In this page we will learn how to keep information from the user in our server (Session method) and how to share information between users (Application method). This is only a basic tutorial for beginners, so only basic features will be described.
The Session method
The first time a user accesses to a our pages some connections and disconnections took place. During this process the server and the client will interchange information to identify each other. Due to this exchange of information our server will be able to identify a specific user and this information may be use to assign specific information to each specific client. This relationship between computers is call a session. During the time a session is active, it is possible to assign information to a specific client by using Session method. We will use an example to explain this method:
Let's suppose we want to allow specific user to access the information on our site or directory and we want to show a username in all pages visited by the user. In this case we may use the Session method.
In this example, we will ask the username of the person in our index.asp page
respondtoforms.asp
<% IF Request.form="" THEN %>
<html>
<title>Our private pages</title>
<body>
In order to access this pages fill the form below:<BR>
<form method="post" action="index.asp">
Username: <input type="text" name="username" size="20"><BR>
Password: <input type="password" name="password" size="15"><BR>
<input type="Submit" value="Submit">
</form>
</body>
</html>
<% ELSE %>
<%
IF Request.form("username")="Joe" AND Request.form("password")="please" THEN
%>
<%
Session("permission")="YES"
Session("username")="Joe"
%>
<html>
<title>Our private pages</title>
<body>
Hi <% =Session("username") %>, you are allow to see these pages: <BR>
<A HREF="page1.asp">Page 1</A><BR>
<A HREF="page2.asp">Page 2</A>
</body>
</html>
<% ELSE %>
Error in username or password
<% END IF %>
<% END IF %>
Let's explain how this page works:
In line 1 it is checked whether information is submitted throw a form. If the answer is negative (Request.form=""), a form is displayed asking for username and password.
After filling the form and submitting it, as Request.form is not "" and the script will jump to line 15. In line 17 they are checked the username and password. If user name is "Joe" and Password is "please", then two variables are set for the client (lines 21-22):
Session("permission")="YES"
Session("username")="Joe"
These variables will be kept in the server during the time the session is active (normally it will expire after 20 minutes without contact).
Finally, if username and password are correct, a response page with links is send to the client with the name of the user in the top. In this example, if the username or password are incorrect the response page will include the text in line 38.
Now, let's suppose the user clicks in the link "Page 1" (page1.asp). The code of page1.asp will be the following one:
page1.asp
<% IF Session("permission")="YES" THEN %>
<html>
<title>Page 1</title>
<body>
Hi <% =Session("username") %>, welcome to Page 1 <BR>
This page is empty at the moment, but it will be very interesting in the next future
</body>
</html>
<% ELSE %>
You are not allowed to access this page
<% end IF %>
In line 1 it is check whether the value for Session("permission") is "YES". If the answer is positive a page with information is send to the client. If the answer is negative, the text in line 15 is send.
NOTES:
* Session method is suitable for sites with a limited number of visitors. For sites with a bigger number of visitors it is preferable to keep the information in the clients computer (by using cookies).
* To create more variables associated to a specific client we must substitute the text between brackets in Session("text").
* The corresponding security features in the client's browser must be enable.
The Application method
With Session method we have defined a value for Session("whatever")="Joe", but this information can not be share between visitors (Session("whatever") has a unique value for each visitor). To allow sharing information Application method is used.
For a better understanding of this method we will create a counter which will be shown in the same page. In order to make it work, copy the code below to your server:
counter.asp
<%
Aplication.Lock
Application("pagevisits")=Application("pagevisits")+1
Application.Unlock
%>
<html>
<title>Page under construction</title>
<body>
Under construction<BR><BR>
Page views: <% =Application("pagevisits") %>
</body>
</html>
In the first part of this code, as Application method is shared between different clients, it is necessary to prevent other clients from modifying the information in Application("pagevisits"). Application.Lock will avoid that by stopping the information to be shared, and Application.Unlock will allow the information to be shared again. Line 3 increases the value for the counter.
Finally a html code is send to the client, including the value of the counter.
Session and Application in ASP
