[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 436
  • Last Modified:

ASP- server cookies

Ok, to be blunt, I am really frustrated.

I need to know what a server cookie is, and how to use one and I can't find anything on it. people keep mentioning session variables and server cookies as if they were the same thing, are they???????

Now I don't mean cookies that reside on a user's computer, I mean cookies that reside on a server.

Please, please, please tell me what a server cookie is and how to use it.

I am using plain old ASP, not ASP.NET.

Thank you!
0
vanauden
Asked:
vanauden
1 Solution
 
rdcproCommented:
Well, I've seen server cookies used in the context of network load balancing, but I'm pretty sure that's not what you're talking about.

The only thing I can think of is:

1.  They don't know what they're talking about; cookies are client-side things.  Calling a Session Variable a cookie is just silly, IMHO.

2.  They're talking about Server-to-Server HTTP requests, where your local server will need to process, persist, and supply cookies to the remote server.  For example, you aggregate an RSS news feed on your server, then send it to the client.  You may need to provide cookies from your server to the remote server when you make your request, and it may send you cookies in it's response.  The ServerXMLHTTPRequest object uses WinHTTP for these requests, and here's some MSDN info on how WinHTTP uses cookies:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winhttp/http/cookie_handling_in_winhttp.asp

These are, in fact, regular old cookies, but they're stored on the server.

Regards,
Mike Sharp
0
 
gladxmlCommented:
0
 
gladxmlCommented:
just look at it this way cookies refer to client side data that stored in the computer of the user. Now session varaibles are varibales that is stored on the server. But session variables is only active or usable for a scpecific amount of time but if you close the browser all session variables is lost. Unlike cookies it can be used for a specified time since it reside on the user computer it can be access again and again as long as it is not reach the specified time.(day, month...)

you can look at this link..

http://www.devguru.com/Technologies/asp/quickref/request_cookies.html
http://www.devguru.com/Technologies/asp/quickref/session.html
http://www.devguru.com/Technologies/asp/quickref/session_remove.html

HTH...

Happy programming...
0
[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

 
techjoshCommented:
"Server Cookie" is, I believe, a misnomer.  At least, its not something I've ever heard of.  What I believe you are referring to is the cookie that ASP creates for every session.  The cookie is sent to the client the first time the browser loads a page in that application.  It allows the server to identify that browser session and to use the proper session variables when displaying pages.

The cookie itself looks something like this: ASPSESSIONIDXXX=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
where the 'X' characters are some random alphanumeric characters.

This cookie makes it possible to use the Session object to persist values across page requests.  The ASP engine automagically looks up the proper session object to use for each response based on the cookie used in each request.  If the browser does not send that cookie, the ASP engine will assume that this request is a new session and send a new cookie.

So, to answer at least part of your question, cookies are essential for session variables to work.  They are not the same thing as session variables exist only at the server while cookies exist at, and are transmitted back and forth between, the server and browser.  Cookies can be used for other things besides temoprarily storing the ASPSESSIONID cookie, though.  They can store people's logon names, passwords, etc...  can be manipulated in the browser using javascript, and can persist for a long time in your browser's cache.  Session variables exist only for the duration of that session, but are more secure because their contents don't leave the server.
0
 
vanaudenAuthor Commented:
Hi techjosh

Thank you for the clear explanation. That tell me that I want to use session variables for what I want to do.

I fail to see why people would talk about "server cookies" if they don't exist. Just say "session variable" if that is what you mean!

A member of Experts-Exchange actually mentioned this term to me to help me on a related problem (I have been having trouble with a bingo/tictactoe game). (This is not a flame - merely information) However, it is not the first time I hear/read it.

here is the link--- http://www.experts-exchange.com/Databases/Microsoft_SQL_Server/Q_21188473.html#12469710

It is mentioned in the fourth message from the bottom.

Anyway, the point is moot. your answer gave me what I needed. A clear explanation.

Thank you, as well, to the rest of you who helped!
0
 
rdcproCommented:
Remember though, if the user's browser does not accept cookies, you won't be able to use session variables in ASP.  

<SoapBox>
In general, web applications that maintain state between requests are not good design, unless there's some compelling reason to to it.  They're expensive in terms of server resources (less so if you preserve session state in a DB).  Make sure you really need them before using them; there may be a more efficient stateless way of accomplishing whatever your goal is.  I've seen them used a lot of times out of "convenience" when there is a better way.  An example of this is a set of forms-processing pages.  When the user clicks submit on each form as they work through a set of pages, it's better to capture state in hidden form fields, submitting these each time along with the new values than it is to "remember" previous pages the user submitted.  Of course, you don't store sensitive information in this type of field!  

Stateless almost always scales better.  And it eliminates an entire class of bugs, just as pure functions are more robust than functions that exhibit side effects.  I've been doing web development for a long time, and it's pretty rare to "need" session variables in an application.  They are usually the result of either poor application design, or programmer laziness.  
</SoapBox>

That said, if any type of authentication/log in is needed, a session cookie and it's corresponding server-side session variable is probably necessary.  Just don't store things in session variables that should be put elsewhere.
Regards,
Mike Sharp



0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now