Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Session variables

Status
Not open for further replies.
niceguy606

niceguy606

MIS
Feb 17, 2005
23
0
0
US
Hi

I have a login page where i validate a username and password for the user and create a session and redirect them to main page.

I have a button link on the main page where when the user clicks on the button(which takes them to a secure page) i want to validate their username and password again for extra security for implementation of electronic signatures.

How to do it? If i expire the session when the user clicks on the button and redirect them to login page. when they login again to it will go to main page but not the secure page.

At the same time when the user clicks on the button and they enter wrong username or password it should just be on th main page not expiring the session.

help needed.
pls let me know
thanks



is there any to do it?
 
Sort by date Sort by votes
you might want to try putting the username in a cookie so you can validate it through the cookie. i'm not sure how safe usin a cookie would be, but its a good option if your just wanting to test the flow of the code untill you find the ultimate answer your looking for

--there are 10 people in this world. those who know binary, and those who don't.--
 
Upvote 0 Downvote
Hi
thanks for you reply i am not at very good in ap. can you pls tell me how to do it using cookie.i mean some code would help.
thank you,
 
Upvote 0 Downvote
The session actually uses temporary cookies except. Instead of placing the data values directly into the cookie, the cookie holds a session ID number and the values of the variables are held in the server's memory and accessed via the session ID number from the cookie.


You can use [tt]Session.Abandon[/tt] to release the variables in the server's memory and therefor invalidate the session ID.
 
Upvote 0 Downvote
Also it is good to make an INCLUDE file that checks for the session/cookie and redirects the user to the login page. Then simply include this at the top of every page that needs to be "secure."
 
Upvote 0 Downvote
hi
can you provide some code examples to set cookies. i have already done using session variables in my pages.
thank you
 
Upvote 0 Downvote
response.Cookies("whatever") to declare a cookie or set a value in a cookie by response.Cookies("whatever")
and to get values out of the cookie you can do a request.cookies("whatever")

--there are 10 people in this world. those who know binary, and those who don't.--
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

how2trainyourdragon
  • Locked
  • Question
Request.Server variables blank for classic ASP
Replies
12
Views
212
GriffMG
GriffMG
leifoet
  • Locked
  • Question
How to link a condition to a session("UID") ?
Replies
14
Views
144
leifoet
leifoet
DIDwebs
  • Locked
  • Question
Remaining time before the session timeout expires IIS
Replies
1
Views
55
ChrisHirst
ChrisHirst
robsuttonjr
  • Locked
  • Question
ASP Classic duplicated variables
Replies
5
Views
90
guitarzan
guitarzan
gesrod
  • Locked
  • Question
Session variable
Replies
4
Views
69
gesrod
gesrod

Part and Inventory Search

Sponsor

Back
Top