S
Steve Remer
My application (relevant code snippets below) originally used Session
variables in order to maintain state from page to page. After being
unable to solve the mystery of why those variables were intermittently
inaccessible, (all Session variables gone, not using InProc Session
state mode), I moved to a cookies-based solution. Now I have cookie
contents that are intermittently inaccessible. Someone suggested using
session variables to "back-up" the cookie functionality, so if one was
not available, I could fall back on the other. Now it turns out that
when one is missing, the other is missing as well.
This is a simple retrieval (from a MSSQL DB) and storage (in a cookie
and session variable at the same time) of a Customer ID upon
successful logon. Then, when customer info in needed, an attempt is
made to get the necessary Customer ID from the cookie. If that is
null, an attempt is made to get it from the Session variable. If that
is null, a 0 value is used for the Cust ID, eventually resulting in an
empty Datareader object.
We've done tons of Google searches on "disappearing cookies"
"disappearing session variables", etc. Until today, when we came up
with the idea of using Session variables to "backup" cookie contents,
we were not aware that both "cookies disappearing" and "Session
variables disappearing" were happening at the same time.
Let me emaphisize that this is only happening about a third of the
time. I have not been able to replicate either the "disappearing
cookie" and disappearing Session variable" behavior myself. I have an
error-trapping routine that emails me with the stack trace upon the
first invalid read of the empty datareader. Also, for what it's worth,
Verio is the hosting company involved.
CODE
_____
Cookie and session variable setting in Logon page:
Dim CustInfo As CWI.CustomersDB = New CWI.CustomersDB()
Dim rdr As SqlDataReader
rdr = CustInfo.CustomerLogin(tbxEmail.Text, tbxPassword.Text)
If Not rdr.Read() Then
lblLogonFailed.Text = "No such Email/Password"
Else
Session.Add("CustID", rdr.GetValue(0))
Dim cookCustID As New HttpCookie("CID")
cookCustID.Values.Add("CustID", CStr(rdr.GetValue(0)))
Dim dtNow As New DateTime()
Dim tsMinutes As New TimeSpan(0, 2, 0, 0)
dtNow = Now.Add(tsMinutes)
cookCustID.Expires = dtNow
Response.Cookies.Add(cookCustID)
End If
COOKIE & SESSION Retrival logic (standard read logic at end omitted)
Dim CustID As Integer
Dim cookCustID As HttpCookie
Dim context As HttpContext = HttpContext.Current
cookCustID = context.Request.Cookies("CID")
If cookCustID Is Nothing Then
If IsDBNull(context.Session.Item("CustID")) Then
CustID = 0
Else
CustID = CInt(context.Session.Item("CustID"))
End If
Else
CustID = cookCustID.Values.Item("CustID")
End If
variables in order to maintain state from page to page. After being
unable to solve the mystery of why those variables were intermittently
inaccessible, (all Session variables gone, not using InProc Session
state mode), I moved to a cookies-based solution. Now I have cookie
contents that are intermittently inaccessible. Someone suggested using
session variables to "back-up" the cookie functionality, so if one was
not available, I could fall back on the other. Now it turns out that
when one is missing, the other is missing as well.
This is a simple retrieval (from a MSSQL DB) and storage (in a cookie
and session variable at the same time) of a Customer ID upon
successful logon. Then, when customer info in needed, an attempt is
made to get the necessary Customer ID from the cookie. If that is
null, an attempt is made to get it from the Session variable. If that
is null, a 0 value is used for the Cust ID, eventually resulting in an
empty Datareader object.
We've done tons of Google searches on "disappearing cookies"
"disappearing session variables", etc. Until today, when we came up
with the idea of using Session variables to "backup" cookie contents,
we were not aware that both "cookies disappearing" and "Session
variables disappearing" were happening at the same time.
Let me emaphisize that this is only happening about a third of the
time. I have not been able to replicate either the "disappearing
cookie" and disappearing Session variable" behavior myself. I have an
error-trapping routine that emails me with the stack trace upon the
first invalid read of the empty datareader. Also, for what it's worth,
Verio is the hosting company involved.
CODE
_____
Cookie and session variable setting in Logon page:
Dim CustInfo As CWI.CustomersDB = New CWI.CustomersDB()
Dim rdr As SqlDataReader
rdr = CustInfo.CustomerLogin(tbxEmail.Text, tbxPassword.Text)
If Not rdr.Read() Then
lblLogonFailed.Text = "No such Email/Password"
Else
Session.Add("CustID", rdr.GetValue(0))
Dim cookCustID As New HttpCookie("CID")
cookCustID.Values.Add("CustID", CStr(rdr.GetValue(0)))
Dim dtNow As New DateTime()
Dim tsMinutes As New TimeSpan(0, 2, 0, 0)
dtNow = Now.Add(tsMinutes)
cookCustID.Expires = dtNow
Response.Cookies.Add(cookCustID)
End If
COOKIE & SESSION Retrival logic (standard read logic at end omitted)
Dim CustID As Integer
Dim cookCustID As HttpCookie
Dim context As HttpContext = HttpContext.Current
cookCustID = context.Request.Cookies("CID")
If cookCustID Is Nothing Then
If IsDBNull(context.Session.Item("CustID")) Then
CustID = 0
Else
CustID = CInt(context.Session.Item("CustID"))
End If
Else
CustID = cookCustID.Values.Item("CustID")
End If