will see that this behavior now varies from machine to machine

you were correct to explain more and alpha is correct to assign to you the points.. and i was correcting some of your comments where i disagreed with you about that issue.. i made a little mistake by not fully reading all the posts..

>If you want the points, I'll freely give you the points I got for this answer

 I said I was joking.. common'.. I don't need points.. I have enough points for years to come :o)

0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
This video discusses moving either the default database or any database to a new volume.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now