|
In this page we will learn how to keep information from the user
in our server (Session method) and how to share information between
users (Application method). This is only a basic tutorial for beginners,
so only basic features will be described.
The first time a user accesses to a our pages some connections
and disconnections took place. During this process the server and
the client will interchange information to identify each other.
Due to this exchange of information our server will be able to identify
a specific user and this information may be use to assign specific
information to each specific client. This relationship between computers
is call a session. During the time a session is active, it is possible
to assign information to a specific client by using Session method.
We will use an example to explain this method:
Let's suppose we want to allow specific user to access the information
on our site or directory and we want to show a username in all pages
visited by the user. In this case we may use the Session method.
In this example, we will ask the username of the person in our index.asp
page
respondtoforms.asp
<% IF Request.form="" THEN %>
<html>
<title>Our private pages</title>
<body>
In order to access this pages fill the form below:<BR>
<form method="post" action="index.asp">
Username: <input type="text" name="username"
size="20"><BR>
Password: <input type="password" name="password"
size="15"><BR>
<input type="Submit" value="Submit">
</form>
</body>
</html>
<% ELSE %>
<%
IF Request.form("username")="Joe" AND Request.form("password")="please"
THEN
%>
<%
Session("permission")="YES"
Session("username")="Joe"
%>
<html>
<title>Our private pages</title>
<body>
Hi <% =Session("username") %>, you are allow
to see these pages: <BR>
<A HREF="page1.asp">Page 1</A><BR>
<A HREF="page2.asp">Page 2</A>
</body>
</html>
<% ELSE %>
Error in username or password
<% END IF %>
<% END IF %> |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42 |
Let's explain how this page works :-
In line 1 it is checked whether information is submitted throw a form.
If the answer is negative (Request.form=""), a form is displayed
asking for username and password.
After filling the form and submitting it, as Request.form is not ""
and the script will jump to line 15. In line 17 they are checked the
username and password. If user name is "Joe" and Password
is "please", then two variables are set for the client (lines
21-22):
Session("permission")="YES"
Session("username")="Joe"
These variables will be kept in the server during the time the session
is active (normally it will expire after 20 minutes without contact).
Finally, if username and password are correct, a response page with
links is send to the client with the name of the user in the top.
In this example, if the username or password are incorrect the response
page will include the text in line 38.
Now, let's suppose the user clicks in the link "Page 1"
(page1.asp). The code of page1.asp will be the following one :-
page1.asp
<% IF Session("permission")="YES" THEN
%>
<html>
<title>Page 1</title>
<body>
Hi <% =Session("username") %>, welcome to Page
1 <BR>
This page is empty at the moment, but it will be very interesting
in the next future
</body>
</html>
<% ELSE %>
You are not allowed to access this page
<% end IF %> |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 |
In line 1 it is check whether the value for Session("permission")
is "YES". If the answer is positive a page with information
is send to the client. If the answer is negative, the text in line
15 is send.
NOTES :-
- Session method is suitable for sites with a limited number of
visitors. For sites with a bigger number of visitors it is preferable
to keep the information in the clients computer (by using cookies).
- To create more variables associated to a specific client we
must substitute the text between brackets in Session("text").
- The corresponding security features in the client's browser
must be enable.
With Session method we have defined a value for Session("whatever")="Joe",
but this information can not be share between visitors (Session("whatever")
has a unique value for each visitor). To allow sharing information
Application method is used.
For a better understanding of this method we will create a counter
which will be shown in the same page. In order to make it work,
copy the code below to your server :
counter.asp
<%
Aplication.Lock
Application("pagevisits")=Application("pagevisits")+1
Application.Unlock
%>
<html>
<title>Page under construction</title>
<body>
Under construction<BR><BR>
Page views: <% =Application("pagevisits") %>
</body>
</html> |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15 |
In the first part of this code, as Application method is shared between
different clients, it is necessary to prevent other clients from modifying
the information in Application("pagevisits"). Application.Lock
will avoid that by stopping the information to be shared, and Application.Unlock
will allow the information to be shared again. Line 3 increases the
value for the counter.
Finally a html code is send to the client, including the value of
the counter.
NOTES :-
- The information save as Application("whatever") as
shown in this tutorial is lost each time the server is restarted.
|
