Forums
This topic is locked
Problem with sessions on cookies disabled browsers
Posted 24 Oct 2004 14:30:48
1
has voted
24 Oct 2004 14:30:48 Olivier Florence posted:
Hello,I am doing a site where I store a temporary customer ID in cookie and then pass it to a session, this is working fine on browsers with cookies enabled, however it is not if cookies are blocked, here is the logic I used:
-1. detect if there is a session variable with a customer ID
-If there is a session then this is not the first page viewed by the user and there is nothing to do but to leave the session as it is
-If there is no session, check to see if there is a cookie with the customer ID, if there is, it is a returning customer, place the customer id stored in the cookie in the session variable for this visit
-If there isn't it is a first time visitor, place a cookie with the temporary customer id for future visits and place the same customer id in a session for the time being.
The way I have done it is than if a session with the customer id already exist just leave it alone, however on cookie disabled browser it reasigned a new customer ID to the session for each page and I just can't understand why?
here is the code I am using, it is in ASP javascript:
<%
//shopping cart
//first we check if the user as a session open with a customer ID
//to make it easy we will create a customer id which will also be used in the cart
if (String(Session("custId"=="undefined")
{
//the customer does not have a session open for the shopping cart
//we check if there is a cookie to see if it is an exising customer
var cookie = Request.Cookies("custId"
if (cookie!= "" && cookie!="undefined"
{
//there is a cookie, it is a returning customer, we set the session to the value of the cookie
Session("custId" = cookie;
}
else
{
//no cookie found, we create a new customer id and set it to both the cookie and the session
var d = new Date();
var mil = String(d.getTime());
var custId = mil;
Session("custId" = custId;
Response.Cookies("custId" = custId;
var d = new Date();
var y = d.getYear()+ 2;
var m = d.getMonth() + 1;
var day = d.getDate();
var ExDate = m +" "+ day + "," + y ;
Response.Cookies("custId".Expires =ExDate;
}
}
%>
Thanking you for any help
Replies
Replied 25 Oct 2004 16:51:34
25 Oct 2004 16:51:34 Lee Diggins replied:
Hi
The reason the web server does this is by design. It's possible to maintain a session with a client browser without cookies enabled, but not the way you think. You can use the querystring to help you pass the web server session_id from page to page within the application/web site.
The dot.NET framework (ASP.NET), can do this without the need for cookies enabled on the client and again it does this through use of the querystring. You can also build a session table/management within your db.
Digga
Sharing Knowledge Saves Valuable Time!!!
The reason the web server does this is by design. It's possible to maintain a session with a client browser without cookies enabled, but not the way you think. You can use the querystring to help you pass the web server session_id from page to page within the application/web site.
The dot.NET framework (ASP.NET), can do this without the need for cookies enabled on the client and again it does this through use of the querystring. You can also build a session table/management within your db.
Digga
Sharing Knowledge Saves Valuable Time!!!