session variables

[Matt Mercer]

Hi all,

I have read much about session variables and the pros and cons. I want
to post my use and get opinions.

When a user logs into my site various fields are pulled from a SQL
user table. I store the user's name, ID, country, region, site code,
and access level in session variables.

I use this information to decide what fields the user can see, what he
can do, or how the fields are prepopulated.

Am I sacrificing performance? Suggestions? To me this is not overusing
session variables.

Thanks in advance.

 

[Kevin Spencer]

Hi Matt,

This is certainly one of the things that Session is useful for - any time
you need to store user-specific information across page requests. The only
caveat I can give you is that you will need to handle the eventuality that a
user will step out for 20 minutes, come back, and their Session has ended.
Make sure that you include a way of recovering it.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.

 

[Guest]

Matt,

In my experience, that's a pretty minimal amount of information for a large
group of users. It becomes expensive when you create class objects with much
greater content (e.g. a collection(s) of data from a database).

 

[Rocky Moore]

It depends on the demand on your system, ram and the amount of expected
load.

In the old days session variables were looked at as the great evil. There
reason was that they consumed resources (ram) and reduced the scalability of
the site along with being a major problem on a web farm. In ASP.NET it is
not exactly the case. Just about any site that using session state is still
scalable, since we now have the ability to use a SQL Server base for session
state storage which solves the problems with web farms and sessions expiring
along with relieving some concerns about memory usage.

That said, you really only want to store information in session state that
is user and session specific, not page specific. While many people only use
one browser window, they may use more than one and if they do your session
state will be shared among them. Thus if you have something page specific,
it may be written over by another browser window the person is using.

Currently, most will use ViewState or a database to store page specific data
although you can handle ViewState and store it in a database if you like.
Very flexible, that should be part of the name .(VeryFlexible)Net

As mentioned in another message, I would use a single class to handle the
session state to make it more abstracted in your code.

--
Rocky Moore
www.HintsAndTips.com / Now with GMail Queue - Share your tips - Earn rewards
www.MyQuickPoll.com / 2004 Election poll ID #33
www.RJSoft.com/Products/RJContentPanel/ - Free web user template content
control!