Session ID in Classic ASP
Hello Experts,
Can anyone tell me how can I retrieve the Session ID in Classic ASP, and how many charecters is it?
Thank You
Can anyone tell me how can I retrieve the Session ID in Classic ASP, and how many charecters is it?
Thank You
If you are calling pg2.asp prior to pg1.asp the session id is "000"
You could also store the session id within the global.asa I think:
Sub Session_OnStart
Session("sID") = Session.SessionID
End Sub
But I never tried that.
You could also store the session id within the global.asa I think:
Sub Session_OnStart
Session("sID") = Session.SessionID
End Sub
But I never tried that.
Why are you trying to save the sessionid as a session variable? Can you not simply use Session.SessionID whenever you want to access the sessionid?
R_Harrison is right: The Session.SessionID is never changing as long as the session is active. It is only changing after timeout of the session or if the user has disabled session cookies.
ASKER
Actually guys, I think I'm somehow loosing connection while in run-time.
For example, in pg1.asp I have:
rs.Fields("SessionID") = Session.SessionID
...
...
...
Response.Redirect("pg2.asp
my values in my db and query string do not match. How is that possible?
HOWEVER... in pg2.asp I set other session variables, and in pg3.asp they are available
For example, in pg1.asp I have:
rs.Fields("SessionID") = Session.SessionID
...
...
...
Response.Redirect("pg2.asp
my values in my db and query string do not match. How is that possible?
HOWEVER... in pg2.asp I set other session variables, and in pg3.asp they are available
Is there somehwere a call to session.abandon? Or session.timeout = 0?
What is the whole code on these three pages? Are there includes?
What is the whole code on these three pages? Are there includes?
ASKER
Ok,
Let me give you little info - the purpose of this script is, in order to get info back from PayPal, i first need to save it to a db, then get the values from the db and do with them whatever.
FYI... PayPal goes to ipn.asp, which goes to thank-you.asp, which goes to appointment.asp. Here's my code for all 3 pages, plus global.asa.
Let me give you little info - the purpose of this script is, in order to get info back from PayPal, i first need to save it to a db, then get the values from the db and do with them whatever.
FYI... PayPal goes to ipn.asp, which goes to thank-you.asp, which goes to appointment.asp. Here's my code for all 3 pages, plus global.asa.
'global.asa*******************************************
<SCRIPT LANGUAGE=VBScript RUNAT=Server>
'You can add special event handlers in this file that will get run automatically when
'special Active Server Pages events occur. To create these handlers, just create a
'subroutine with a name from the list below that corresponds to the event you want to
'use. For example, to create an event handler for Session_OnStart, you would put the
'following code into this file (without the comments):
Sub Session_OnStart
Session.Timeout = 1
End Sub
'EventName Description
'Session_OnStart Runs the first time a user runs any page in your application
'Session_OnEnd Runs when a user's session times out or quits your application
'Application_OnStart Runs once when the first page of your application is run for the first time by any user
'Application_OnEnd Runs once when the web server shuts down
</SCRIPT>
'ipn.asp*************************************************
<%@LANGUAGE="VBScript"%>
<!-- #include file = "includes/DBconn.asp" -->
<%
Call DBopen
Set rsPP = Server.CreateObject("ADODB.Recordset")
Dim Item_name, Item_number, Payment_status, Payment_amount
Dim Txn_id, Receiver_email, Payer_email
Dim objHttp, str
' read post from PayPal system and add 'cmd'
str = Request.Form & "&cmd=_notify-validate"
' post back to PayPal system to validate
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP.4.0")
set objHttp = Server.CreateObject("Microsoft.XMLHTTP")
objHttp.open "POST", "https://www.paypal.com/cgi-bin/webscr", false
objHttp.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
objHttp.Send str
' assign posted variables to local variables
Item_name = Request.Form("item_name")
Item_number = Request.Form("item_number")
Payment_status = Request.Form("payment_status")
Payment_amount = Request.Form("mc_gross")
Payment_currency = Request.Form("mc_currency")
Txn_id = Request.Form("txn_id")
Receiver_email = Request.Form("receiver_email")
Payer_email = Request.Form("payer_email")
' Check notification validation
If (objHttp.responseText = "VERIFIED") then
ppSQL = "SELECT * FROM tblPP"
With rsPP
.Open ppSQL, cnn, 1, 2
.AddNew
sID = Session.SessionID
.Fields("SessionID") = sID
.Fields("fName") = Request.Form("first_name")
.Fields("lName") = Request.Form("last_name")
.Fields("eMail") = Request.Form("payer_email")
.Fields("transID") = Request.Form("txn_id")
.Update
.Close
End With
End If
Set objHttp = Nothing
Set rsPP = Nothing
Response.Redirect("thank-you.asp?sID=" & sID)
%>
'thank-you.asp*******************************************
<%@ Language=VBScript %>
<!-- #include file = "includes/DBconn.asp" -->
<%
Call DBopen
Set rsPP = Server.CreateObject("ADODB.Recordset")
'Code for PayPay Confirmation START
sessID = Request.QueryString("sID")
sql = "SELECT * FROM tblPP " & _
"WHERE (SessionID = '" & sessID & "')"
Response.Write("id= " & sessID)
With rsPP
.Open sql, cnn, 1, 2
If .EOF Then
.Close
'Response.Redirect("networking.asp")
End If
.MoveFirst
Session("Payer_Name") = .Fields("fName") & " " & .Fields("lName")
Session("Payer_EMail") = .Fields("eMail")
Session("Sellers_TransID") = .Fields("transID")
.Delete
.UpdateBatch
.MoveNext
.ClosE
End With
Set rsPP = Nothing
'Code for PayPay Confirmation END
strMo = Left(date(), InStr(1, date(), "/") - 1)
strDate = Mid(date(), (InStr(1, date(), "/") + 1), (Len(date()) - (InStr(1, date(), "/")) + 1) )
strD = Left(strDate, InStr(1, strDate, "/") - 1)
strY = Right(strDate, 4)
%>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>MAP Consulting</title>
</head>
<script language="JavaScript">
function putDates() {
document.getElementById("txtDate1").value = document.getElementById("Cal1").value;
document.getElementById("txtDate2").value = document.getElementById("Cal2").value;
document.getElementById("txtDate3").value = document.getElementById("Cal3").value;
}
</script>
<body background="images/background.gif" style="background-attachment: fixed">
<center>
<!-- #include file = "includes/header.asp" -->
<!-- #include file = "includes/topnav.asp" -->
<!-- Body Table Start -->
<table border="0" width="100%" id="table4">
<tr>
<td width="148" valign="top">
<p align="center"><font face="Viner Hand ITC">
<a href="Flyer.pdf">Current Flyer</a></font></p>
<!-- #include file = "includes/rightnav.asp" -->
<!-- #include file = "includes/announce.asp" -->
</td>
<!-- Page Content Begin -->
<td valign="top" width="652" bgcolor="#FFFFFF">
<font face="Verdana"><br>
<h2> Thank You, <%=Session("Payer_Name")%> ! </h2>
<p align="justify">
Thank you for your payment. Your transaction has been completed, and a receipt
for your purchase has been emailed to you. You may log into your account at <A
href="https://www.paypal.com/ca/">www.paypal.com/ca</A> to view details of this
transaction.
<br>
<br>
Since you have ordered services, we require a few extra moments of your time. Please indicate below
three dates and time of preference as to when you would like for these services to be scheduled.
Our technical department will contact you shortly to confirm your appointment.
</p>
<form method="post" action="appointment.asp">
<br><br>
<center>
<table border=1 width=651> <tr>
<td width=217 align=center>
<%pref = 1%>
<b> First Preference </b> <br><br>
<OBJECT id="Cal<%=pref%>" style="LEFT: 0px; WIDTH: 216px; TOP: 0px; HEIGHT: 173px" height=173
width=216 classid="clsid:8E27C92B-1264-101C-8A2F-040224009C02" VIEWASTEXT>
<PARAM NAME="_Version" VALUE="524288">
<PARAM NAME="_ExtentX" VALUE="4572">
<PARAM NAME="_ExtentY" VALUE="3662">
<PARAM NAME="_StockProps" VALUE="1">
<PARAM NAME="BackColor" VALUE="-2147483633">
<PARAM NAME="Year" VALUE="<%=strY%>"> <!-- edit -->
<PARAM NAME="Month" VALUE="<%=strMo%>"> <!-- edit -->
<PARAM NAME="Day" VALUE="<%=strD%>"> <!-- edit --> <PARAM NAME="DayLength" VALUE="1">
<PARAM NAME="MonthLength" VALUE="1">
<PARAM NAME="DayFontColor" VALUE="0">
<PARAM NAME="FirstDay" VALUE="7">
<PARAM NAME="GridCellEffect" VALUE="1">
<PARAM NAME="GridFontColor" VALUE="10485760">
<PARAM NAME="GridLinesColor" VALUE="-2147483632">
<PARAM NAME="ShowDateSelectors" VALUE="-1">
<PARAM NAME="ShowDays" VALUE="-1">
<PARAM NAME="ShowHorizontalGrid" VALUE="-1">
<PARAM NAME="ShowTitle" VALUE="0">
<PARAM NAME="ShowVerticalGrid" VALUE="-1">
<PARAM NAME="TitleFontColor" VALUE="10485760">
<PARAM NAME="ValueIsNull" VALUE="0">
</OBJECT>
<input type=hidden name="txtDate<%=pref%>" id="txtDate<%=pref%>">
<br>
<select name="hr<%=pref%>">
<%For h = 1 To 12
If h < 10 Then %>
<option value="0<%=h%>"> 0<%=h%> </option>
<%Else%>
<option value="<%=h%>"> <%=h%> </option>
<%End If
Next%>
</select>
:
<select name="min<%=pref%>">
<option value="00"> 00 </option>
<option value="15"> 15 </option>
<option value="30"> 30 </option>
<option value="45"> 45 </option>
</select>
<select name="ampm<%=pref%>">
<option value="AM"> AM </option>
<option value="PM"> PM </option>
</select>
</td><td width=217 align=center>
<%pref = 2%>
<b> Second Preference </b> <br><br>
<OBJECT id="Cal<%=pref%>" style="LEFT: 0px; WIDTH: 216px; TOP: 0px; HEIGHT: 173px" height=173
width=216 classid="clsid:8E27C92B-1264-101C-8A2F-040224009C02" VIEWASTEXT>
<PARAM NAME="_Version" VALUE="524288">
<PARAM NAME="_ExtentX" VALUE="4572">
<PARAM NAME="_ExtentY" VALUE="3662">
<PARAM NAME="_StockProps" VALUE="1">
<PARAM NAME="BackColor" VALUE="-2147483633">
<PARAM NAME="Year" VALUE="<%=strY%>"> <!-- edit -->
<PARAM NAME="Month" VALUE="<%=strMo%>"> <!-- edit -->
<PARAM NAME="Day" VALUE="<%=strD%>"> <!-- edit --> <PARAM NAME="DayLength" VALUE="1">
<PARAM NAME="MonthLength" VALUE="1">
<PARAM NAME="DayFontColor" VALUE="0">
<PARAM NAME="FirstDay" VALUE="7">
<PARAM NAME="GridCellEffect" VALUE="1">
<PARAM NAME="GridFontColor" VALUE="10485760">
<PARAM NAME="GridLinesColor" VALUE="-2147483632">
<PARAM NAME="ShowDateSelectors" VALUE="-1">
<PARAM NAME="ShowDays" VALUE="-1">
<PARAM NAME="ShowHorizontalGrid" VALUE="-1">
<PARAM NAME="ShowTitle" VALUE="0">
<PARAM NAME="ShowVerticalGrid" VALUE="-1">
<PARAM NAME="TitleFontColor" VALUE="10485760">
<PARAM NAME="ValueIsNull" VALUE="0">
</OBJECT>
<input type=hidden name="txtDate<%=pref%>" id="txtDate<%=pref%>">
<br>
<select name="hr<%=pref%>">
<%For h = 1 To 12
If h < 10 Then %>
<option value="0<%=h%>"> 0<%=h%> </option>
<%Else%>
<option value="<%=h%>"> <%=h%> </option>
<%End If
Next%>
</select>
:
<select name="min<%=pref%>">
<option value="00"> 00 </option>
<option value="15"> 15 </option>
<option value="30"> 30 </option>
<option value="45"> 45 </option>
</select>
<select name="ampm<%=pref%>">
<option value="AM"> AM </option>
<option value="PM"> PM </option>
</select>
</td><td width=217 align=center>
<%pref = 3%>
<b> Third Preference </b> <br><br>
<OBJECT id="Cal<%=pref%>" style="LEFT: 0px; WIDTH: 216px; TOP: 0px; HEIGHT: 173px" height=173
width=216 classid="clsid:8E27C92B-1264-101C-8A2F-040224009C02" VIEWASTEXT>
<PARAM NAME="_Version" VALUE="524288">
<PARAM NAME="_ExtentX" VALUE="4572">
<PARAM NAME="_ExtentY" VALUE="3662">
<PARAM NAME="_StockProps" VALUE="1">
<PARAM NAME="BackColor" VALUE="-2147483633">
<PARAM NAME="Year" VALUE="<%=strY%>"> <!-- edit -->
<PARAM NAME="Month" VALUE="<%=strMo%>"> <!-- edit -->
<PARAM NAME="Day" VALUE="<%=strD%>"> <!-- edit --> <PARAM NAME="DayLength" VALUE="1">
<PARAM NAME="MonthLength" VALUE="1">
<PARAM NAME="DayFontColor" VALUE="0">
<PARAM NAME="FirstDay" VALUE="7">
<PARAM NAME="GridCellEffect" VALUE="1">
<PARAM NAME="GridFontColor" VALUE="10485760">
<PARAM NAME="GridLinesColor" VALUE="-2147483632">
<PARAM NAME="ShowDateSelectors" VALUE="-1">
<PARAM NAME="ShowDays" VALUE="-1">
<PARAM NAME="ShowHorizontalGrid" VALUE="-1">
<PARAM NAME="ShowTitle" VALUE="0">
<PARAM NAME="ShowVerticalGrid" VALUE="-1">
<PARAM NAME="TitleFontColor" VALUE="10485760">
<PARAM NAME="ValueIsNull" VALUE="0">
</OBJECT>
<input type=hidden name="txtDate<%=pref%>" id="txtDate<%=pref%>">
<br>
<select name="hr<%=pref%>">
<%For h = 1 To 12
If h < 10 Then %>
<option value="0<%=h%>"> 0<%=h%> </option>
<%Else%>
<option value="<%=h%>"> <%=h%> </option>
<%End If
Next%>
</select>
:
<select name="min<%=pref%>">
<option value="00"> 00 </option>
<option value="15"> 15 </option>
<option value="30"> 30 </option>
<option value="45"> 45 </option>
</select>
<select name="ampm<%=pref%>">
<option value="AM"> AM </option>
<option value="PM"> PM </option>
</select>
</td>
</tr> </table>
<br> <br>
<input type=submit value="Submit Appointment Preferences" onClick="putDates();">
<br><br>
</center>
</form>
</font></td>
</tr>
</table>
<!-- Page Content End -->
</td>
</tr>
</table>
<!-- Body Table End -->
<!-- #include file = "includes/footer.asp" -->
</body>
</html>
'appointment.asp********************************************
<%@ Language=VBScript %>
<%
toEMail = "aleks@aces-project.com"
'toEMail = "xxx@msn.com"
fromEMail = Session("Payer_EMail")
name = Session("Payer_Name")
transID = Session("Sellers_TransID")
'App 1:
strDate = Request.Form("txtDate1")
strDate = Left(strDate, (InStr(1, strDate, ":") - 3))
app1 = strDate & " at "
app1 = app1 & Request.Form("hr1") & ":"
app1 = app1 & Request.Form("min1") & " "
app1 = app1 & Request.Form("ampm1")
'App2:
strDate = Request.Form("txtDate2")
strDate = Left(strDate, (InStr(1, strDate, ":") - 3))
app2 = strDate & " at "
app2 = app2 & Request.Form("hr2") & ":"
app2 = app2 & Request.Form("min2") & " "
app2 = app2 & Request.Form("ampm2")
'App3:
strDate = Request.Form("txtDate3")
strDate = Left(strDate, (InStr(1, strDate, ":") - 3))
app3 = strDate & " at "
app3 = app3 & Request.Form("hr3") & ":"
app3 = app3 & Request.Form("min3") & " "
app3 = app3 & Request.Form("ampm3")
subj = "Appointment Preferences from " & name
'HTML = "<!DOCTYPE HTML PUBLIC ""-//IETF//DTD HTML//EN"">" & vbCrLf
HTML = HTML & "<html>"
HTML = HTML & "<head>"
'HTML = HTML & "<meta http-equiv=""Content-Type"""
'HTML = HTML & ""content=""text/html; charset=iso-8859-1"">""
'HTML = HTML & "<title>Sample NewMail</title>"
HTML = HTML & "</head>"
HTML = HTML & "<body>"
HTML = HTML & "Hello Mateja, <BR><BR>"
HTML = HTML & "You have just received appointment preferences from <B> " & name & "</B>. <BR> <BR>"
HTML = HTML & name & "'s Transaction ID is <B> <A HREF=https://www.paypal.com/ca/cgi-bin/webscr?cmd=_view-a-trans&id="
HTML = HTML & transID & "> " & transID & " </A> </B> <BR> <BR>"
HTML = HTML & "<B> Appointment Preferences: </B <BR> <BR> "
HTML = HTML & "  1) " & app1 & " <BR> "
HTML = HTML & "  2) " & app2 & " <BR> "
HTML = HTML & "  3) " & app3 & " <BR> "
HTML = HTML & "<BR><BR><BR><BR>"
HTML = HTML & "<FONT SISE=-1> This e-mail has been automatically generated by "
HTML = HTML & "<A HREF=http://www.aces-project.com/> Ace's Project Deverlopment </A> </FONT>"
HTML = HTML & "</body></html>"
' Set the mail server configuration
sendUrl="http://schemas.microsoft.com/cdo/configuration/sendusing"
smtpUrl="http://schemas.microsoft.com/cdo/configuration/smtpserver"
Set objConfig=CreateObject("CDO.Configuration")
objConfig.Fields.Item(sendUrl)=2 ' cdoSendUsingPort
objConfig.Fields.Item(smtpUrl)="relay-hosting.secureserver.net"
objConfig.Fields.Update
' Create and send the mail
Set objMail=CreateObject("CDO.Message")
' Use the config object created above
Set objMail.Configuration=objConfig
objMail.From=fromEMail
objMail.To = toEMail
objMail.Subject=subj
objMail.HTMLBody = HTML
objMail.Send
'Response.Redirect("index.asp")
%>
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>MAP Consulting</title>
</head>
<body background="images/background.gif" style="background-attachment: fixed">
<center>
<!-- #include file = "includes/header.asp" -->
<!-- #include file = "includes/topnav.asp" -->
<!-- Body Table Start -->
<table border="0" width="100%" id="table4">
<tr>
<td width="148" valign="top">
<p align="center"><font face="Viner Hand ITC">
<a href="Flyer.pdf">Current Flyer</a></font></p>
<!-- #include file = "includes/rightnav.asp" -->
<!-- #include file = "includes/announce.asp" -->
</td>
<!-- Page Content Begin -->
<td valign="top" width="652" bgcolor="#FFFFFF">
<font face="Verdana"><br>
Your appointment preferences have been received.
<br><br>
Our technical department will be in
touch with you in 1 business day.
</font></td>
</tr>
</table>
<!-- Page Content End -->
</td>
</tr>
</table>
<!-- Body Table End -->
<!-- #include file = "includes/footer.asp" -->
</body>
</html>
The problem with PayPal! I have some experience here, sometimes when you send visitors to paypal they spend to long on the PayPal site and your sessionid will timeout - so even if they follow the link back to your site the session is lost so you need to bear this in mind.
Also, you do realise that PayPals IPN is a blind request - i.e PayPals servers automatically calls a page on your server - their is nobody is looking at a screen and browsing your site and if anybody was looking at the screen they would be PayPal employees not your customers.
Additionally, I would not pass the SessionID to paypal for security reasons. SessionIDs should be kept secret otherwise your risk Session Hijacking attacks.
If you have a database recording the customers details, generate a unique ID number for the order and store that in the database. Then pass this unique ID number to paypal and they will send it back to you with the IPN - you can then recall the order by the ID number and simply mark it paid, etc - don't forget the IPN is from PayPal not your customer.
Your customer will then need some other way to review the order - perhaps a username and password? Once you have verified who they are simply collect the data from the database and if PayPal have sent an IPN it will be marked at Paid!
Hope this is making sense, however feel free to ask questions if anything is unclear.
Also, you do realise that PayPals IPN is a blind request - i.e PayPals servers automatically calls a page on your server - their is nobody is looking at a screen and browsing your site and if anybody was looking at the screen they would be PayPal employees not your customers.
Additionally, I would not pass the SessionID to paypal for security reasons. SessionIDs should be kept secret otherwise your risk Session Hijacking attacks.
If you have a database recording the customers details, generate a unique ID number for the order and store that in the database. Then pass this unique ID number to paypal and they will send it back to you with the IPN - you can then recall the order by the ID number and simply mark it paid, etc - don't forget the IPN is from PayPal not your customer.
Your customer will then need some other way to review the order - perhaps a username and password? Once you have verified who they are simply collect the data from the database and if PayPal have sent an IPN it will be marked at Paid!
Hope this is making sense, however feel free to ask questions if anything is unclear.
ASKER
I understand what you're saying, but I'm calling Session.SessionID after PP returns the user to my site, and I'm usinig my values in a matter of miliseconds. My flow is as follows:
PayPal --> ipn.asp --> thank-you.asp --> appointment.asp
Again, I'm calling Session.SessionID at Line 46 of ipn.asp, at Line 62 I do a redirect to thank-you.asp, and by Line 14 of thank-you.asp, I get a different Session.SessionID
PayPal --> ipn.asp --> thank-you.asp --> appointment.asp
Again, I'm calling Session.SessionID at Line 46 of ipn.asp, at Line 62 I do a redirect to thank-you.asp, and by Line 14 of thank-you.asp, I get a different Session.SessionID
ASKER
Actually, in my db I just changed my SessionID to AutoIncrement, and my code as shown below, but I'm still getting the following query string
.../thank-you.asp?sID=
That's all, nothing is following the equal sign.
.../thank-you.asp?sID=
That's all, nothing is following the equal sign.
If (objHttp.responseText = "VERIFIED") then
ppSQL = "SELECT * FROM tblPP"
With rsPP
.Open ppSQL, cnn, 1, 2
.AddNew
'.Fields("SessionID") = sID
.Fields("fName") = Request.Form("first_name")
.Fields("lName") = Request.Form("last_name")
.Fields("eMail") = Request.Form("payer_email")
.Fields("transID") = Request.Form("txn_id")
.Update
.MoveNext
.MovePrevious
sID = .Fields("SessionID")
.Close
End With
End If
Set objHttp = Nothing
Set rsPP = Nothing
Response.Redirect("thank-you.asp?sID=" & sID)
ASKER
I have an account on GoDaddy's Shared Windows Server (IIS7). Under the same account I have about 5 domains set up as follows:
maindomain.com --> /
subdomain1.com --> /___subwebs/subdomain1.com
subdomain2.com --> /___subwebs/subdomain2.com
subdomain3.com --> /___subwebs/subdomain3.com
subdomain4.com --> /___subwebs/subdomain4.com
subdomain5.com --> /___subwebs/subdomain5.com
Further, subdomain4 is a huge web application that uses session variables without any problems.
The problem is in subdomain3 that is not holding the values.
Both subdomain2 and subdomain have their own global.asa in their root directories. The rest of the domains are just static websites
Could this be a problem with my structure setup? I'm doubtful, but I thought I'd ask.
Also, I came accross the following link that is for ASP.NET with the same symptoms, but I'm not sure if it is applicable: http://weblogs.asp.net/ble
Thanks everyone!
maindomain.com --> /
subdomain1.com --> /___subwebs/subdomain1.com
subdomain2.com --> /___subwebs/subdomain2.com
subdomain3.com --> /___subwebs/subdomain3.com
subdomain4.com --> /___subwebs/subdomain4.com
subdomain5.com --> /___subwebs/subdomain5.com
Further, subdomain4 is a huge web application that uses session variables without any problems.
The problem is in subdomain3 that is not holding the values.
Both subdomain2 and subdomain have their own global.asa in their root directories. The rest of the domains are just static websites
Could this be a problem with my structure setup? I'm doubtful, but I thought I'd ask.
Also, I came accross the following link that is for ASP.NET with the same symptoms, but I'm not sure if it is applicable: http://weblogs.asp.net/ble
Thanks everyone!
I am also using paypal an IPNs with no problem. The problem could be out timed sessions. Set you Session.Timeout = 60 'minutes before sending the user to paypal and see if it works. On the return page (ipn.asp) you could lower the Session.Timeout to the standard value (20 minutes).
my structure for paypal is:
1. store user data in IPN-table and create a unique id (not sessionid) as primary key
2. send user to paypal in a popup window with the id as invoice number
3. refresh my still opened website every 30 seconds and look in IPN-table for transaction end (successful oder failed)
4. send user to ipn-return-page after payment and update IPN-table (use primary key, invoice number) with paypal status values
5. give the user feedback in popup windows and a close windows button
6. after next refresh of my website the status in the ipn-table leads the redirect to successful order or failure page, also I give the user a link to refresh the page manually
I never need the sessionid in this case ;)
my structure for paypal is:
1. store user data in IPN-table and create a unique id (not sessionid) as primary key
2. send user to paypal in a popup window with the id as invoice number
3. refresh my still opened website every 30 seconds and look in IPN-table for transaction end (successful oder failed)
4. send user to ipn-return-page after payment and update IPN-table (use primary key, invoice number) with paypal status values
5. give the user feedback in popup windows and a close windows button
6. after next refresh of my website the status in the ipn-table leads the redirect to successful order or failure page, also I give the user a link to refresh the page manually
I never need the sessionid in this case ;)
ASKER
Once again, all of my code takes place after the user has checked out and returned to my site from PP.
I did some playing around, and I think that PP is somehow restricting the session. I don't know how this is possible, but I found out the following doesn't work with PP:
Session("name") = Request.Form("first_name")
Response.Write(Session("na
With any other form, I know that will work, but with PP you must first save it to a db, then you can do with the values whatever you want from your db. I don't know how PP restricts writes, but they do, and I think this is some how related.
Below, I'm pasting 2 sets of code. Both codes write to the same Access table, then retieve the SessionID value (which actually I adjusted to be AutoNumber in access) in to a session variable, and finally, both codes write the session variable to the screen.
The difference, code 1 doesn't connect to PP and writes the correct value to the screen, but code 2 connects to PP, saves the correct info, but when it writtes the session variable it is blank.
If this is also a restriction by PP then I do not see any other way accessing the correct record. I really want to avoid creating a record before I send the userr to PP, because if they do not return, I have an useless record, and to fix this, I must get into logins and acounts on my end, which is really non-applicable to this project.
Any suggestions?
I did some playing around, and I think that PP is somehow restricting the session. I don't know how this is possible, but I found out the following doesn't work with PP:
Session("name") = Request.Form("first_name")
Response.Write(Session("na
With any other form, I know that will work, but with PP you must first save it to a db, then you can do with the values whatever you want from your db. I don't know how PP restricts writes, but they do, and I think this is some how related.
Below, I'm pasting 2 sets of code. Both codes write to the same Access table, then retieve the SessionID value (which actually I adjusted to be AutoNumber in access) in to a session variable, and finally, both codes write the session variable to the screen.
The difference, code 1 doesn't connect to PP and writes the correct value to the screen, but code 2 connects to PP, saves the correct info, but when it writtes the session variable it is blank.
If this is also a restriction by PP then I do not see any other way accessing the correct record. I really want to avoid creating a record before I send the userr to PP, because if they do not return, I have an useless record, and to fix this, I must get into logins and acounts on my end, which is really non-applicable to this project.
Any suggestions?
'CODE 1******************************
<%@ Language=VBScript %>
<!-- #include file = "includes/DBconn.asp" -->
<%
Call DBopen
Set rsPP = Server.CreateObject("ADODB.Recordset")
ppSQL = "SELECT * FROM tblPP"
With rsPP
.Open ppSQL, cnn, 1, 2
.AddNew
'.Fields("SessionID") = sID
.Fields("fName") = "First" 'Request.Form("first_name")
.Fields("lName") = "Last" 'Request.Form("last_name")
'.Fields("eMail") = 'Request.Form("payer_email")
'.Fields("transID") = 'Request.Form("txn_id")
.Update
.MoveNext
.MovePrevious
Session("sID") = .Fields("SessionID")
.Close
End With
Set rsPP = Nothing
Response.Write("<a href=2.asp> id= " & Session("sID") & "</a>")
'Response.Redirect("thank-you.asp")
%>
'CODE 2****************************
<%@LANGUAGE="VBScript"%>
<!-- #include file = "includes/DBconn.asp" -->
<%
Session.Timeout = 10
Call DBopen
Set rsPP = Server.CreateObject("ADODB.Recordset")
Dim Item_name, Item_number, Payment_status, Payment_amount
Dim Txn_id, Receiver_email, Payer_email
Dim objHttp, str
' read post from PayPal system and add 'cmd'
str = Request.Form & "&cmd=_notify-validate"
' post back to PayPal system to validate
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP.4.0")
set objHttp = Server.CreateObject("Microsoft.XMLHTTP")
objHttp.open "POST", "https://www.paypal.com/cgi-bin/webscr", false
objHttp.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
objHttp.Send str
' assign posted variables to local variables
Item_name = Request.Form("item_name")
Item_number = Request.Form("item_number")
Payment_status = Request.Form("payment_status")
Payment_amount = Request.Form("mc_gross")
Payment_currency = Request.Form("mc_currency")
Txn_id = Request.Form("txn_id")
Receiver_email = Request.Form("receiver_email")
Payer_email = Request.Form("payer_email")
' Check notification validation
If (objHttp.responseText = "VERIFIED") then
ppSQL = "SELECT * FROM tblPP"
With rsPP
.Open ppSQL, cnn, 1, 2
.AddNew
'.Fields("SessionID") = ( CDBL(session.SessionID ) -0)
.Fields("fName") = Request.Form("first_name")
.Fields("lName") = Request.Form("last_name")
.Fields("eMail") = Request.Form("payer_email")
.Fields("transID") = Request.Form("txn_id")
.Update
.MoveNext
.MovePrevious
x = .Fields("SessionID")
Session("sID") = .Fields("SessionID")
.Close
End With
End If
Set objHttp = Nothing
Set rsPP = Nothing
Response.Write("x= " & x) 'BLANK
Response.Write("<a href=thank-you.asp> id= " & Session("sID") & "</a>")
'Response.Redirect("thank-you.asp")
%>
The record you are storing before taking the user to paypal is needed if your session is messed up or out timed! Why not storing a record? You could run a daily task which is removing the useless entries. Also an advantage is, that you are building a log table for all transactions.
ASKER
DarthSonic,
I thought about your idea and will run in the same problem, given what I know thus far. Let me explain... First my flow is as follows:
My products.asp page sends the user to PP via PP's Add to Cart button.
When the user checks out PP sends the user to ipn.asp
My ipn.asp adds a new record to my db with info sent from PP and redircts the user to thank-you.asp
thank-you.asp reads my db record and sasys Thank you, Joe Smith, blah blah blah.
Now, by what you are saying, I can create a new 2-field table (transID-AutoNumber, DateTime)
In my products.asp I can delete all records < 5h and create a new record, somehow sending the transID to PP via my Add to Cart button.
When the user checks out, PP sends them back to my ipn.asp, where I save everything to my ipn table, including the transID that PP sends back.
Here's the question, since I'm not using session variables, and since PP only allows me to save in my db, not allowing me to use variables, in my thank-you.asp, how would I know my transID?
I thought about your idea and will run in the same problem, given what I know thus far. Let me explain... First my flow is as follows:
My products.asp page sends the user to PP via PP's Add to Cart button.
When the user checks out PP sends the user to ipn.asp
My ipn.asp adds a new record to my db with info sent from PP and redircts the user to thank-you.asp
thank-you.asp reads my db record and sasys Thank you, Joe Smith, blah blah blah.
Now, by what you are saying, I can create a new 2-field table (transID-AutoNumber, DateTime)
In my products.asp I can delete all records < 5h and create a new record, somehow sending the transID to PP via my Add to Cart button.
When the user checks out, PP sends them back to my ipn.asp, where I save everything to my ipn table, including the transID that PP sends back.
Here's the question, since I'm not using session variables, and since PP only allows me to save in my db, not allowing me to use variables, in my thank-you.asp, how would I know my transID?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
in global.asa I have:
Sub Session_OnStart
Session("sID") = "000"
End Sub
In pg1.asp I have:
Session("sID") = Session.SessionID
rs.Fields("SessionID") = Session("sID")
Response.Redirect("pg2.asp
In pg2.asp I have:
Reponse.Write("id= " & Session("sID")
The ResultL
In my db, my SessionId equals 123456789 (correct, I guess)
my pg2.asp output is id= 000 (from my global.asa. Shouldn't this matchm my db?)