ASP cookies in the application of the detailed

Source: Internet
Author: User
Tags flush header http request

Cookies have a much more complex value than other collections of ASP (such as form and ServerVariables). A cookie is a small piece of text that is stored on the client system by the browser and is sent with each request to a server in the domain to which they are applied.

ASP makes it easier to apply cookies by obtaining all the cookie values from the Request object's cookies collection and creating or modifying cookies, which are sent back to the user via the Response object's cookie collection.

Cookies contain information that can be constructed in two ways, and a single value cookie provides its value to code through a generic set of class ASP. However, each member of the collection may itself be a collection, and a cookie containing this information is called a multivalued (multiple-value) cookie.

Creating a single value cookie is simpler, as follows:

Response.Cookies ("item-name") = "Item-value"

To create a multiple-valued cookie, you can use the following command:

Response.Cookies ("Item-name") ("sub-item-name") = "Sub-item-value"

To set the domain and path of the cookie application and its expiration date, we use:

Response.Cookies ("Item-name"). Domain = "Domain-url"
Response.Cookies ("Item-name"). Path = "Virtual-path"
Response.Cookies ("Item-name"). expires = #date #

Typically, a client sends a cookie to the server only when a request is made to a page in the directory where the cookie is created. By specifying the path attribute, you can specify where the cookie is valid in the site and the cookie will be sent with the request. If the cookie is sent with a page request for the entire site, set path to "/".

If the Expires property is not set, the cookie is automatically eliminated when the current browser instance is closed.

Note that when we send any output to the browser, we have created a cookie. Because these cookies are part of the page HTTP header.

In ASP 3.0, the default state of buffering is turned on and no output is sent unless the work is specified with Response.Flush or the page is to the end. This means that the code that creates the cookie can be executed anywhere on the page until any output "refresh" (flush) is made to the client.

To read an existing cookie, use the Request.Cookies collection. You can access items individually, similar to the methods that are used when you create them.

Strsinglevalue = Request.Cookies ("Item-name")
Strsubitemvalue = Request.Cookies ("Item-name") ("Sub-item-name")

Note that the Request.Cookies collection (like all other request collections) is read-only. The Response.Cookies collection is write-only and can actually access the names of a series of cookies in the collection, not their values.

Traversing Cookies Collection

To make it easier to use a set of cookies, you can use additional properties named HasKeys. If the access cookie itself is also a collection, that is, it is a multivalued cookie, this returns TRUE. Using the HasKeys property, you can traverse the complete Request.Cookies collection to get a list of all cookies and their values.

For each objitem in Request.Cookies
If request.cookies (objitem). Haskey Then
' Use another for each to iterate all subkeys
For each objitemkey in Request.Cookies (objitem)
Response.Write Objitem & "(" & Objitemkey & ") =" _
& Request.Cookies (Objitem) (Objitemkey) & "<BR>"
Next
Else
' Print out the cookie string as normal '
Response.Write Objitem & "=" & Request.Cookies (objitem) & "<BR>"
End If
Next
This is very similar to the previous complex code that extracts multiple values from the Request.Form collection. But here you can use the HasKeys property to determine whether each entry is a collection. In the Form example, you must query Request.Form (item_name). The Count property, because a form collection (and all other collections except cookies) cannot be a true collection. The ASP just did the "behind-the-scenes" work and got the value of each multiple-entry collection. The difference between form and querystring

Once you understand the techniques for accessing various ASP collections, you need to solve another problem: what is the difference between a form and a QueryString collection? If you are ready to use ASP, there is no doubt that this difference should be clear, but you need to refer to the HTTP working methods to get a new understanding of them.

There are two common ways to request pages or other resources from a Web server via HTTP. You can use the Get method to obtain resources directly, or you can use post to pass values to the appropriate resources. The Get method is the default, and you can look at an instance of an HTTP request earlier in this chapter:

7/8/99 10:27:16 Sent get/store/download.asp http/1.1

If one or more pairs of names/values are appended to the URL of the requesting page, they become the requested query string and are provided to the ASP page in the QueryString collection. Click a hyperlink for a Web page, email message, or other document, or enter an address in the address bar of your browser and press ENTER, or click the Links or Favorites button in your browser, all of which use the Get method.

Therefore, the only way to pass values to the ASP in these actions is through the QueryString collection, with the value appended to the URL.

The values that appear in the Request.QueryString collection and are accessed are the same as those in the Form collection instance that you saw earlier. Combination of URL and query string:

Http://mysite.com/process_page.asp?FirstName=Priscilla&LastName=Descartes

You can access the values provided in the QueryString collection in the following ways:

strFirstName = Request.QueryString ("FirstName") ' Return ' Priscilla '
strLastName = Request.QueryString ("LastName") ' Return ' Descartes '
Strraw = Request.QueryString
' Return ' firstname=priscilla&lastname=descartes '

The Get and post methods for a form

When using <FORM> segments within a page, you can set the method property value of the open FORM tag to "get" or "POST" with the default value "get". If you use "get" or omit its properties, the browser binds the value to all controls on the page, becomes a query string, and is appended to the URL of the requested page.

When the request arrives at the Web server, its value is provided by the Request.QueryString collection of the ASP. However, if you set the method property to "POST," the browser wraps the value into the HTTP header of the sending server and provides it to the ASP via the Request.Form collection.

By way of this, you can use the Post method in all HTML forms. However, there is a limit to the length of the URL string for the browser or server. Therefore, attaching a long string can cause overflow and characters of some strings to be truncated. Also, the query string appears in the browser's address bar and in all saved links and favorites. Not only that, but also the values that you don't want to display in an HTTP request when you pass through a Web server, and it can also appear in the log files of your server and other routing servers. The values in the HTTP request header are rarely visible and are not present in the log file.

A small problem to note when using the Post method is that when the user downloads the <FORM>, the form's value is no longer retained, the value is empty, and must be entered again. However, when attached to the URL, its value is stored as a link, will be preserved, so that it will appear in all URLs and strings in a request, which may be an advantage or a disadvantage, depending on the application (some browsers can automatically keep a value on a page for a certain extent on the client).

Another point is that the combination of a URL and a query string cannot contain any spaces or other illegal characters, otherwise navigator and some other browsers will have problems. Illegal characters are those used to separate URLs and query strings, such as "/", ":", "?" and "&" (ie can automatically convert spaces to the correct format-plus "+", but other illegal characters cannot be processed)

The use of cookies in ASP

In this section we will learn about the various techniques that are available to the collection, methods, and attributes that are used by ASP code.

1 details of the user stored in the cookie

You can use cookies to store these two types of values: values that we do not want to save when the browser is closed, such as the user's registration information, and the values to retain when the user accesses the site. In each case, the value of the cookie is available to the ASP for each page request from the user's browser.

However, it is to be remembered that cookies are sent to the server only when a request is made to a page in the virtual path (path) in the cookie. By default, if the value of path is not set in the cookie, its value is the virtual path of the page that created the cookie. To send a cookie to all pages of a site, you need to use path= "/".
Here is an example where the user's registration information is stored in a cookie from a custom login page, and the cookie value is reserved only before the browser is closed because no validity period has been applied:

...
Request.Cookies ("User") ("UID") = "<% = Request (" UserName ")%>"
Request.Cookies ("User") ("PWD") = "<% = Request (" Password ")%>"
Request.Cookies ("User"). Path = "/adminstuff" ' applies to admin pages
...

You can now find this cookie in every page that the user requests from the Adminstuff directory or its subdirectories. If it does not exist, you can redirect the user to the registration page:

If (Request.Cookies ("User") ("UID") <> "Alexhomer") _
Or (Request.Cookies ("User") ("PWD") <> "secret") Then
Response.Redirect "Login.asp?" Username= "& Request.Cookies (" User ") (" UID ")
End If
...

Because the user name in the cookie is placed in the Response.Redirect URL query string, you can use it on the Login.asp page if an error occurs while the password is entered and you want the user to not have to retype the user name:

<form action= "check_user.asp" method= "POST" >
<input type= "TEXT" name= "UserName"
value= "<% = Request.QueryString (" UserName ")%>" ><P>
<input type= "SUBMIT" value= "LOGIN" >
</FORM>
2 Modify the existing cookie

You can modify an existing cookie by using ASP, but you cannot modify only one of the values in the cookie. When you update a cookie in the Response.Cookies collection, the existing value is lost. We can create a cookie using the following code:

Response.Cookies ("Visitcount") ("startdate") = Dtmstart
Response.Cookies ("Visitcount") ("lastdate") = Now
Response.Cookies ("Visitcount") ("Visits") = CStr (intvisits)
Response.Cookies ("Visitcount"). Path = "/" ' Apply to entire site
Response.Cookies ("Visitcount"). Expires = DateAdd ("M", 3,now)

If you want to update the values of visits and lastdate, you must first change all the values, and then rewrite the entire cookie:

Datdtart = Response.Cookies ("Visitcount") ("StartDate")
Intvisits = Response.Cookies ("Visitcount") ("Visits")
Response.Cookies ("Visitcount") ("startdate") = Dtmstart
Response.Cookies ("Visitcount") ("lastdate") = Now
Response.Cookies ("Visitcount") ("Visits") = Cstr (intvisits)
Response.Cookies ("Visitcount"). Path = "/"
Response.Cookies ("Visitcount"). Expires = DateADD ("M", 3,now + 1) and for almost all other response methods and properties, you should complete this work before writing anything (that is, opening <HTML> markup or any text or other HTML) to the response.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.