Solved

where is the data held before it reaches the databsae SQL SERVER 2000

Posted on 2007-11-26
26
253 Views
Last Modified: 2012-08-14
Hello everyone, can you tell me where is the data held before it reaches the databsae SQL SERVER 2000?!?!

Is it held in a cashe, in IIS?  Any ideas?
thank you,
angie
0
Comment
Question by:Gemini532
  • 12
  • 5
  • 4
  • +2
26 Comments
 

Author Comment

by:Gemini532
ID: 20352957
could it be in a local cashe on their computer, by their I mean the users who fill out our form?

This is a 7 page application which gets its data in the database only after all 7 pages have been filled...It treats the whole application as on huge page, and we are loosing data becasuse sometimes the data does not make it to the database... Can you think of any reason why this might happen?
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20353043
can you post the code from the page.... that send the data
0
 
LVL 29

Expert Comment

by:QPR
ID: 20353067
No idea, all depends on your web app. Session variables, postback data, cookie (unlikely due to size limitations), text file on the server?
Could the user be going for a walk between pages and 4 and 5 (for example) and their session times out, they return fill out the remainder of the form and end up only submitting the last bit to the DB as the first lot was lost when the session timed out?
0
 
LVL 8

Expert Comment

by:Chumad
ID: 20353078
It's stored in the RAM of the computer where IIS is running.

This is making an assumption though that you are using something like a Dataset or recordset.
0
 
LVL 8

Expert Comment

by:Chumad
ID: 20353082
My guess is that when you transfer from page to page, you are not keeping or passing the values from the first page to the next.
0
 
LVL 32

Expert Comment

by:bhess1
ID: 20353158
Since this is an ASP application, I assume IIS is involved :)

The data could be disappearing because a session is timing out, or because you are saving it in cookies but the user is disallowing cookies, or.... it depends on how the application is preserving the data between pages.

Do you have control over the application coding, or is it a third-party application?  If control is in-house, you may want to write all of the data to the DB in a staging table which holds it longer than a session would, and have a hidden field or URL parameter on all of the pages that contains the operational session - that is, some unique identifier you will use to track a user's data entry even when a session has expired.   Using this, you could decide that the data remains for 30 minutes since the last submission, or 30 days.
0
 

Author Comment

by:Gemini532
ID: 20353169
I am using a recordset
ODBC connection like this:
adodb.connection
0
 

Author Comment

by:Gemini532
ID: 20353189
Hi Chumad, if that was true, wouldnt' it make sense that NO ONE woudl be able to complete the applicatoin, where in our case it is only a small percentage of users and when they switch computers they're usually fine


What about the idea of using session varialbes which expire in 15 min, can we set to to expire when the user closes his browser sesssion, is that done in IIS?  or in the CODE through parameters?
0
 
LVL 31

Expert Comment

by:James Murrell
ID: 20353202
CODE through parameters
0
 

Author Comment

by:Gemini532
ID: 20353205
we're also using several sotred procedures especially to send out the emails from the application which lets the user know how many departments they have chosen if the email tells them zero, it means that their datad idn't mkae it to the DB because the application forces them to choose at lesat one
0
 

Author Comment

by:Gemini532
ID: 20353227
Do you have control over the application coding, or is it a third-party application?


I HAVE CONTROL, well the DB people do but they will be willing to work with me if you can only tell me what needs to be done... I myself am not an expert on IIS but I know we are using IIS and I did suspect that that is where the session variables would need to iincrease thier time to the point when the user closes his browser session...is this possilbe, can you tell me how?
0
 

Author Comment

by:Gemini532
ID: 20353249
Hi bhess1,

>>Do you have control over the application coding, or is it a third-party application?  If control is in-house, you may want to write all of the data to the DB in a staging table which holds it longer than a session would, and have a hidden field or URL parameter on all of the pages that contains the operational session - that is, some unique identifier you will use to track a user's data entry even when a session has expired.   Using this, you could decide that the data remains for 30 minutes since the last submission, or 30 days.


THIS IS it!  THANK YOU!  this is what we need.  However I do not understand a word of it... can you give me a link to read up on it... anything that coudl help me understand what you mean and most importantly can you tell me is this something done through code or in the IIS?
0
 
LVL 32

Expert Comment

by:bhess1
ID: 20353290
Unfortunately, IIS can not tell when a browser is closed without additional web coding requiring a mostly continuous connection between browser and server, which is not very scalable.

Increasing timeout in IIS is possible on a server wide basis.  If using ASP.NET, it can be done on a serverwide or application basis.  See

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/2a42175f-8756-4409-8db4-8c08b33b810b.mspx?mfr=true

for some examples
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 31

Accepted Solution

by:
James Murrell earned 200 total points
ID: 20353307
if not Asp.net  try this in IIS

Go to
- IIS Manager
- Right Cilck on the Websites Folder and go to properties
- Go to the home directory tab
- Click Configuration
- Go to Options
- Change the sesson state timeout to something larger

0
 
LVL 32

Expert Comment

by:bhess1
ID: 20353593
Is this an ASP.NET app?  A classic ASP app?  Something else?

What web coding languages?  PHP?  Java?  C#?  Something else?

Each variation of the above requires somewhat different techniques, although there are common points as well.  The coding environment on the web server side is as important as the DB, or the browser.
0
 

Author Comment

by:Gemini532
ID: 20353634
actually bhess1, my brohter is against your idea of leaving the session vairalbes open for a long time because they contain secure information which if hackers were to get at it it coudl open up us to lawsuits

I'm usin ASP(VBScript)

My brohter uses PHP to increase security while programming with session variables and he uses the following function 2 do it:
regenerate_session_id().
Is there an equavalent function in ASP?
0
 

Author Comment

by:Gemini532
ID: 20353648
I code in dreamweaver, I use IIS... what is a web server side?
0
 
LVL 29

Expert Comment

by:QPR
ID: 20353660
you should know that sessions timing out is only where there is no user activity (sending/receiving page/data) with the server.
The session will only time out if there is zero client-server activity for 15 minutes. Do any of your pages take this long to complete?

How about sending chunks (a page at a time) of data to a temp db and then on the last page submit, gather all the data back and insert it into your main table?
0
 
LVL 29

Assisted Solution

by:QPR
QPR earned 150 total points
ID: 20353681
unless you are using https or some sort of cusom encryption then you are sending that secure info to/from the server anyhow. A hacker is much more likely to get info over the wire than they are accessing the server itself
0
 
LVL 32

Assisted Solution

by:bhess1
bhess1 earned 150 total points
ID: 20353750
You may want to start by reviewing http://www.tutorialized.com/tutorial/Session-State/10367 for information on asp.net, and http://www.tutorialized.com/view/tutorial/Maintaining-Session-State-With-ASP/1470 for info on ASP.  There is much more detailed info available, and plenty of info available on using PHP to manage the session state as well.  In this context, Google is your friend.

As for the session information, it is only available in two areas:
    The user's PC
    The Website's session repository (DB or ?)

If the hacker has access to these areas, then you're hosed anyway, and they really don't need access to session information.  Cookies are more problematic, since using the app from a public terminal could result in unwanted information being available to a stranger.

But in any case, information from a multipage application needs to be maintained *somewhere*.  If that somewhere is not where you specify, then you have no control over the security of the data.  Who would you trust - you, or a random end user - when it comes to security, hmmm?
0
 
LVL 29

Expert Comment

by:QPR
ID: 20353845
If the cookie has no expiry date then it will be gone when the browser is closed (of course this assumes the user closes their browser). That said, cookies have limited capacity when it comes to holding data so 7 pages of form data could push the limits. Personally I'd go with holding the data either in a db or text file and appending to it when each page is submitted.
Put a datetime stamp on the page submits so that you can runa script on the db to clean up old unfinished visits.
Even with all this, when the session is gone it is gone so you are going to need someway ti ID the user if they return to fill out more pages.
If yu are dealing with secure data then I'm guessing they need to do this anyways?

User logs in.
Posts page 1 (write to DB)
Posts page 2 (write to DB)
*session ends!*
redirect to login page
user logs in
query data to pick up where we left off
Posts page 3 (write to DB)
etc
Posts page 7 (write to DB)
finished!

periodic sql script in DB
delete from mytable where page7data is null and lastactivity < dateadd(d,-1,getDate())


0
 

Author Comment

by:Gemini532
ID: 20359021
but I'm not tablkign about cookies, i'm taking about session variables in ASP, do they behave the same as cookies, exactly the same?
0
 
LVL 32

Expert Comment

by:bhess1
ID: 20360230
That depends on how you have configured ASP.  It can store session data in cookies, in a database, in memory on the server.  

You can also write mechanisms to preserve the data in hidden fields on the web pages fed to the user, in the URL data, in a DB, in files on the hard drive, or in dang near any other location you want.  But these are coding choices, not automatic functions of ASP
0
 

Author Comment

by:Gemini532
ID: 20365931
>>You can also write mechanisms to preserve the data in hidden fields on the web pages fed to the user, in the URL data, in a DB, in files on the hard drive, or in dang near any other location you want.  But these are coding choices, not automatic functions of ASP

Where does this configuration take place?  IIS?

I'm really sorry I know very little about Cookies and I have no access to IIS I have to work on this with someone who does as the application is on a server to which I do not have permissions...

Therefore, a lot of your explanation is very confusing me to, but I'm hoping it will make sense to my co-worker

Usually all the problems come to me, even if they are server problems and I have to come up with a solution before i cap approach the database administrators...

So what you are saying is that for each application on our server we can set the session varibles used by that application on IIS?  Increase their time out?  

However you are also saying that the session variables will NOT terminate when the browser session ends, but it will ONLY terminate at the end of the timeout set in IIS?

Am I understand this?
I'm sorry to keep asking but this is completely new to me... I have worked with cookies 5 years ago, and it was very simple cookies, however the session variables behave somewhat differently...

Also have you heard for something called Application Varaibles in ASP?  Would replacing session variables with application variables be any better?

The code is already written, we want to increase the timeout of the seession variables, but we are afraid to security risks.  After all the application is on the Internet, but it has SSL security it's on a https website...  How safe is it to incease the timeout for the session variables?

I promise this will be the last question, and once I get my answer, I will print this page and show it the the database administrator... He has acccess to the server and to IIS on the server where the application is located   :)
0
 

Author Comment

by:Gemini532
ID: 20365934
ALSO, thank you for the link bhess1       :)
0
 

Author Comment

by:Gemini532
ID: 20365945
I just noticed that the configuration is for IIS6, we do not have IIS6, or ASP.NET

we use regular ASP and the version of IIS before IIS6  I forget 4 or 5

Can you help me with a link pertaining that the configuration?
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Composite queries are used to retrieve the results from joining multiple queries after applying any filters. UNION, INTERSECT, MINUS, and UNION ALL are some of the operators used to get certain desired results.‚Äč
Browsers only know CSS so your awesome SASS code needs to be translated into normal CSS. Here I'll try to explain what you should aim for in order to take full advantage of SASS.
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.
Via a live example, show how to shrink a transaction log file down to a reasonable size.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now