Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 820
  • Last Modified:

Session Variables

<rogueripper>

Hi there!

Scenario:
I have 5 client machines running an ASP System inside an hta. (controlled environment)
All 5 client machines has Windows 2000 pro installed and IE 6 as the Web browser.

Whenever the clients logs onto the ASP System, their "user_id" gets stored into a session variable.

e.g:

Session("User_ID") = rst("User_ID")

Problem:
4 of the 5 machines actualy recocnizes the Session variable.
The other machine does not even pick it up! (i check for it inside a popup window)

I opened IE6, set the Security settings for Internet, Intranet and Trusted Sites to the lowest possible settings- enabling all, anonymous loggon, accept all cookies, refresh at every visit etc.

Again- 4 out of 5 machines this is working perfectly, it is just one machine (with the exact same IE security settings) that does not recocnize the Session variable.

I tested the ASP System inside the IE 6 browser (without using hta) and then the Session variable is recocnized, it is only as soon as the hta is running that it loses the Session variable.

Any specific securities I need to change for the hta, if so how do I go about doing that?

(o: aaargh! I am pulling out hair! :o)

Thanx in advance for anybody with a sollution! :o)

</rogueripper>
0
rogueripper
Asked:
rogueripper
  • 4
1 Solution
 
ap_sajithCommented:
from a posting in the web..

 After you install security patch MS01-055 for Microsoft Internet Explorer
 5.5 or 6.0, you may encounter the following problems:
 Session variables are lost.
 Session state is not maintained between requests.
 Cookies are not set on the client system.

NOTE: These problems can also occur after you install a more recent patch  that includes the fix that is provided in security patch MS01-055.

CAUSE
Security patch MS01-055 prevents servers with improper name syntax from  setting cookies names. Domains that use cookies must use only alphanumeric  characters ("-" or ".") in the domain name and the server name. Internet  Explorer blocks cookies from a server if the server name contains other  characters, such as an underscore character ("_").
If you have an underscore in your domain name, if you are using frames,  cookies wont work in IE6 for these cases.
 
Because ASP session state and session variables rely on cookies to function,  ASP cannot maintain session state between requests if cookies cannot be set  on the client.

RESOLUTION
To work around this problem, use one of the following methods:
Rename the domain name and the server name, and use only alphanumeric  characters.
Browse to the server by using the Internet Protocol (IP) address rather than  the domain/server name.

NOTE: You may need to change the Microsoft Internet Information Server (IIS)  configuration after you rename a server

Hope this helps...
Cheers!!
0
 
ap_sajithCommented:
more.... here is the complete article about my first post...

http://www.iisfaq.com/default.aspx?View=A508&P=1

Cheers!!
0
 
rogueripperAuthor Commented:
<rogueripper>

Hi there ap_sajith!

Your answer is 100% correct! I lose my Session Variables because of the Windows update patches. <grrrrrr>

The reason is for security issues.

I did discover a workaround though:

I create a shortcut with the following line:

"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -k "http://myserver/default.asp"

Where -k = kiosk mode :o)

This works 100%

Thanx again for your speedy response!

</rogueripper>
0
 
ap_sajithCommented:
Glad to have helped ... And tell you what.. I've learned something new too.. ;o)

Cheers!!
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now