Loosing session variables

[Rolf Rosenquist]

I have a website with several input forms over a number of pages. The
information that the user gives is following through the pages as session
variables. It has been working good for two years.

Now I am redoing the whole site and have all the different pages put into an
Iframe on the first page. The form pages are the same as before, but now I
seem to loose some of the session variables.

But the strange thing is that if I first go through the the process with the
old website and then switch to the new in the same browser, it all works.

Do you guys have any suggestions where to look for the fault?

/ Rolf

 

[Evertjan.]

Rolf Rosenquist wrote on 16 mei 2006 in
microsoft.public.inetserver.asp.general:

I have a website with several input forms over a number of pages. The
information that the user gives is following through the pages as
session variables. It has been working good for two years.

Now I am redoing the whole site and have all the different pages put
into an Iframe on the first page. The form pages are the same as
before, but now I seem to loose some of the session variables.

But the strange thing is that if I first go through the the process
with the old website and then switch to the new in the same browser,
it all works.

Do you guys have any suggestions where to look for the fault?

Are you really working on one domain and root?

The session identifying session-cookie is domain specific.

 

[Dave Anderson]

I have a website with several input forms over a number of
pages. The information that the user gives is following
through the pages as session variables. It has been working
good for two years.

Now I am redoing the whole site and have all the different
pages put into an Iframe on the first page. The form pages
are the same as before, but now I seem to loose some of the
session variables.

ASPFAQ has a pretty good list of causes:
http://www.aspfaq.com/show.asp?id=2157

But the strange thing is that if I first go through the the
process with the old website and then switch to the new in
the same browser, it all works.

This suggests that the location of the IFRAME is *always* on the old server.
Check to see if you have a hard-coded location (IFRAME SRC attribute or FORM
ACTION attribute), rather than a relative one.

 

[Rolf Rosenquist]

Thanks to both of you for your replies. In a way, I now have got it work (I
think). The aspfaq.com link lead me to a MS page with this information:
1. Run Internet Explorer.
2. Click Tools, and then click Internet Options.
3. Click the Privacy tab, and then click Advanced.
4. Click to select the Override automatic cookie handling check box.
5. To allow ASP and ASP.NET session cookies to be set, click to select the
Always allow session cookies check box.
.... and then it works.

But then I have the problem to make my users to set this in their
machines....

That I did not have to do with the old site, that only was a page by itself.
Now I use the same page, but it is shown in an Iframe. I have also put the
whole bunch of files in the same directory and the reference to the asp page
is written as http://www.blabla.com/bla/bla/bla/

I would hope that it was possible to do without interfering with the users
browser settings....?

/ Rolf

 

[Dave Anderson]

I would hope that it was possible to do without interfering
with the users browser settings....?

Did you try adding P3P headers?

 

[Rolf Rosenquist]

No, haven't done that. It seems to me even more complicated than getting the
user to change his browser. ...but I may be wrong?

/ Rolf

 

[Rolf Rosenquist]

What really puzzles me is that I am only losing some of the session
variables. On the second page in the row of pages I lose this one:
Session("var1") = Request.Form("var1")

but on the third page I do get this one:
Session("var2") = Request.Form("var2")

And this is only happening when I use the same webpages to be loaded into an
Iframe. Not when they are shown as normal pages.
Can you get some sense out of that?

/ Rolf

 

[Rolf Rosenquist]

No. I have no idea what you mean by "second page" and "third page". For that
matter, I can't tell if you are indicating equality or assignment.

The site presents several pages after each other when the user has filled
the input fields in one form, the next (second, third, fourth...) page are
presented to him.

Later this evening I will test to put a 'fake' page before the first one.
And let that page link to it, as there must be a reason that only the input
fields on the first page are missing the session variables. I have so far,
never missed any of them on the later pages.

I now have come up with the idea that the reason perhaps could be that when
I already am inside the Iframe and link to the next page works in opposite
to the taget='iframe'. At least would be a thing to test.

/ Rolf

 

[Rolf Rosenquist]

Once you HAVE a privacy policy, there is nothing to it. You just add the
headers to the website configuration in the IIS console and every page gets
them automatically. This can significantly impact cookie behavior on client
machines.

I think it is far simpler than convincing each and every user to configure
his client for your site.

I think you are right here, but I also don't think I am able to change the
IIS console for the webhotel I am using.

/ Rolf

 

[Rolf Rosenquist]

Got it working now. But had to use an ugly method. Instead of using session
variables when in an Iframe, I used hidden fields and put all the variables
to the next and the next....and so on... webpage.

Not elegant, I know, but at least it works...

/ Rolf