Solved

ASP.NET: Using a Cookie

Posted on 2003-12-06
7
618 Views
Last Modified: 2011-09-20
I have an internal login page where I need to be able to use a Cookie (or something) else to Save the user name and password when the user chenck a textbox then logs in.

   Thanks!

     - Marc
0
Comment
Question by:MarcGraff
7 Comments
 
LVL 5

Accepted Solution

by:
arjanh earned 500 total points
ID: 9888815
Here is a good example of using cookies in ASP.NET:
http://www.stlvbug.org/aspnet/cookie.aspx
0
 
LVL 28

Expert Comment

by:mmarinov
ID: 9889008
here is the complete sample of what you ask
http://www.gotdotnet.com/team/student/wintellect/aspnet_tutorial.aspx

B..G
0
 
LVL 15

Expert Comment

by:Raisor
ID: 9889295
Hi,

I'm not working with cookies anymore! -> I work "cookieless" ;-))

I save the Session GUID to the database -> as long as the user stays in that session I can track anything happening -> the rest (information management) is done by "user" classes -> one for logon another one for having access to user profile and so on ...

After accessing the website the user sees the following (as an example!) http://www.w62.net/(knmqwfv3smmyruajhg2juc2b)/Default.aspx

Everything is kept in the database with that key "knmqwfv3smmyruajhg2juc2b" -> and some more security features ;-))


... are you interested in that technology or are you going to accept the link above?


Best regards, Raisor
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Author Comment

by:MarcGraff
ID: 9889473
Raisor:
I love your pitch on "cookieless"...

How does the database get information back after the user logs off and logs on the next day?

   - Marc
0
 
LVL 1

Author Comment

by:MarcGraff
ID: 9889479
BTW Sorry about the time delay but I am still trying to get it all to work.

   - Marc
0
 
LVL 15

Expert Comment

by:Raisor
ID: 9889762
Hi,

Here we go:

-> the user comes as visitor to the site
-> the visitor is attached to a session GUID
-> if visitor logs on successfully the visitor is attached to the user ID
-> if user doesn't log on the visitor remains attached to session GUID
-> if visitor returns any other time the user is attached to a new session GUID
-> if visitor logs on successfully after any other return the user is attached to the user ID

What is this good for? ->

Many users have cookies disabled ... I have statistics from many sites of mine about this issue!
So any specific user information that is necessary to process your web sites critical business processes will be blown to air if you only depend on cookies and cookies are disabled!

I used to send visitors without cookies enabled to http://www.visitors-without-enabled-cookies.com trying to convince them there to enable cookies -> I tell you … that didn’t work at all and in the meantime I dropped that domain!

Here is one part of code from a Page_Load event that documents a basic how-to (and show which information I pick from unknown visitors!) …

            If Page.IsPostBack = False Then
                  If Not Request.ServerVariables("HTTP_ASPFILTERSESSIONID") Is Nothing Then
                        myGuestID = Request.ServerVariables("HTTP_ASPFILTERSESSIONID").ToString
                        Dim [myDB] As New snifferDB()
                        If [myDB].CheckVisitorCount(myGuestID) = 0 Then
                              If Not Request.ServerVariables("REMOTE_ADDR") Is Nothing Then
                                    myVisitorIP = Request.ServerVariables("REMOTE_ADDR").ToString
                              Else
                                    myVisitorIP = "0.0.0.0"
                              End If
                              If Not Request.ServerVariables("HTTP_REFERER") Is Nothing Then
                                    myVisitorREF = Request.ServerVariables("HTTP_REFERER").ToString
                              Else
                                    myVisitorREF = "From Heaven"
                              End If
                              myVisitorDLang = 0
                              Dim [myTime] As New TimeFunction()
                              myVisitorTime = [myTime].Generate_Timestamp(Day(Now), Month(Now), Year(Now), Hour(Now), Minute(Now), Second(Now))
                              [myTime] = Nothing
                              myVisitorSession = myGuestID
                              Dim myInterestBuffer As New webactBuffer()
                              myInterestBuffer.theIP = myVisitorIP
                              myInterestBuffer.theRef = myVisitorREF
                              myInterestBuffer.theDLang = myVisitorDLang
                              myInterestBuffer.theSLang = myVisitorSLang
                              myInterestBuffer.theSDialect = myVisitorSDialect
                              myInterestBuffer.theTime = myVisitorTime
                              myInterestBuffer.theSession = myVisitorSession
                              Dim myInterest As Boolean = myDB.AddActData(1, myInterestBuffer)
                              myInterestBuffer = Nothing
                              myInterest = Nothing
                        End If
                        [myDB] = Nothing
                  End If
            End If
      End Sub



This all relies on HTTP_ASPFILTERSESSIONID and this is the setting in "web.config" to retrieve cookieless state:

    <sessionState
            mode="InProc"
            stateConnectionString="tcpip=127.0.0.1:42424"
            sqlConnectionString="data source=127.0.0.1;user id=sa;password="
            cookieless="true"
            timeout="20"
    />


Please take this piece of code only as is … if you’re further interested I’ll prepare some more for you!


Best regards, Raisor
0
 
LVL 1

Author Comment

by:MarcGraff
ID: 9890077
I love this method even though I don't completly understand it. I would love to learn more about it so I created another question:
http://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/Q_20818484.html

I will have to use cookies while I learn "The Raisor" method but look forward to implementing "The Raisor" method in my next ASP page!

   - Marc
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

IP addresses can be stored in a database in any of several ways.  These ways may vary based on the volume of the data.  I was dealing with quite a large amount of data for user authentication purpose, and needed a way to minimize the storage.   …
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now