Http://hi.baidu.com/lanxigang/blog/item/de8bcf80170d81df9023d957.html
Cookie is very important in Web programming. As Ajax is widely used, Cookie applications become more and more common. Another special purpose is that for programmers who are switching from ASP to. net, session sharing is quite troublesome. Therefore, we have to turn to cookies. Although the cookie operations in ASP and Asp.net are basically the same, there are also many differences, here, we need to list the operations such as adding, reading, modifying, and deleting cookies in Asp.net.
1. Write cookie
1. the name and value attributes of the cookie are set by a program. The default value is null.
2. The default value of the domain attribute is the domain name part of the current URL, regardless of the directory on which the page sending the cookie is located.
For example, if a cookie is issued on the http://www.XXX.com/application1/login.aspx page, the domain property defaults to www.xxx.com, and the program can set this property to the desired value. (The cookie is generally stored on the client as a TXT file consisting of "User Name" + "@" + "website domain name)
3. The default value of the path attribute is the root directory, that is, "/", regardless of the directory of the page where the cookie is sent. The program can be set to a certain path to further limit the scope of the cookie.
4. expires attribute, which sets the cookie expiration date and time. If you do not set the cookie validity period (the default setting), you can also create a cookie, but it will not be saved to the user's hard disk, but will become part of the user's session information, when the browser is closed or the session times out, the cookie disappears. This cookie is called a non-permanent cookie. The cookie for storing sessionid is such a cookie, which is not stored on the hard disk and only exists in the memory.
5. The cookie to be sent can be sent to the client by attaching it to the cookie attribute of response: reponse. Cookies. Add (cookie)
6. All cookies with the same domain attribute and path attribute are stored in a single file on the client. The cookies are separated. The first line of each cookie is the name of the cookie, the second line is the value, and the third line is a string consisting of the domain Attribute + path attribute, indicating the scope of the cookie, the other rows contain the daily processing information of cookies, such as the expiration date and time. There is also a simple checksum in the cookie. If you change the length of the cookie name or value, the browser will detect the modification and delete the cookie.
2. Read cookie
1. The request. Cookie attribute contains a set of all cookies sent from the client to the server. Only cookies within the scope of the request URL will be sent to the server by the browser along with the HTTP request.
2. The attributes of name and value and the values of subkeys are easy to read.
3. the domain and path attributes cannot be read, The read domain attribute is always "", and the read path attribute is always "/". These attributes have limited usage. If your page and cookie are not in the same domain, you will not receive the cookie at the page location.
4. The cookie expiration date and time cannot be read. In fact, when the browser sends cookie information to the server, the browser does not include the expired information. You can read the expires attribute, but always return a zero date/time value. The expires attribute is mainly used to help the browser perform daily management of cookie storage. From the server perspective, the cookie either exists or does not exist. Therefore, the validity period is not useful for the server. Therefore, the browser does not provide this information when sending cookies. If you need the cookie expiration date, you must reset it.
3. Modify and delete cookies
1. In fact, you cannot directly modify a cookie. Instead, you create a cookie with the same name and send the cookie to the browser to overwrite the old cookie on the client.
2. similarly, you cannot directly delete a cookie. You can modify a cookie to allow the browser to help you delete the cookie. Modify the Cookie's validity period to a certain time in the past, when the browser checks the cookie validity period, the expired cookie is deleted.
Relationship between cookie and session
1. session in Asp.net can adopt cookie and cookieless methods. cookieless places sessionid in the URL and transmits it back and forth between the client and the server without Cookie. This method is not discussed here.
2. In Asp.net, when the customer requests a URL for the first time, the server generates a sessionid for the customer and sends it to the client using a non-permanent cookie.
3. Non-permanent cookies disappear only when the browser is closed. The session timeout is determined as follows:
3.1 When the client accesses the server for the first time, it will get a sessionid and send it to the client as a non-permanent cookie.
3.2 When you access this URL before closing the browser, the browser will send this sessionid to the server, the server maintains various statuses of the server corresponding to this customer based on the sessionid (that is, various values saved in the session) and can operate on these sessions in the Web application.
3.3 The server maintains the expiration time of this sessionid. You can set the Session Timeout time in IIS. Each request causes the server to extend the expiration time of this sessioid by a set timeout time.
3.4 when the server finds that a sessionid is out of date, that is, a customer has not accessed the site again within the specified timeout period, and deletes the sessionid along with all session variables related to the sessionid.
3.5 before the browser of the client is closed, the server does not know that the sessionid has been deleted. The client still sends the cookie of this sessionid to the server, but the server does not know the sessionid at this time, the user is treated as a new user and a new sessionid is assigned again.
Iv. view State
This is a new concept. Its usage is the same as session. Its main purpose is to record the status of web control. Although it is new, it is no different from the application and session usage, so I don't want to explain it in detail.
State ["droploadindex"] = 0;
The basic usage is as follows: however, keep in mind that the information it saves can only be used in one aspx file. This is useless after it is released, because it only saves the status of the web control.
Write
Response. Cookies ["username"]. value = "Patrick ";
Response. Cookies ["username"]. expires = datetime. Now. adddays (1 );
Httpcookie acookie = new httpcookie ("lastvisit ");
Acookie. value = datetime. Now. tostring ();
Acookie. expires = datetime. Now. adddays (1 );
Response. Cookies. Add (acookie); read if (request. Cookies ["username"]! = NULL)
Label1.text = server. htmlencode (request. Cookies ["username"]. value );
If (request. Cookies ["username"]! = NULL)
{
Httpcookie acookie = request. Cookies ["username"];
Label1.text = server. htmlencode (acookie. value );