Loosing session variables

I have a website with several input forms over a number of pages. The
information that the user gives is following through the pages as session
variables. It has been working good for two years.

Now I am redoing the whole site and have all the different pages put into an
Iframe on the first page. The form pages are the same as before, but now I
seem to loose some of the session variables.

But the strange thing is that if I first go through the the process with the
old website and then switch to the new in the same browser, it all works.

Do you guys have any suggestions where to look for the fault?

/ Rolf

Evertjan
Tue May 16 03:46:41 CDT 2006

Rolf Rosenquist wrote on 16 mei 2006 in
microsoft.public.inetserver.asp.general:

> I have a website with several input forms over a number of pages. The
> information that the user gives is following through the pages as
> session variables. It has been working good for two years.
>
> Now I am redoing the whole site and have all the different pages put
> into an Iframe on the first page. The form pages are the same as
> before, but now I seem to loose some of the session variables.
>
> But the strange thing is that if I first go through the the process
> with the old website and then switch to the new in the same browser,
> it all works.
>
> Do you guys have any suggestions where to look for the fault?

Are you really working on one domain and root?

The session identifying session-cookie is domain specific.


--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)

Dave
Tue May 16 09:39:16 CDT 2006

Rolf Rosenquist wrote:
> I have a website with several input forms over a number of
> pages. The information that the user gives is following
> through the pages as session variables. It has been working
> good for two years.
>
> Now I am redoing the whole site and have all the different
> pages put into an Iframe on the first page. The form pages
> are the same as before, but now I seem to loose some of the
> session variables.

ASPFAQ has a pretty good list of causes:
http://www.aspfaq.com/show.asp?id=2157



> But the strange thing is that if I first go through the the
> process with the old website and then switch to the new in
> the same browser, it all works.

This suggests that the location of the IFRAME is *always* on the old server.
Check to see if you have a hard-coded location (IFRAME SRC attribute or FORM
ACTION attribute), rather than a relative one.



--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.

Rolf
Tue May 16 15:13:06 CDT 2006

Thanks to both of you for your replies. In a way, I now have got it work (I
think). The aspfaq.com link lead me to a MS page with this information:
1. Run Internet Explorer.
2. Click Tools, and then click Internet Options.
3. Click the Privacy tab, and then click Advanced.
4. Click to select the Override automatic cookie handling check box.
5. To allow ASP and ASP.NET session cookies to be set, click to select the
Always allow session cookies check box.
... and then it works.

But then I have the problem to make my users to set this in their
machines....

That I did not have to do with the old site, that only was a page by itself.
Now I use the same page, but it is shown in an Iframe. I have also put the
whole bunch of files in the same directory and the reference to the asp page
is written as http://www.blabla.com/bla/bla/bla/

I would hope that it was possible to do without interfering with the users
browser settings....?

/ Rolf



"Dave Anderson" <GTSPXOESSGOQ@spammotel.com> skrev i meddelandet
news:ew$HDaPeGHA.2456@TK2MSFTNGP04.phx.gbl...
> Rolf Rosenquist wrote:
> > I have a website with several input forms over a number of
> > pages. The information that the user gives is following
> > through the pages as session variables. It has been working
> > good for two years.
> >
> > Now I am redoing the whole site and have all the different
> > pages put into an Iframe on the first page. The form pages
> > are the same as before, but now I seem to loose some of the
> > session variables.
>
> ASPFAQ has a pretty good list of causes:
> http://www.aspfaq.com/show.asp?id=2157
>
>
>
> > But the strange thing is that if I first go through the the
> > process with the old website and then switch to the new in
> > the same browser, it all works.
>
> This suggests that the location of the IFRAME is *always* on the old
server.
> Check to see if you have a hard-coded location (IFRAME SRC attribute or
FORM
> ACTION attribute), rather than a relative one.
>
>
>
> --
> Dave Anderson
>
> Unsolicited commercial email will be read at a cost of $500 per message.
Use
> of this email address implies consent to these terms.
>
>

Dave
Tue May 16 16:17:19 CDT 2006

Rolf Rosenquist wrote:
> I would hope that it was possible to do without interfering
> with the users browser settings....?

Did you try adding P3P headers?



--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.

Rolf
Tue May 16 16:38:44 CDT 2006

No, haven't done that. It seems to me even more complicated than getting the
user to change his browser. ...but I may be wrong?

/ Rolf



"Dave Anderson" <GTSPXOESSGOQ@spammotel.com> skrev i meddelandet
news:O$hke4SeGHA.3932@TK2MSFTNGP05.phx.gbl...
> Rolf Rosenquist wrote:
> > I would hope that it was possible to do without interfering
> > with the users browser settings....?
>
> Did you try adding P3P headers?
>
>
>
> --
> Dave Anderson
>
> Unsolicited commercial email will be read at a cost of $500 per message.
Use
> of this email address implies consent to these terms.
>
>

Rolf
Tue May 16 19:03:51 CDT 2006

What really puzzles me is that I am only losing some of the session
variables. On the second page in the row of pages I lose this one:
Session("var1") = Request.Form("var1")

but on the third page I do get this one:
Session("var2") = Request.Form("var2")

And this is only happening when I use the same webpages to be loaded into an
Iframe. Not when they are shown as normal pages.
Can you get some sense out of that?

/ Rolf



"Dave Anderson" <GTSPXOESSGOQ@spammotel.com> skrev i meddelandet
news:O$hke4SeGHA.3932@TK2MSFTNGP05.phx.gbl...
> Rolf Rosenquist wrote:
> > I would hope that it was possible to do without interfering
> > with the users browser settings....?
>
> Did you try adding P3P headers?
>
>
>
> --
> Dave Anderson
>
> Unsolicited commercial email will be read at a cost of $500 per message.
Use
> of this email address implies consent to these terms.
>
>

Dave
Wed May 17 02:16:58 CDT 2006

Rolf Rosenquist wrote:
>> Did you try adding P3P headers?
>>
> No, haven't done that. It seems to me even more complicated
> than getting the user to change his browser. ...but I may
> be wrong?

Once you HAVE a privacy policy, there is nothing to it. You just add the
headers to the website configuration in the IIS console and every page gets
them automatically. This can significantly impact cookie behavior on client
machines.

I think it is far simpler than convincing each and every user to configure
his client for your site.


--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.

Dave
Wed May 17 02:19:48 CDT 2006

Rolf Rosenquist wrote:
> What really puzzles me is that I am only losing some of the session
> variables. On the second page in the row of pages I lose this one:
> Session("var1") = Request.Form("var1")
>
> but on the third page I do get this one:
> Session("var2") = Request.Form("var2")
>
> And this is only happening when I use the same webpages to be loaded
> into an Iframe. Not when they are shown as normal pages.
> Can you get some sense out of that?

No. I have no idea what you mean by "second page" and "third page". For that
matter, I can't tell if you are indicating equality or assignment.



--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.

Rolf
Wed May 17 07:15:29 CDT 2006


"Dave Anderson" <GTSPXOESSGOQ@spammotel.com> skrev i meddelandet
news:126ljjfodg7tbbc@corp.supernews.com...
> Rolf Rosenquist wrote:
> > What really puzzles me is that I am only losing some of the session
> > variables. On the second page in the row of pages I lose this one:
> > Session("var1") = Request.Form("var1")
> >
> > but on the third page I do get this one:
> > Session("var2") = Request.Form("var2")
> >
> > And this is only happening when I use the same webpages to be loaded
> > into an Iframe. Not when they are shown as normal pages.
> > Can you get some sense out of that?
>
> No. I have no idea what you mean by "second page" and "third page". For
that
> matter, I can't tell if you are indicating equality or assignment.
>
>


The site presents several pages after each other when the user has filled
the input fields in one form, the next (second, third, fourth...) page are
presented to him.

Later this evening I will test to put a 'fake' page before the first one.
And let that page link to it, as there must be a reason that only the input
fields on the first page are missing the session variables. I have so far,
never missed any of them on the later pages.

I now have come up with the idea that the reason perhaps could be that when
I already am inside the Iframe and link to the next page works in opposite
to the taget='iframe'. At least would be a thing to test.

/ Rolf

Rolf
Wed May 17 07:17:11 CDT 2006


"Dave Anderson" <GTSPXOESSGOQ@spammotel.com> skrev i meddelandet
news:126lje5pal6mi31@corp.supernews.com...
> Rolf Rosenquist wrote:
> >> Did you try adding P3P headers?
> >>
> > No, haven't done that. It seems to me even more complicated
> > than getting the user to change his browser. ...but I may
> > be wrong?
>
> Once you HAVE a privacy policy, there is nothing to it. You just add the
> headers to the website configuration in the IIS console and every page
gets
> them automatically. This can significantly impact cookie behavior on
client
> machines.
>
> I think it is far simpler than convincing each and every user to configure
> his client for your site.
>
>


I think you are right here, but I also don't think I am able to change the
IIS console for the webhotel I am using.

/ Rolf

Rolf
Wed May 17 15:31:07 CDT 2006

Got it working now. But had to use an ugly method. Instead of using session
variables when in an Iframe, I used hidden fields and put all the variables
to the next and the next....and so on... webpage.

Not elegant, I know, but at least it works...

/ Rolf


"Dave Anderson" <GTSPXOESSGOQ@spammotel.com> skrev i meddelandet
news:126ljjfodg7tbbc@corp.supernews.com...
> Rolf Rosenquist wrote:
> > What really puzzles me is that I am only losing some of the session
> > variables. On the second page in the row of pages I lose this one:
> > Session("var1") = Request.Form("var1")
> >
> > but on the third page I do get this one:
> > Session("var2") = Request.Form("var2")
> >
> > And this is only happening when I use the same webpages to be loaded
> > into an Iframe. Not when they are shown as normal pages.
> > Can you get some sense out of that?
>
> No. I have no idea what you mean by "second page" and "third page". For
that
> matter, I can't tell if you are indicating equality or assignment.
>
>
>
> --
> Dave Anderson
>
> Unsolicited commercial email will be read at a cost of $500 per message.
Use
> of this email address implies consent to these terms.
>
>