Advanced ASP programming (8)

Author: cnbruce resending from: 5D multimedia

In addition to the objects used for sending (response), receiving and processing data (requeest), and server access (server), ASP objects also have some very useful application tags) and the object of a single user information (session.

Session Object
This object accounts for a considerable proportion of ASP usage. A web page is a stateless program and cannot be viewed by users. In ASP, session objects are used to record the user's private data variables, so as to confirm the user's request for the server again. When the user redirects between the web pages of the program, variables in the session object will not disappear.

These are really important functions, especially those that must be used by member systems. Such as the member's login account, time, status, and real-time data of many such records (for example, the shopping system records the items in the user's shopping basket). Such information is required by individual users, generally, developers use session record processing.

Sessions in ASP are composed of cookies. The server transmits the data recorded in all sessions to the user's browser as cookies. Generally, browsers store these cookies. When users click the link and connect to the server again, the browser will send these cookies back to the server for processing: this is the principle of session operation. It can be seen that session state sessions are only retained in browsers that support cookies. If the client closes the cookie option session, it will not be able to play a role.

I. session. sessionid
The sessionid attribute returns the user's session ID. When a session is created, the server generates a separate identifier for each session. The session identifier is returned as a long integer data type. In many cases, sessionid can be used for web page registration statistics.

This attribute can be used to solve a problem of user control. The main function of this problem is to view a module of a website. When a member logs on to this module and another user logs on with the same member name, the module cannot be viewed: that is to say, a member name can only be viewed by one person at the same time.

The member name (assumed as userid, unique) and sessionid are used for control. When a member logs on, a session is sent to the member to record the logon status, for example, Session ("status") = "logged", and the session. sessionid of the member is written to the database. When he wants to browse this module, he first checks whether he is logged on. If he has logged on, he checks whether his sessionid is the same as that recorded in the database. If not, he cannot access it.

In this way, when another user logs on with the same member name, the database records the new sessionid. The former cannot pass the check when accessing this module. This enables a single member name to be viewed by only one person at the same time. This feature has a special effect on some paid websites. It prevents a member name from being browsed by multiple users and safeguards the company's interests.

<% = Session. sessionid %>
Is a unique ID generated separately. You can refresh and debug it.

Ii. session. Timeout
The maximum interval of the session set for this attribute. The interval refers to the time when the client puts forward a request to the Web server from the last time to the next time. It can be understood that if the user does not refresh or request a webpage within the timeout period, the session will be terminated. The timeout attribute is measured in minutes and specifies the timeout period for the session object of the application. The default value is 20 minutes. This is important when you log on to the personal information page in public places such as Internet cafes and forget to close the window (at least you can set the time to be shorter ).

<%=Session.TimeOut=10%>

The preceding sessionid and timeout attributes belong to the Session object. The following describes a method of this object, abandon.

Iii. session. Abandon
This method is the only method for session objects. It can be used to clear session objects, eliminate user session objects, and release their occupied resources. Of course, if you do not explicitly call the abandon method, the server will delete these objects and release resources once the session times out.
Next we will use two page programs to understand the utilization of the session object and the abandon method.

1. login. asp

<%
'Indicates whether to extract the loginout value of the URL variable to true. If it is true, session. Abandon () is executed ().
If request. querystring ("loginout") = "true" then
Session. Abandon ()
End if
'The Session object is created only when the submit button is clicked and the extracted items are not empty.
Submitname = request. Form ("submit1 ")
If submitname = "Submit" then
If request. Form ("name") <> "" And request. Form ("PWD") <> "then
Session ("name") = request. Form ("name ")
Session ("PW") = request. Form ("PWD ")
End if
End if
%>
<%
'If SESSION ("name") is not empty, the value of Session ("name") is displayed and a link to info. asp is established.
If SESSION ("name") <> "then
Response. Write ("your name value is:" & SESSION ("name "))
Response. Write ("<br> <a href = 'info. asp '> show your materials </a> ")
Else
'Otherwise, that is, if the session ("name") is null and does not exist, a form is displayed to enter the platform for session creation.
%>
<Form action = "login. asp" method = "Post">
Name: <input type = "text" name = "name"> <br>
Password: <input type = "password" name = "PWD"> <br>
<Input type = "Submit" value = "Submit" name = "submit1">
</Form>
<! -- A link to info. asp is also made. -->
<A href = "info. asp"> show your materials </a>
<% End if %>

Note that when SESSION ("name") is empty or not empty, a link is made to info. asp. For details about the debugging result, refer to info. asp.

2.info. asp

<%
'If the session object value is null, it will jump to login. asp.
If SESSION ("name") = "" then
Response. Redirect ("login. asp ")
'Otherwise, the personal information is displayed.
Else
Response. Write ("Your name:" & SESSION ("name") & "<br> ")
Response. Write ("your password:" & SESSION ("PW") & "<br> ")
End if
%>
<A href = "login. asp"> return </a>
<A href = "login. asp? Loginout = true "> exit </a>

It can be seen that the display of info. ASP page content actually requires conditions. That is, a session value must exist to display the specific information. This is widely used in the login system.

You can set login. ASP is considered a logon window. Of course, this is relatively simple (only the user name and password are used to generate the session). The actual situation is: determine whether the entered username and password match the database username and password. If they are correct, the session is generated. However, the role of the info. ASP page can be just as a permission page, because the session is required to enter this page, and the session is generated to ensure that the name and password are correct.

Therefore, when a form window appears at the beginning, you cannot open the login. asp link. It can only be entered after the form is submitted to generate a session. This is exactly the essence of the logon system. Do you know? :)

Iv. session_onstart
Session_onstart is a type of event of the session object. It occurs when the server creates a new session. The server processes the script before executing the request page. Session_onstart events are the best time to set session-period variables, because they are set before accessing any page.

The session_onstart event is triggered every time the object is started, and the processing process of the session_onstart event is run. That is to say, when the server receives an HTTP request from a URL in the application, this event is triggered and a session object is created.

Of course, when talking about the session_onstart event, we can't help but talk about a file global. ASA (p.s: I'm going to put this file together with the chat program, so I won't explain it too much now)
The specific usage is disclosed first, and written inside the global. Asa file.

<SCRIPT RUNAT=Server Language=VBScript>
.......
Sub Session_OnStart
.......
End Sub
.......
</SCRIPT>

5. session_onend
At first glance, we know that it is another type of event of the session object. When the session. Abandon method is called or is not refreshed within the timeout time, this triggers the session_onend event and then runs the script. The specific usage will be detailed in the topic of the global. Asa file. The simple syntax is as follows:

<SCRIPT RUNAT=Server Language=VBScript>
.......
Sub Session_OnEnd
.......
End Sub
.......
</SCRIPT>

The above is the system learning of the session object.