Session variable - timeout

[nkamp]

Hello,

Quit simple: I try to make a session variable on a hiddenframe like:

document.contexthiddenform.URLattach.value = URLvar;

document.contexthiddenform.target = 'hiddenframe';
document.contexthiddenform.action = 'context_hiddenframe.asp';
document.contexthiddenform.submit();
	    }
</script>
<%
[highlight]session("sesURLattach") = Request("URLattach")[/highlight]

Response.Write "<script>" & vbcrlf		
Response.Write "alert('" & session("sesURLattach") & "');" & vbcrlf
Response.Write "alert('" & Session.Timeout & "');" & vbcrlf
Response.Write "</script>" & vbcrlf
%>
</form>

The value of session variable is shown and the timeout value (60 min.) shown as well. But immediately I get the error message "a timeout has been occurred, you have to log in again".
If I make the highlighted sentence comment then I don't get the error.

Has somebody an idea why I receive immediately the timeout error?

Nico

 

[schase]

like webdeveloper.com, I also would be shooting in the dark.

But run some tests.

Do a response.write before you set the session of the request variable, and right after. Also do a response.write after you do the javascript alert.

If everything works up to that point where you set the session, then assign a static value to the session and see if you still get an error.

Try it without the javascript, then bit by bit add back in parts until you narrow down what line is exactly the spot where it goes awry.

"Ever stop to think, and forget to start again?"

Stuart
A+, Net+, Security+, MCP

 

[nkamp]

If I do session("sesURLattach") = "test" then I don't get a timeout error. But if I do (after the submit) session("sesURLattach") = Request("URLattach") and the value of URLattach is:
red]count=351&dt=6%2F13%2F2006%2010%3A31%3A30%20AM&startzoek=nu&MenuItem=BDRF&afkorting=a&bedrijfnaam=a&zoekcategorie=-1&plaats=&zoekland=-1[/red]

Is it not allowed to put every character in a session variable?

Nico

 

[nkamp]

Hello,

It's even more strange than I thought.

Hello,

If I do

session("sesURLattach") = "count351&6%2F13%2F2006%2010%3A31%3A30%20AM&startzoek=nu&MenuItem=BDRF&afkorting=a&bedrijfnaam=a&zoekcategorie=-1&plaats=&zoekland=-1"

then I don't get a timeout error. But if I do (after the submit)

session("sesURLattach") = Request("URLattach")

The value of URLattach is:
count=351&dt=6%2F13%2F2006%2010%3A31%3A30%20AM&startzoek=nu&MenuItem=BDRF&afkorting=a&bedrijfnaam=a&zoekcategorie=-1&plaats=&zoekland=-1

I'm sure of the value because after I fill the session variable I have a response.write with a alert of the session variable. This value is shown in the alert box and at the same time I get the timeout error. Why?? When the document is submitted can it be that the value of document.contexthiddenform.URLattach.value is not on the server at the right time?

Why do I get a timeout error in the second piece of code and not in the first piece of code?????

Does anybody understand this?

Nico.

 

[Ferrian]

I didn't think you could use the command 'request' without some form of directive, ie 'request.querystring' or 'request.form'.

Are you sure this isn't the problem?

As for the second question, I'm looking at the 2 strings and see a fair few differences, unless you've put the equals signs into ASCII (but it doesn't look like you have to me)?

Just a couple of thoughts I had, hope you find out what's wrong.

 

[Sheco]

Yeah you can do just plain Request without .Form or .QueryString and the ASP engine will search both collections if necessary to find it.

It would be interesting to write a little program to submit malformed HTTP requests and see what happens if you send a GET but with some header values as if you had sent a POST and then just use plain Request and see what happens.

 

[schase]

I think Ferrian's pointing in the right spot. At this point, - as you are seeming to be putting many values into a session (like an entire querystring). Than put them into the session one at a time and see which one freaks out.

Alternate possiblities is to use multiple Sessions, or branch out a cookie as well.

request.cookies("cknKamp")("Count")=351
request.cookies("cknKamp")("dt")=something
request.cookies("cknKamp")("startzoek")=something
... and so on, you can set the cookies from wherever you first obtain the querystring - or those values.


- Ferrian, you can call form variables with just request. I often do this where I have forms that have Querystring values plus normal post values. However it is not as secure in the sense that if I have a post field named say txtAddress - and someone puts in the querystring ?txtAddress= than i'll get comma separated values - and probably wig out the rest of the code.

"Ever stop to think, and forget to start again?"

Stuart
A+, Net+, Security+, MCP

 

[Ferrian]

Ah, we always do a check if we're not sure how it'll be passed over, such as:

p_code = request.querystring("id")
if p_code = "" or isnull(p_code) then
   p_code = request.form("id")
end if

But thanks for the tip, that might come in useful in future.

~Ben
Intranet Developer

 

[nkamp]

Hello,

First thank you all for helping me. I have tried a lot of different things post, get, request.form, request querystring even with a variable (see my piece of code). If I try to fill a session variable with a request then I get a timeout error.

'hulpvariabele = Request("strURLvar") 'Timeout error
hulpvariabele = "test"'This is working!!! 
session("ses_3") = hulpvariabele			'
[/ocde
Here something more of my part of code.
My conclusion is that if you try to fill a session varible then a timeout occurs or....
[code]
		  document.contexthiddenform.target = 'hiddenframe';
		  //document.contexthiddenform.action = 'context_hiddenframe.asp';
		  document.contexthiddenform.action = 'context_hiddenframe.asp?strURLvar=hulpvariabele';
		  document.contexthiddenform.method = 'post';
		  alert(document.contexthiddenform.action);
		  //+document.contexthiddenform.URLattach.value;
		  document.contexthiddenform.submit();
	    }
      </script>
    </form>
      <%
      dim hulpvariabele
      
      'hulpvariabele = Request("strURLvar")		'This is not working
      hulpvariabele = "test"					'This is working!!! 
      session("ses_1") = "sesURLattach"
      session("ses_2") = "count=351&6%2F13%2F2006%2010%3A31%3A30%20AM&startzoek=nu&MenuItem=BDRF&afkorting=a&bedrijfnaam=a&zoekcategorie=-1&plaats=&zoekland=-1"
      session("ses_3") = hulpvariabele			'
      
      'session("sesURLattach_3") = Server.URLEncode(request("URLattach"))
call displaytext(hulpvariabele & "----" & Request.Form("URLattach"))

      Response.Write "<script>" & vbcrlf
      'Response.Write "alert('" & Request("strURLvar") & "');" & vbcrlf	'value is sesURLattach
	  Response.Write "alert('" & session("ses_1") & "');" & vbcrlf	'value is sesURLattach
	  Response.Write "alert('" & session("ses_2") & "');" & vbcrlf	'value is count=351 etc
	  Response.Write "alert('" & session("ses_3") & "');" & vbcrlf
	  Response.Write "alert('" & Session.Timeout & "');" & vbcrlf	'value is 60
	  Response.Write "</script>" & vbcrlf
      %>

  </body>
</html>

Nico

 

[Sheco]

This is not a real timeout error.

You could change the code to call it a "dog error", a "frog error", a "foo error", or a "bar error."

The problem appears to be that the JavaScript outputted by your server-side ASP code does not create the desired effect when exectued by the browser.

 

[Tarwn]

I think I would have to agreewith Sheco. Couple questions:

Is the form your referencing in the first part of your javascript before or after your javascript when you submit it?
Are you changing Response.Buffer = False or using Response.Flush anywhere in your code?
Where are you receiving the timout error? In a visible frame?
How many frames are we dealing with here?
If you comment out the submit do you still get th session timeout, or does that occur after the submit has taken place?

Try doing a Response.Write on the SessionId and see if the value stays the same from page to page. Make your hidden frame visible and write it out in there also, or use another javascript alert box.

Those are my questions for now,
-T

 

[nkamp]

Hello,

First of all thanks a lot to help me with solving my problem. Really thank you.
I hope not that you or somebody else is gonna shoot me because afterwards it's very easy. I believe that somebody has already mentioned or pointed in the direction of the problem.

Thirst of all on advise from somebody else I put the following code into a new asp page. So that I at least know that I can make session variables. This was working.

<%
If Len(Request("n"))>0 Then
   Session(Request("n")) = Request("v")
   Response.Write("session variable created successfully")
Else  
   Response.Write("no name was given")
End If
%>

then, browse to the page like this:
http://www.yourdomain.com/CreateSession.asp?n=ses_3&v=hello
then after this, I have checked the value of Session("ses_3") and this was correct and no TIMEOUT error

Then I copied this piece of code into my file and then I saw what was happening.
First I saw the text "session variable has been created". Then I get a JS alert with some text(pause). Then I acknowledge this message and then I saw the text "no name was given". The reason the submit was done again but then the URL variable was lost ==> And then in my case a you get timeout error.

So thank you all very, very, very much.

Nico