Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > session timeout

Reply
Thread Tools

session timeout

 
 
isaac2004
Guest
Posts: n/a
 
      03-09-2006
how would go about making a session timeout expire with a method like
you can expire a cookie by going Date() - 1

 
Reply With Quote
 
 
 
 
Evertjan.
Guest
Posts: n/a
 
      03-09-2006
isaac2004 wrote on 09 mrt 2006 in microsoft.public.inetserver.asp.general:

> how would go about making a session timeout expire with a method like
> you can expire a cookie by going Date() - 1
>
>


Why would you want to do that?

session.abandon is the way to go.

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
 
 
 
isaac2004
Guest
Posts: n/a
 
      03-10-2006
>Why would you want to do that?

i have a db driven shopping cart that uses a session id as a varible
for storring individual carts and items

>session.abandon is the way to go.\


isnt this method unefficient and is there any other way

 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      03-10-2006
isaac2004 wrote on 10 mrt 2006 in microsoft.public.inetserver.asp.general:

>>Why would you want to do that?

>
> i have a db driven shopping cart that uses a session id as a varible
> for storring individual carts and items


Yes, so?

One advice, never use systemvariables directly in code.

For one it precludes efficient testing with virtual values.

And now you see for yourself you will have to use measures the system is
not ment for.
say you want to keep the session identity of the user for other reasons?

>>session.abandon is the way to go.\

>
> isnt this method unefficient


Why?

What would be "inefficient" about it, and why would that matter to you?

setting the session timeout to a time in the past [if possible?] IS!!
abandoning the session, IMHO!!!

> and is there any other way


Yes, Do not use the session id for other things than
identifying the user's session.


--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
Egbert Nierop \(MVP for IIS\)
Guest
Posts: n/a
 
      03-12-2006

"isaac2004" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> >Why would you want to do that?

>
> i have a db driven shopping cart that uses a session id as a varible
> for storring individual carts and items
>
>>session.abandon is the way to go.\

>
> isnt this method unefficient and is there any other way


Session.SessionID is _very_ unreliable!
This is because the SessionID is just a numeric value, that can be reset at
any time, and it is not a unique number!

Identify your basket using a string-GUID for instance,


--
compatible web farm Session replacement for Asp and Asp.Net (1.1)
http://www.nieropwebconsult.nl/asp_session_manager.htm

 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      03-12-2006
Egbert Nierop (MVP for IIS) wrote on 12 mrt 2006 in
microsoft.public.inetserver.asp.general:

>
> "isaac2004" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) oups.com...
>> >Why would you want to do that?

>>
>> i have a db driven shopping cart that uses a session id as a varible
>> for storring individual carts and items
>>
>>>session.abandon is the way to go.\

>>
>> isnt this method unefficient and is there any other way

>
> Session.SessionID is _very_ unreliable!
> This is because the SessionID is just a numeric value, that can be
> reset at any time, and it is not a unique number!


And how many sessions would you need to have at one time to come near the
number that the session ID has a reasonable chance of being duplicated?

> Identify your basket using a string-GUID for instance,


Isn't that just as resettable?

===========

Read further, I do not advice abandoning the session, just to throw away a
basket.


--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
isaac2004
Guest
Posts: n/a
 
      03-12-2006
hey i found out that i can just use the delete part of a SQL statement
to erase all fields, the only problem is that it gives me this error
[Microsoft][ODBC Microsoft Access Driver] Too few parameters. Expected
1.

doesnt this mean that i am trying to delete something that doesnt
exist, here is the delete SQL code

strDeleteSQL = "DELETE FROM tblCart WHERE strSessionID = " &
strSessionID
objRS.Open strDeleteSQL, objConn, adOpenForwardOnly,
adLockOptimistic

does this look right
thanks for the help

 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      03-12-2006
isaac2004 wrote on 12 mrt 2006 in microsoft.public.inetserver.asp.general:

> hey i found out that i can just use the delete part of a SQL statement
>


Please quote what you are replying to.

If you want to post a followup via groups.google.com, don't use the
"Reply" link at the bottom of the article. Click on "show options" at the
top of the article, then click on the "Reply" at the bottom of the article
headers. <http://www.safalra.com/special/googlegroupsreply/>

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
isaac2004
Guest
Posts: n/a
 
      03-12-2006
>Please quote what you are replying to.

sorry alot of people were giving advice so i thought just by doing that
it would limit confusion

anyway i started this thread with an original problem that i fixed, now
there is another problem, i get this error

[Microsoft][ODBC Microsoft Access Driver] Too few parameters. Expected
1.

doesnt this mean that i am trying to delete something that doesnt
exist, here is the delete SQL code


strDeleteSQL = "DELETE FROM tblCart WHERE strSessionID = " &
strSessionID
objRS.Open strDeleteSQL, objConn, adOpenForwardOnly,
adLockOptimistic


does this look right
thank you all for the help

 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      03-13-2006
isaac2004 wrote on 12 mrt 2006 in microsoft.public.inetserver.asp.general:

>>Please quote what you are replying to.

>
> sorry alot of people were giving advice so i thought just by doing that
> it would limit confusion
>
> anyway i started this thread with an original problem that i fixed, now
> there is another problem, i get this error


Again a lack of Usenet Netiquette.

Do not ask a new unrelated question in an old thread.

Start a new thread with a new telling subject text.

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Session Timeout problems-web.confg session state and IIS session s =?Utf-8?B?Um9iSEs=?= ASP .Net 4 04-11-2007 04:52 PM
Timeout::timeout and Socket timeout Mark Probert Ruby 1 10-06-2004 09:30 AM
Re: ASPX Page Timeout - Session Timeout bruce barker ASP .Net 2 07-20-2004 08:39 PM
Session contents lost despite Session.Timeout = 3000; and <sessionState mode="InProc" cookieless="false" timeout="300"> Carpe Diem ASP .Net 3 02-23-2004 07:10 PM
web.config session timeout and forms authentication timeout Do ASP .Net 2 11-23-2003 02:27 PM



Advertisments