Solved

Session Variable Lost - Back Button

Posted on 2013-12-17
7
895 Views
Last Modified: 2013-12-23
Hi

I have an ASP.Net website where users create an application and then proceed to a confirmation page and then a payment page.

This is all working fine but I have an issue when users click the back button on the payment page.

The confirmation page has a Submit button and this creates a record in the database and stores this in a session variable with the intention that if they click the back button on the payment page and then click submit again I can check this value and not create a new record.

However, when the user click the back button on the payment page the confirmation page is reloaded and the session variable is nothing.

This does not make sense to me as I though that the loading of pages from the local cache would not have any affect upon session variables that had been set.

Grateful for any advice regarding this.
0
Comment
Question by:BorisMatthews
  • 4
  • 3
7 Comments
 
LVL 27

Expert Comment

by:Chinmay Patel
ID: 39723824
Without looking at your code it will be difficult to provide you guidance. Kindly post your code.
0
 

Author Comment

by:BorisMatthews
ID: 39724002
Hi

OK, here is the code in the Confirm button.  This checks if there is a RaceEntryID Session variable set and if so does not create a new record in the database.  Then the code sets the variable before transferring top the payment confirmation page using server.transfer.

If, once on the Payment Confirmation page I click the back button the RaceEntryID session variable = nothing.

    Protected Sub cmdConfrim_Click(sender As Object, e As System.EventArgs) Handles cmdConfrim.Click

        Dim strConn As String
        Dim strSQL As String
        Dim intRaceEntryID As Integer
        Dim strOrderID As String

        'Refresh the values after postback
        _Title = Me.lbTitle.Text
        _FirstName = Me.lbFirstName.Text
        _LastName = Me.lbLastName.Text
        _FullName = Me.lbName.Text
        _Address1 = Me.lbAddress1.Text
        _Address2 = Me.lbAddress2.Text
        _Address3 = Me.lbAddress3.Text
        _PostTown = Me.lbPostTown.Text
        _PostCode = Me.lbPostCode.Text
        _CountryID = Me.lbCountryID.text
        _TelNumber = Me.lbTelNumber.Text
        _MobileNumber = Me.lbMobileNumber.Text
        _EmailAddress = Me.lbEmailAddress.Text
        _Gender = Me.lbGender.Text
        _DoB = CDate(Me.lbDoB.Text)
        _RaceTypeID = Me.lbRaceTypeID.Text
        _TeamEntry = Me.lbTeamEntry.Text
        _TeamName = Me.lbTeamName.Text
        _FirstMudMadness = Me.lbFirstMudMadness.Text
        _TShirtSizeID = Me.lbTShirtSizeID.Text
        _MarieCurieOptIn = Me.lbMarieCurieOptIn.Text
        _DonationValue = Me.lbDonationValue.Text
        _MedicalConditions = Me.lbMedicalConditions.Text
        _EmergencyContactName = Me.lbEmergencyContactName.Text
        _EmergencyContactNumber = Me.lbEmergencyContactNumber.Text
        _HowDidYouHear = Me.lbHowDidYouHear.Text

        _RaceFee = Me.lbRaceFee.Text
        _TotalValue = _RaceFee + _DonationValue

        'Create DB record and assign the RaceEntryID
        'If the user clicks the back button on the final payment form
        'Then we must ensure that they do not create a second record in the database
        If IsNothing(Session("RaceEntryID")) Then
            Try
                strConn = GetConnString()

                Using cnnDR = New OleDbConnection(strConn)
                    Using cmdDR = cnnDR.CreateCommand
                        cnnDR.Open()

                        'Insert race entry
                        strSQL = "INSERT INTO tblRaceEntries (RaceTypeID, Title, LastName, FirstName, Address1, Address2, Address3, PostTown, PostCode, CountryID, " _
                            & "TelNumber, MobileNumber, Gender, DoB, EntryFee, TeamEntry, TeamName, MarieCurieOptIn, DonationValue, GiftAid, " _
                            & "TCAccepted, EmailAddress, FirstMudMadness, TShirtSizeID, MedicalConditions, EmergencyContactName, EmergencyContactNumber, HowDidYouHear) " _
                            & "VALUES (" & _RaceTypeID & ", '" & _Title.Replace("'", "''") & "', '" & _LastName.Replace("'", "''") & "', '" & _FirstName.Replace("'", "''") _
                            & "', '" & _Address1.Replace("'", "''") & "', '" & _Address2.Replace("'", "''") & "', '" & _Address3.Replace("'", "''") _
                            & "', '" & _PostTown.Replace("'", "''") & "', '" & _PostCode.Replace("'", "''") & "', " & _CountryID & ", '" & _TelNumber.Replace("'", "''") _
                            & "', '" & _MobileNumber.Replace("'", "''") & "', '" & _Gender.Replace("'", "''") _
                            & "', '" & Format(_DoB, "yyyy/MM/dd") & "', " & _RaceFee & ", " & _TeamEntry & ", '" & _TeamName.Replace("'", "''") & "', " & _MarieCurieOptIn _
                            & ", " & _DonationValue & ", " & _GiftAid & ", True, '" & _EmailAddress.Replace("'", "''") & "', " & _FirstMudMadness & ", " & _TShirtSizeID _
                            & ", '" & _MedicalConditions & "', '" & _EmergencyContactName & "', '" & _EmergencyContactNumber & "', '" & _HowDidYouHear & "')"
                        cmdDR.CommandType = CommandType.Text
                        cmdDR.CommandText = strSQL
                        cmdDR.ExecuteNonQuery()

                        'get new race Entry ID
                        strSQL = "SELECT @@IDENTITY"
                        cmdDR.CommandText = strSQL
                        intRaceEntryID = cmdDR.ExecuteScalar()

                        strOrderID = "MM2014_" & CStr(intRaceEntryID)
                        _OrderID = strOrderID

                        'Update table with OrderID - This is then used to identify the record when returning from payment gateway
                        strSQL = "UPDATE tblRaceEntries SET OrderID = '" & strOrderID & "' WHERE RaceEntryID = " & intRaceEntryID
                        cmdDR.CommandText = strSQL
                        cmdDR.ExecuteNonQuery()
                    End Using

                End Using

            Catch ae As OleDbException
                intRaceEntryID = 0
                Throw
            End Try

        Else
            'In here if the user has hit back button and is clicking this button again
            intRaceEntryID = Session("RaceEntryID")
            strOrderID = "MM2014_" & CStr(intRaceEntryID)
            _OrderID = strOrderID
        End If

        'This will be set to 0 if there is an exception
        If intRaceEntryID <> 0 Then
            _RaceEntryID = intRaceEntryID
            Session("RaceEntryID") = intRaceEntryID
            Server.Transfer("~/EntryPayment.aspx")
        End If

    End Sub

Open in new window

0
 

Author Comment

by:BorisMatthews
ID: 39734655
Hi

No one got any idea on this?

I did winder if the fact that I am using server.transfer might be a cause?

Thanks
Andy
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 27

Expert Comment

by:Chinmay Patel
ID: 39735380
Yes. Try Response.Redirect. Any specific reason you resorted to Server.Transfer?
0
 

Author Comment

by:BorisMatthews
ID: 39735545
Hi

We looked at the various options for passing lots of form data from one page to another and decided on the Server.Transfer and PreviousPage option.

Ideally would not want to rework this now so was hoping for a solution that did not require such a change.

Is it a know issue/fact that Server.Transfer affects the Session variables as I have experienced?
0
 
LVL 27

Accepted Solution

by:
Chinmay Patel earned 500 total points
ID: 39735592
No. Server.Transfer should not destroy your session.

Just to cross check Session State is enabled on the entire site? and these two pages also right?
Also can you set EnableViewStateMac to false for both pages?
0
 

Author Comment

by:BorisMatthews
ID: 39735669
Hi

We had not explicitly set the sessionstate mode in web.config as we understood that the default was InProc in any case?

Have now set it and it does appear to be behaving.

Thanks
Andy
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this Article, I will provide a few tips in problem and solution manner. Opening an ASPX page in Visual studio 2003 is very slow. To make it fast, please do follow below steps:   Open the Solution/Project. Right click the ASPX file to b…
A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question