?
Solved

Session Variable Lost - Back Button

Posted on 2013-12-17
7
Medium Priority
?
926 Views
Last Modified: 2013-12-23
Hi

I have an ASP.Net website where users create an application and then proceed to a confirmation page and then a payment page.

This is all working fine but I have an issue when users click the back button on the payment page.

The confirmation page has a Submit button and this creates a record in the database and stores this in a session variable with the intention that if they click the back button on the payment page and then click submit again I can check this value and not create a new record.

However, when the user click the back button on the payment page the confirmation page is reloaded and the session variable is nothing.

This does not make sense to me as I though that the loading of pages from the local cache would not have any affect upon session variables that had been set.

Grateful for any advice regarding this.
0
Comment
Question by:BorisMatthews
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 27

Expert Comment

by:Chinmay Patel
ID: 39723824
Without looking at your code it will be difficult to provide you guidance. Kindly post your code.
0
 

Author Comment

by:BorisMatthews
ID: 39724002
Hi

OK, here is the code in the Confirm button.  This checks if there is a RaceEntryID Session variable set and if so does not create a new record in the database.  Then the code sets the variable before transferring top the payment confirmation page using server.transfer.

If, once on the Payment Confirmation page I click the back button the RaceEntryID session variable = nothing.

    Protected Sub cmdConfrim_Click(sender As Object, e As System.EventArgs) Handles cmdConfrim.Click

        Dim strConn As String
        Dim strSQL As String
        Dim intRaceEntryID As Integer
        Dim strOrderID As String

        'Refresh the values after postback
        _Title = Me.lbTitle.Text
        _FirstName = Me.lbFirstName.Text
        _LastName = Me.lbLastName.Text
        _FullName = Me.lbName.Text
        _Address1 = Me.lbAddress1.Text
        _Address2 = Me.lbAddress2.Text
        _Address3 = Me.lbAddress3.Text
        _PostTown = Me.lbPostTown.Text
        _PostCode = Me.lbPostCode.Text
        _CountryID = Me.lbCountryID.text
        _TelNumber = Me.lbTelNumber.Text
        _MobileNumber = Me.lbMobileNumber.Text
        _EmailAddress = Me.lbEmailAddress.Text
        _Gender = Me.lbGender.Text
        _DoB = CDate(Me.lbDoB.Text)
        _RaceTypeID = Me.lbRaceTypeID.Text
        _TeamEntry = Me.lbTeamEntry.Text
        _TeamName = Me.lbTeamName.Text
        _FirstMudMadness = Me.lbFirstMudMadness.Text
        _TShirtSizeID = Me.lbTShirtSizeID.Text
        _MarieCurieOptIn = Me.lbMarieCurieOptIn.Text
        _DonationValue = Me.lbDonationValue.Text
        _MedicalConditions = Me.lbMedicalConditions.Text
        _EmergencyContactName = Me.lbEmergencyContactName.Text
        _EmergencyContactNumber = Me.lbEmergencyContactNumber.Text
        _HowDidYouHear = Me.lbHowDidYouHear.Text

        _RaceFee = Me.lbRaceFee.Text
        _TotalValue = _RaceFee + _DonationValue

        'Create DB record and assign the RaceEntryID
        'If the user clicks the back button on the final payment form
        'Then we must ensure that they do not create a second record in the database
        If IsNothing(Session("RaceEntryID")) Then
            Try
                strConn = GetConnString()

                Using cnnDR = New OleDbConnection(strConn)
                    Using cmdDR = cnnDR.CreateCommand
                        cnnDR.Open()

                        'Insert race entry
                        strSQL = "INSERT INTO tblRaceEntries (RaceTypeID, Title, LastName, FirstName, Address1, Address2, Address3, PostTown, PostCode, CountryID, " _
                            & "TelNumber, MobileNumber, Gender, DoB, EntryFee, TeamEntry, TeamName, MarieCurieOptIn, DonationValue, GiftAid, " _
                            & "TCAccepted, EmailAddress, FirstMudMadness, TShirtSizeID, MedicalConditions, EmergencyContactName, EmergencyContactNumber, HowDidYouHear) " _
                            & "VALUES (" & _RaceTypeID & ", '" & _Title.Replace("'", "''") & "', '" & _LastName.Replace("'", "''") & "', '" & _FirstName.Replace("'", "''") _
                            & "', '" & _Address1.Replace("'", "''") & "', '" & _Address2.Replace("'", "''") & "', '" & _Address3.Replace("'", "''") _
                            & "', '" & _PostTown.Replace("'", "''") & "', '" & _PostCode.Replace("'", "''") & "', " & _CountryID & ", '" & _TelNumber.Replace("'", "''") _
                            & "', '" & _MobileNumber.Replace("'", "''") & "', '" & _Gender.Replace("'", "''") _
                            & "', '" & Format(_DoB, "yyyy/MM/dd") & "', " & _RaceFee & ", " & _TeamEntry & ", '" & _TeamName.Replace("'", "''") & "', " & _MarieCurieOptIn _
                            & ", " & _DonationValue & ", " & _GiftAid & ", True, '" & _EmailAddress.Replace("'", "''") & "', " & _FirstMudMadness & ", " & _TShirtSizeID _
                            & ", '" & _MedicalConditions & "', '" & _EmergencyContactName & "', '" & _EmergencyContactNumber & "', '" & _HowDidYouHear & "')"
                        cmdDR.CommandType = CommandType.Text
                        cmdDR.CommandText = strSQL
                        cmdDR.ExecuteNonQuery()

                        'get new race Entry ID
                        strSQL = "SELECT @@IDENTITY"
                        cmdDR.CommandText = strSQL
                        intRaceEntryID = cmdDR.ExecuteScalar()

                        strOrderID = "MM2014_" & CStr(intRaceEntryID)
                        _OrderID = strOrderID

                        'Update table with OrderID - This is then used to identify the record when returning from payment gateway
                        strSQL = "UPDATE tblRaceEntries SET OrderID = '" & strOrderID & "' WHERE RaceEntryID = " & intRaceEntryID
                        cmdDR.CommandText = strSQL
                        cmdDR.ExecuteNonQuery()
                    End Using

                End Using

            Catch ae As OleDbException
                intRaceEntryID = 0
                Throw
            End Try

        Else
            'In here if the user has hit back button and is clicking this button again
            intRaceEntryID = Session("RaceEntryID")
            strOrderID = "MM2014_" & CStr(intRaceEntryID)
            _OrderID = strOrderID
        End If

        'This will be set to 0 if there is an exception
        If intRaceEntryID <> 0 Then
            _RaceEntryID = intRaceEntryID
            Session("RaceEntryID") = intRaceEntryID
            Server.Transfer("~/EntryPayment.aspx")
        End If

    End Sub

Open in new window

0
 

Author Comment

by:BorisMatthews
ID: 39734655
Hi

No one got any idea on this?

I did winder if the fact that I am using server.transfer might be a cause?

Thanks
Andy
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 27

Expert Comment

by:Chinmay Patel
ID: 39735380
Yes. Try Response.Redirect. Any specific reason you resorted to Server.Transfer?
0
 

Author Comment

by:BorisMatthews
ID: 39735545
Hi

We looked at the various options for passing lots of form data from one page to another and decided on the Server.Transfer and PreviousPage option.

Ideally would not want to rework this now so was hoping for a solution that did not require such a change.

Is it a know issue/fact that Server.Transfer affects the Session variables as I have experienced?
0
 
LVL 27

Accepted Solution

by:
Chinmay Patel earned 2000 total points
ID: 39735592
No. Server.Transfer should not destroy your session.

Just to cross check Session State is enabled on the entire site? and these two pages also right?
Also can you set EnableViewStateMac to false for both pages?
0
 

Author Comment

by:BorisMatthews
ID: 39735669
Hi

We had not explicitly set the sessionstate mode in web.config as we understood that the default was InProc in any case?

Have now set it and it does appear to be behaving.

Thanks
Andy
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question