Session ID in Classic ASP

Hello Experts,

Can anyone tell me how can I retrieve the Session ID in Classic ASP, and how many charecters is it?

Thank You
APD TorontoSoftware DeveloperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

APD TorontoSoftware DeveloperAuthor Commented:
I figured out, its Session.SessionID, but I'm getting a very wierd result...
in global.asa I have:
Sub Session_OnStart
  Session("sID") = "000"
End Sub
In pg1.asp I have:
Session("sID") = Session.SessionID
rs.Fields("SessionID") = Session("sID")
Response.Redirect("pg2.asp")
In pg2.asp I have:
Reponse.Write("id= " & Session("sID")
The ResultL
In my db, my SessionId equals 123456789 (correct, I guess)
my pg2.asp output is id= 000 (from my global.asa.  Shouldn't this matchm my db?)
0
SvenTech Lead Web-DevelopmentCommented:
If you are calling pg2.asp prior to pg1.asp the session id is "000"

You could also store the session id within the global.asa I think:

Sub Session_OnStart
  Session("sID") = Session.SessionID
End Sub

But I never tried that.
0
R_HarrisonCommented:
Why are you trying to save the sessionid as a session variable?  Can you not simply use Session.SessionID whenever you want to access the sessionid?
0
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

SvenTech Lead Web-DevelopmentCommented:
R_Harrison is right: The Session.SessionID is never changing as long as the session is active. It is only changing after timeout of the session or if the user has disabled session cookies.
0
ThinkPaperIT ConsultantCommented:
Here is some info on Session variables..

http://www.w3schools.com/ASP/asp_sessions.asp
0
APD TorontoSoftware DeveloperAuthor Commented:
Actually guys, I think I'm somehow loosing connection while in run-time.
For example, in  pg1.asp I have:
rs.Fields("SessionID") = Session.SessionID
...
...
...
Response.Redirect("pg2.asp?sID=" & Session.SessionID)
my values in my db and query string do not match.  How is that possible?
 HOWEVER... in pg2.asp I set other session variables, and in pg3.asp they are available
0
SvenTech Lead Web-DevelopmentCommented:
Is there somehwere a call to session.abandon? Or session.timeout = 0?

What is the whole code on these three pages? Are there includes?
0
APD TorontoSoftware DeveloperAuthor Commented:
Ok,
Let me give you little info - the purpose of this script is, in order to get info back from PayPal, i first need to save it to a db, then get the values from the db and do with them whatever.
FYI... PayPal goes to ipn.asp, which goes to thank-you.asp, which goes to appointment.asp.  Here's my code for all 3 pages, plus global.asa.

'global.asa*******************************************
 
<SCRIPT LANGUAGE=VBScript RUNAT=Server>
 
'You can add special event handlers in this file that will get run automatically when
'special Active Server Pages events occur. To create these handlers, just create a
'subroutine with a name from the list below that corresponds to the event you want to
'use. For example, to create an event handler for Session_OnStart, you would put the
'following code into this file (without the comments):
 
Sub Session_OnStart
	Session.Timeout = 1
End Sub
 
'EventName              Description
'Session_OnStart        Runs the first time a user runs any page in your application
'Session_OnEnd          Runs when a user's session times out or quits your application
'Application_OnStart    Runs once when the first page of your application is run for the first time by any user
'Application_OnEnd      Runs once when the web server shuts down
 
</SCRIPT>
 
'ipn.asp*************************************************
<%@LANGUAGE="VBScript"%>
 
	<!-- #include file = "includes/DBconn.asp" -->
 
<%
 
	
Call DBopen
		
	Set rsPP = Server.CreateObject("ADODB.Recordset")
	
Dim Item_name, Item_number, Payment_status, Payment_amount
Dim Txn_id, Receiver_email, Payer_email
Dim objHttp, str
 
' read post from PayPal system and add 'cmd'
str = Request.Form & "&cmd=_notify-validate"
 
' post back to PayPal system to validate
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP.4.0")
set objHttp = Server.CreateObject("Microsoft.XMLHTTP")
objHttp.open "POST", "https://www.paypal.com/cgi-bin/webscr", false
objHttp.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
objHttp.Send str
 
' assign posted variables to local variables
Item_name = Request.Form("item_name")
Item_number = Request.Form("item_number")
Payment_status = Request.Form("payment_status")
Payment_amount = Request.Form("mc_gross")
Payment_currency = Request.Form("mc_currency")
Txn_id = Request.Form("txn_id")
Receiver_email = Request.Form("receiver_email")
Payer_email = Request.Form("payer_email")
 
' Check notification validation
If (objHttp.responseText = "VERIFIED") then
 
	ppSQL = "SELECT * FROM tblPP"
	
	With rsPP
	
		.Open ppSQL, cnn, 1, 2
		.AddNew
			sID = Session.SessionID 
			.Fields("SessionID") = sID
			.Fields("fName") = Request.Form("first_name")
			.Fields("lName") = Request.Form("last_name")
			.Fields("eMail") = Request.Form("payer_email")
			.Fields("transID") = Request.Form("txn_id")
			 
		.Update 
		.Close 
	
	End With
End If
 
Set objHttp = Nothing
Set rsPP = Nothing
 
Response.Redirect("thank-you.asp?sID=" & sID)
%>
 
'thank-you.asp*******************************************
 
<%@ Language=VBScript %>
	
	<!-- #include file = "includes/DBconn.asp" -->
 
<%
 
	
Call DBopen
		
Set rsPP = Server.CreateObject("ADODB.Recordset")
	
'Code for PayPay Confirmation START
 
	sessID = Request.QueryString("sID")
	
	sql = "SELECT * FROM tblPP " & _
		  "WHERE (SessionID = '" & sessID & "')"
	
	Response.Write("id= " & sessID)
	With rsPP
	
		.Open sql, cnn, 1, 2
		
		If .EOF Then
			.Close 
			'Response.Redirect("networking.asp")
		End If
		
		.MoveFirst 
		
		Session("Payer_Name") = .Fields("fName") & " " & .Fields("lName")
		Session("Payer_EMail") = .Fields("eMail")
		Session("Sellers_TransID") = .Fields("transID")
		
		.Delete
		.UpdateBatch 
		.MoveNext 
		.ClosE
 
	End With
	
Set rsPP = Nothing
 
'Code for PayPay Confirmation END
 
	strMo = Left(date(), InStr(1, date(), "/") - 1)
	
	strDate = Mid(date(), (InStr(1, date(), "/") + 1), (Len(date()) - (InStr(1, date(), "/")) + 1) )
	
	strD = Left(strDate, InStr(1, strDate, "/") - 1)
	strY = Right(strDate, 4)
%>
 
<html>
 
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
 
<title>MAP Consulting</title>
</head>
 
<script language="JavaScript">
 
	function putDates() {
		document.getElementById("txtDate1").value = document.getElementById("Cal1").value;
		document.getElementById("txtDate2").value = document.getElementById("Cal2").value;
		document.getElementById("txtDate3").value = document.getElementById("Cal3").value;
		}
	
</script>
 
<body background="images/background.gif" style="background-attachment: fixed">
<center>
 
	<!-- #include file = "includes/header.asp" -->
	<!-- #include file = "includes/topnav.asp" -->
 
 
<!-- Body Table Start -->
		<table border="0" width="100%" id="table4">
			<tr>
				<td width="148" valign="top">
				<p align="center"><font face="Viner Hand ITC">
				<a href="Flyer.pdf">Current Flyer</a></font></p>
 
					<!-- #include file = "includes/rightnav.asp" -->
					<!-- #include file = "includes/announce.asp" -->				
 
				</td>
<!-- Page Content Begin -->				
				<td valign="top" width="652" bgcolor="#FFFFFF">
				<font face="Verdana"><br>
				
				<h2> Thank You, <%=Session("Payer_Name")%> ! </h2>
				
				<p align="justify">
				
				Thank you for your payment. Your transaction has been completed, and a receipt 
				for your purchase has been emailed to you. You may log into your account at <A 
				href="https://www.paypal.com/ca/">www.paypal.com/ca</A> to view details of this 
				transaction.
				<br> &nbsp;
				<br>
				
				Since you have ordered services, we require a few extra moments of your time.  Please indicate below
				three dates and time of preference as to when you would like for these services to be scheduled.  
				Our technical department will contact you shortly to confirm your appointment.
				</p>
			
			<form method="post" action="appointment.asp">
				
<br><br>
 
				<center>
					<table border=1 width=651> <tr>
						
						<td width=217 align=center>
						
							<%pref = 1%>
						
							<b> First Preference </b> <br><br>
 
							<OBJECT id="Cal<%=pref%>" style="LEFT: 0px; WIDTH: 216px; TOP: 0px; HEIGHT: 173px" height=173 
								width=216 classid="clsid:8E27C92B-1264-101C-8A2F-040224009C02" VIEWASTEXT>
								<PARAM NAME="_Version" VALUE="524288">
								<PARAM NAME="_ExtentX" VALUE="4572">
								<PARAM NAME="_ExtentY" VALUE="3662">
								<PARAM NAME="_StockProps" VALUE="1">
								<PARAM NAME="BackColor" VALUE="-2147483633">
								<PARAM NAME="Year" VALUE="<%=strY%>"> <!-- edit -->
								<PARAM NAME="Month" VALUE="<%=strMo%>"> <!-- edit -->
								<PARAM NAME="Day" VALUE="<%=strD%>"> <!-- edit -->	<PARAM NAME="DayLength" VALUE="1">
								<PARAM NAME="MonthLength" VALUE="1">
								<PARAM NAME="DayFontColor" VALUE="0">
								<PARAM NAME="FirstDay" VALUE="7">
								<PARAM NAME="GridCellEffect" VALUE="1">
								<PARAM NAME="GridFontColor" VALUE="10485760">
								<PARAM NAME="GridLinesColor" VALUE="-2147483632">
								<PARAM NAME="ShowDateSelectors" VALUE="-1">
								<PARAM NAME="ShowDays" VALUE="-1">
								<PARAM NAME="ShowHorizontalGrid" VALUE="-1">
								<PARAM NAME="ShowTitle" VALUE="0">
								<PARAM NAME="ShowVerticalGrid" VALUE="-1">
								<PARAM NAME="TitleFontColor" VALUE="10485760">
								<PARAM NAME="ValueIsNull" VALUE="0">
							</OBJECT>
							
							<input type=hidden name="txtDate<%=pref%>" id="txtDate<%=pref%>">
							<br>
							
							<select name="hr<%=pref%>">
							
							<%For h = 1 To 12
									If h < 10 Then %>
										<option value="0<%=h%>"> 0<%=h%> </option>
									<%Else%>
										<option value="<%=h%>"> <%=h%> </option>
									<%End If
							Next%>
							
							</select>
							
							:
							
							<select name="min<%=pref%>">
							
								<option value="00"> 00 </option>
								<option value="15"> 15 </option>
								<option value="30"> 30 </option>
								<option value="45"> 45 </option>
								
							</select>
							
							<select name="ampm<%=pref%>">
							
								<option value="AM"> AM </option>
								<option value="PM"> PM </option>
																
							</select>
							
						</td><td width=217 align=center>
 
							<%pref = 2%>
						
							<b> Second Preference </b> <br><br>
 
							<OBJECT id="Cal<%=pref%>" style="LEFT: 0px; WIDTH: 216px; TOP: 0px; HEIGHT: 173px" height=173 
								width=216 classid="clsid:8E27C92B-1264-101C-8A2F-040224009C02" VIEWASTEXT>
								<PARAM NAME="_Version" VALUE="524288">
								<PARAM NAME="_ExtentX" VALUE="4572">
								<PARAM NAME="_ExtentY" VALUE="3662">
								<PARAM NAME="_StockProps" VALUE="1">
								<PARAM NAME="BackColor" VALUE="-2147483633">
								<PARAM NAME="Year" VALUE="<%=strY%>"> <!-- edit -->
								<PARAM NAME="Month" VALUE="<%=strMo%>"> <!-- edit -->
								<PARAM NAME="Day" VALUE="<%=strD%>"> <!-- edit -->	<PARAM NAME="DayLength" VALUE="1">
								<PARAM NAME="MonthLength" VALUE="1">
								<PARAM NAME="DayFontColor" VALUE="0">
								<PARAM NAME="FirstDay" VALUE="7">
								<PARAM NAME="GridCellEffect" VALUE="1">
								<PARAM NAME="GridFontColor" VALUE="10485760">
								<PARAM NAME="GridLinesColor" VALUE="-2147483632">
								<PARAM NAME="ShowDateSelectors" VALUE="-1">
								<PARAM NAME="ShowDays" VALUE="-1">
								<PARAM NAME="ShowHorizontalGrid" VALUE="-1">
								<PARAM NAME="ShowTitle" VALUE="0">
								<PARAM NAME="ShowVerticalGrid" VALUE="-1">
								<PARAM NAME="TitleFontColor" VALUE="10485760">
								<PARAM NAME="ValueIsNull" VALUE="0">
							</OBJECT>
							
							<input type=hidden name="txtDate<%=pref%>" id="txtDate<%=pref%>">
							
							<br>
							
							<select name="hr<%=pref%>">
							
							<%For h = 1 To 12
									If h < 10 Then %>
										<option value="0<%=h%>"> 0<%=h%> </option>
									<%Else%>
										<option value="<%=h%>"> <%=h%> </option>
									<%End If
							Next%>
							
							</select>
							
							:
							
							<select name="min<%=pref%>">
							
								<option value="00"> 00 </option>
								<option value="15"> 15 </option>
								<option value="30"> 30 </option>
								<option value="45"> 45 </option>
								
							</select>
							
							<select name="ampm<%=pref%>">
							
								<option value="AM"> AM </option>
								<option value="PM"> PM </option>
																
							</select>
					
						</td><td width=217 align=center>
 
							<%pref = 3%>
						
							<b> Third Preference </b> <br><br>
 
							<OBJECT id="Cal<%=pref%>" style="LEFT: 0px; WIDTH: 216px; TOP: 0px; HEIGHT: 173px" height=173 
								width=216 classid="clsid:8E27C92B-1264-101C-8A2F-040224009C02" VIEWASTEXT>
								<PARAM NAME="_Version" VALUE="524288">
								<PARAM NAME="_ExtentX" VALUE="4572">
								<PARAM NAME="_ExtentY" VALUE="3662">
								<PARAM NAME="_StockProps" VALUE="1">
								<PARAM NAME="BackColor" VALUE="-2147483633">
								<PARAM NAME="Year" VALUE="<%=strY%>"> <!-- edit -->
								<PARAM NAME="Month" VALUE="<%=strMo%>"> <!-- edit -->
								<PARAM NAME="Day" VALUE="<%=strD%>"> <!-- edit -->	<PARAM NAME="DayLength" VALUE="1">
								<PARAM NAME="MonthLength" VALUE="1">
								<PARAM NAME="DayFontColor" VALUE="0">
								<PARAM NAME="FirstDay" VALUE="7">
								<PARAM NAME="GridCellEffect" VALUE="1">
								<PARAM NAME="GridFontColor" VALUE="10485760">
								<PARAM NAME="GridLinesColor" VALUE="-2147483632">
								<PARAM NAME="ShowDateSelectors" VALUE="-1">
								<PARAM NAME="ShowDays" VALUE="-1">
								<PARAM NAME="ShowHorizontalGrid" VALUE="-1">
								<PARAM NAME="ShowTitle" VALUE="0">
								<PARAM NAME="ShowVerticalGrid" VALUE="-1">
								<PARAM NAME="TitleFontColor" VALUE="10485760">
								<PARAM NAME="ValueIsNull" VALUE="0">
							</OBJECT>
							
							<input type=hidden name="txtDate<%=pref%>" id="txtDate<%=pref%>">
							<br>
							
							<select name="hr<%=pref%>">
							
							<%For h = 1 To 12
									If h < 10 Then %>
										<option value="0<%=h%>"> 0<%=h%> </option>
									<%Else%>
										<option value="<%=h%>"> <%=h%> </option>
									<%End If
							Next%>
							
							</select>
							
							:
							
							<select name="min<%=pref%>">
							
								<option value="00"> 00 </option>
								<option value="15"> 15 </option>
								<option value="30"> 30 </option>
								<option value="45"> 45 </option>
								
							</select>
							
							<select name="ampm<%=pref%>">
							
								<option value="AM"> AM </option>
								<option value="PM"> PM </option>
																
							</select>
					
						</td>
					</tr> </table>
					
					<br> <br>
					
					<input type=submit value="Submit Appointment Preferences" onClick="putDates();">
					
					<br><br>
				</center>
			</form>
				</font></td>
			</tr>
		</table>
<!-- Page Content End -->
		</td>
	</tr>
</table>
<!-- Body Table End -->
 
<!-- #include file = "includes/footer.asp" -->
</body>
 
</html>
 
'appointment.asp********************************************
 
<%@ Language=VBScript %>
<%
	toEMail = "aleks@aces-project.com"
	'toEMail = "xxx@msn.com"
	
	fromEMail = Session("Payer_EMail")
	name = Session("Payer_Name")
	transID = Session("Sellers_TransID")
 
'App 1:
	strDate = Request.Form("txtDate1")
	strDate = Left(strDate, (InStr(1, strDate, ":") - 3))
	
	app1 = strDate & " at "
	
	app1 = app1 & Request.Form("hr1") & ":"
	
	app1 = app1 & Request.Form("min1") & " "
	
	app1 = app1 & Request.Form("ampm1")
 
'App2:
	strDate = Request.Form("txtDate2")
	strDate = Left(strDate, (InStr(1, strDate, ":") - 3))
	
	app2 = strDate & " at "
	
	app2 = app2 & Request.Form("hr2") & ":"
	
	app2 = app2 & Request.Form("min2") & " "
	
	app2 = app2 & Request.Form("ampm2")
 
'App3:
	strDate = Request.Form("txtDate3")
	strDate = Left(strDate, (InStr(1, strDate, ":") - 3))
	
	app3 = strDate & " at "
	
	app3 = app3 & Request.Form("hr3") & ":"
	
	app3 = app3 & Request.Form("min3") & " "
	
	app3 = app3 & Request.Form("ampm3")
	
 
	subj = "Appointment Preferences from " & name 
	
	'HTML = "<!DOCTYPE HTML PUBLIC ""-//IETF//DTD HTML//EN"">" & vbCrLf
	HTML = HTML & "<html>"
	HTML = HTML & "<head>"
	'HTML = HTML & "<meta http-equiv=""Content-Type"""
	
	'HTML = HTML & ""content=""text/html; charset=iso-8859-1"">""
	'HTML = HTML & "<title>Sample NewMail</title>"
	HTML = HTML & "</head>"
	HTML = HTML & "<body>"
 
	HTML = HTML & "Hello Mateja, <BR><BR>"
	
	HTML = HTML & "You have just received appointment preferences from <B> " & name & "</B>. <BR> <BR>"
	
	HTML = HTML & name & "'s Transaction ID is <B> <A HREF=https://www.paypal.com/ca/cgi-bin/webscr?cmd=_view-a-trans&id="
	
	HTML = HTML & transID & "> " & transID & " </A> </B> <BR> <BR>"
	
	HTML = HTML & "<B> Appointment Preferences: </B <BR> <BR> "
	
	HTML = HTML & "&nbsp 1) " & app1 & " <BR> " 
	
	HTML = HTML & "&nbsp 2) " & app2 & " <BR> "
	
	HTML = HTML & "&nbsp 3) " & app3 & " <BR> "
	
	HTML = HTML & "<BR><BR><BR><BR>"
	
	HTML = HTML & "<FONT SISE=-1> This e-mail has been automatically generated by "
	
	HTML = HTML & "<A HREF=http://www.aces-project.com/> Ace's Project Deverlopment </A> </FONT>"
 
	HTML = HTML & "</body></html>"
 
	' Set the mail server configuration
	sendUrl="http://schemas.microsoft.com/cdo/configuration/sendusing"
	smtpUrl="http://schemas.microsoft.com/cdo/configuration/smtpserver"
 
	Set objConfig=CreateObject("CDO.Configuration")
	objConfig.Fields.Item(sendUrl)=2 ' cdoSendUsingPort
	objConfig.Fields.Item(smtpUrl)="relay-hosting.secureserver.net"
	objConfig.Fields.Update
 
 
	' Create and send the mail
	Set objMail=CreateObject("CDO.Message")
	' Use the config object created above
	Set objMail.Configuration=objConfig
	objMail.From=fromEMail
	objMail.To = toEMail
	objMail.Subject=subj
	objMail.HTMLBody = HTML
	objMail.Send
			
	
	 
	
	'Response.Redirect("index.asp")
%>
<html>
 
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>MAP Consulting</title>
</head>
 
<body background="images/background.gif" style="background-attachment: fixed">
<center>
 
	<!-- #include file = "includes/header.asp" -->
	<!-- #include file = "includes/topnav.asp" -->
 
 
<!-- Body Table Start -->
		<table border="0" width="100%" id="table4">
			<tr>
				<td width="148" valign="top">
				<p align="center"><font face="Viner Hand ITC">
				<a href="Flyer.pdf">Current Flyer</a></font></p>
 
					<!-- #include file = "includes/rightnav.asp" -->
					<!-- #include file = "includes/announce.asp" -->				
 
				</td>
<!-- Page Content Begin -->				
				<td valign="top" width="652" bgcolor="#FFFFFF">
				<font face="Verdana"><br>
				Your appointment preferences have been received.  
				<br><br>
				Our technical department will be in 
				touch with you in 1 business day.
				
				</font></td>
			</tr>
		</table>
<!-- Page Content End -->
		</td>
	</tr>
</table>
<!-- Body Table End -->
 
<!-- #include file = "includes/footer.asp" -->
</body>
 
</html>

Open in new window

0
R_HarrisonCommented:
The problem with PayPal!   I have some experience here, sometimes when you send visitors to paypal they spend to long on the PayPal site and your sessionid will timeout - so even if they follow the link back to your site the session is lost so you need to bear this in mind.

Also, you do realise that PayPals IPN is a blind request - i.e PayPals servers automatically calls a page on your server -  their is nobody is looking at a screen and browsing your site and if anybody was looking at the screen they would be PayPal employees not your customers.

Additionally, I would not pass the SessionID to paypal for security reasons.  SessionIDs should be kept secret otherwise your risk Session Hijacking attacks.

If you have a database recording the customers details, generate a unique ID number for the order and store that in the database.  Then pass this unique ID number to paypal and they will send it back to you with the IPN - you can then recall the order by the ID number and simply mark it paid, etc  - don't forget the IPN is from PayPal not your customer.

Your customer will then need some other way to review the order - perhaps a username and password?   Once you have verified who they are simply collect the data from the database and if PayPal have sent an IPN it will be marked at Paid!

Hope this is making sense, however feel free to ask questions if anything is unclear.
0
APD TorontoSoftware DeveloperAuthor Commented:
I understand what you're saying, but I'm calling Session.SessionID after PP returns the user to my site, and I'm usinig my values in a matter of miliseconds.  My flow is as follows:
PayPal --> ipn.asp --> thank-you.asp --> appointment.asp
Again, I'm calling Session.SessionID at Line 46 of ipn.asp, at Line 62 I do a redirect to thank-you.asp, and by Line 14 of thank-you.asp, I get a different Session.SessionID
0
APD TorontoSoftware DeveloperAuthor Commented:
Actually, in my db I  just changed my SessionID to AutoIncrement, and my code as shown below, but I'm still getting the following query string
.../thank-you.asp?sID=
That's all, nothing is following the equal sign.

If (objHttp.responseText = "VERIFIED") then
 
	ppSQL = "SELECT * FROM tblPP"
	
	With rsPP
	
		.Open ppSQL, cnn, 1, 2
		.AddNew
			
			'.Fields("SessionID") = sID
			.Fields("fName") = Request.Form("first_name")
			.Fields("lName") = Request.Form("last_name")
			.Fields("eMail") = Request.Form("payer_email")
			.Fields("transID") = Request.Form("txn_id")
			 
		.Update 
		.MoveNext 
		.MovePrevious 
		sID = .Fields("SessionID")
		.Close 
	
	End With
End If
 
Set objHttp = Nothing
Set rsPP = Nothing
 
Response.Redirect("thank-you.asp?sID=" & sID)

Open in new window

0
APD TorontoSoftware DeveloperAuthor Commented:
I have an account on GoDaddy's Shared Windows Server (IIS7).  Under the same account I have about 5 domains set up as follows:
maindomain.com  --> /
subdomain1.com --> /___subwebs/subdomain1.com

subdomain2.com --> /___subwebs/subdomain2.com

subdomain3.com --> /___subwebs/subdomain3.com

subdomain4.com --> /___subwebs/subdomain4.com

subdomain5.com --> /___subwebs/subdomain5.com
Further, subdomain4 is a huge web application that uses session variables without any problems.
The problem is in subdomain3 that is not holding the values.
Both subdomain2 and subdomain have their own global.asa in their root directories.  The rest of the domains are just static websites
Could this be a problem with my structure setup?  I'm doubtful, but I thought I'd ask.
Also, I came accross the following link that is for ASP.NET with the same symptoms, but I'm not sure if it is applicable: http://weblogs.asp.net/bleroy/archive/2004/08/03/Don_2700_t-redirect-after-setting-a-Session-variable-_2800_or-do-it-right_2900_.aspx
Thanks everyone!
0
SvenTech Lead Web-DevelopmentCommented:
I am also using paypal an IPNs with no problem. The problem could be out timed sessions. Set you Session.Timeout = 60 'minutes before sending the user to paypal and see if it works. On the return page (ipn.asp) you could lower the Session.Timeout to the standard value (20 minutes).

my structure for paypal is:

1. store user data in IPN-table and create a unique id (not sessionid) as primary key
2. send user to paypal in a popup window with the id as invoice number
3. refresh my still opened website every 30 seconds and look in IPN-table for transaction end (successful oder failed)
4. send user to ipn-return-page after payment and update IPN-table (use primary key, invoice number) with paypal status values
5. give the user feedback in popup windows and a close windows button
6. after next refresh of my website the status in the ipn-table leads the redirect to successful order or failure page, also I give the user a link to refresh the page manually

I never need the sessionid in this case ;)
0
APD TorontoSoftware DeveloperAuthor Commented:
Once again, all of my code takes place after the user has checked out and returned to my site from PP.
I did some playing around, and I think that PP is somehow restricting the session.  I don't know how this is possible, but I found out the following doesn't work with PP:
Session("name") = Request.Form("first_name")
Response.Write(Session("name"))
With any other form, I know that will work, but with PP you must first save it to a db, then you can do with the values whatever you want from your db.  I don't know how PP restricts writes, but they do, and I think this is some how related.
Below, I'm pasting 2 sets of code.  Both codes write to the same Access table, then retieve the SessionID value (which actually I adjusted to be AutoNumber in access) in to a session variable, and finally, both codes write the session variable to the screen.
The difference, code 1 doesn't connect to PP and writes the correct value to the screen, but code 2 connects to PP, saves the correct info, but when it writtes the session variable it is blank.
If this is also a restriction by PP then I do not see any other way accessing the correct record.  I really want to avoid creating a record before I send the userr to PP, because if they do not return, I have an useless record, and to fix this, I must get into logins and acounts on my end, which is really non-applicable  to this project.
Any suggestions?

'CODE 1******************************
 
<%@ Language=VBScript %>
 
	<!-- #include file = "includes/DBconn.asp" -->
 
<%
 
	
Call DBopen
		
	Set rsPP = Server.CreateObject("ADODB.Recordset")
		ppSQL = "SELECT * FROM tblPP"
	
	With rsPP
	
		.Open ppSQL, cnn, 1, 2
		.AddNew
			
			'.Fields("SessionID") = sID
			.Fields("fName") = "First" 'Request.Form("first_name")
			.Fields("lName") = "Last" 'Request.Form("last_name")
			'.Fields("eMail") = 'Request.Form("payer_email")
			'.Fields("transID") = 'Request.Form("txn_id")
			 
		.Update 
		.MoveNext 
		.MovePrevious 
		Session("sID") = .Fields("SessionID")
		.Close 
 
	End With
	
	
	Set rsPP = Nothing
 
Response.Write("<a href=2.asp> id= " & Session("sID") & "</a>")
'Response.Redirect("thank-you.asp")
%>
 
'CODE 2****************************
<%@LANGUAGE="VBScript"%>
 
	<!-- #include file = "includes/DBconn.asp" -->
 
<%
Session.Timeout = 10
 
	
Call DBopen
		
	Set rsPP = Server.CreateObject("ADODB.Recordset")
	
Dim Item_name, Item_number, Payment_status, Payment_amount
Dim Txn_id, Receiver_email, Payer_email
Dim objHttp, str
 
' read post from PayPal system and add 'cmd'
str = Request.Form & "&cmd=_notify-validate"
 
' post back to PayPal system to validate
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
' set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP.4.0")
set objHttp = Server.CreateObject("Microsoft.XMLHTTP")
objHttp.open "POST", "https://www.paypal.com/cgi-bin/webscr", false
objHttp.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
objHttp.Send str
 
' assign posted variables to local variables
Item_name = Request.Form("item_name")
Item_number = Request.Form("item_number")
Payment_status = Request.Form("payment_status")
Payment_amount = Request.Form("mc_gross")
Payment_currency = Request.Form("mc_currency")
Txn_id = Request.Form("txn_id")
Receiver_email = Request.Form("receiver_email")
Payer_email = Request.Form("payer_email")
 
' Check notification validation
If (objHttp.responseText = "VERIFIED") then
 
	ppSQL = "SELECT * FROM tblPP"
	
	With rsPP
	
		.Open ppSQL, cnn, 1, 2
		.AddNew
			
			'.Fields("SessionID") = ( CDBL(session.SessionID ) -0)
			.Fields("fName") = Request.Form("first_name")
			.Fields("lName") = Request.Form("last_name")
			.Fields("eMail") = Request.Form("payer_email")
			.Fields("transID") = Request.Form("txn_id")
			 
		.Update 
		.MoveNext 
		.MovePrevious 
		x = .Fields("SessionID")
		Session("sID") = .Fields("SessionID")
		.Close 
	
	End With
End If
 
Set objHttp = Nothing
Set rsPP = Nothing
 
Response.Write("x= " & x) 'BLANK
Response.Write("<a href=thank-you.asp> id= " & Session("sID") & "</a>")
'Response.Redirect("thank-you.asp")
%>

Open in new window

0
SvenTech Lead Web-DevelopmentCommented:
The record you are storing before taking the user to paypal is needed if your session is messed up or out timed! Why not storing a record? You could run a daily task which is removing the useless entries. Also an advantage is, that you are building a log table for all transactions.
0
APD TorontoSoftware DeveloperAuthor Commented:
DarthSonic,
I thought about your idea and will run in the same problem, given what I know thus far.  Let me explain...  First my flow is as follows:
My products.asp page sends the user to PP via PP's Add to Cart button.
When the user checks out PP sends the user to ipn.asp
My ipn.asp adds a new record to my db with info sent from PP and redircts the user to thank-you.asp
thank-you.asp reads my db record and sasys Thank you, Joe Smith, blah blah blah.
Now, by what you are saying, I can create a new 2-field table (transID-AutoNumber, DateTime)
In my products.asp I can delete all records < 5h and create a new record, somehow sending the transID to PP via my Add to Cart button.
When the user checks out, PP sends them back to my ipn.asp, where I save everything to my ipn table, including the transID that PP sends back.
Here's the question, since I'm not using session variables, and since PP only allows me to save in my db, not allowing me to use variables, in my thank-you.asp, how would I know my transID?
0
SvenTech Lead Web-DevelopmentCommented:
you do not need to know the trans id over sessions ;-)

with the add to cart button you can send a "invoice number" to paypal. that can be any alphanumeric value you wish. this value you have to store in db BEFORE add to cart button is clicked (or when clicked, but before redirecting to paypal). after return from paypal, paypal is sending this "invoice number" back to you and you can read the db by this value and update the db by this value.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Languages and Standards

From novice to tech pro — start learning today.