In addition to objects for sending (Response), receiving and processing data (requeest), server access (servers) in programming ASP objects, there are some very useful markup active Object for the server application (application) and individual user information (session).
Session Object
This object accounts for a significant proportion of ASP usage. Because the Web page is a stateless program, the user browsing State is not known. In ASP, through the session object to record the user's private data variables, as users again to request the server to confirm, users in the program's Web page jumps between the existence of the session object variables will not disappear.
These are really important features, especially if a member's system has to be used. Like a member's login account, time, status, and many of the recorded real-time data (such as the shopping system records the user's basket of goods), this information belongs to the user's private needs, usually developers are using the session record processing.
The session in ASP is composed of cookies, the server will all the data recorded in the session, in the form of cookies to the user's browser. Usually the browser will save these cookies, every time the user click on the link, again with the server online, the browser will send these cookies back to the server for processing: this is the operating principle of the session. This allows session-state sessions to be preserved only in browsers that support cookies, and if the client turns off the cookie option, it won't work.
First, Session.SessionID
The SessionID property returns the user's session identity. When you create a session, the server generates a separate identity for each session, and the session identity is returned with the long shaping data type. In many cases SessionID can be used for WEB page registration statistics.
This property can be used to solve a problem of user control. The main function of the problem is that a module for a Web site, when a member is looking at this module after login, another person to log in with the same member name, you can not browse this module: that is, a member name can only one person browsing this module.
Control is achieved by using a member name (assumed to be userid, unique) and SessionID. When the member logs in, give this member a session record login status such as: Session ("Status") = "logged", at the same time the member's Session.SessionID written to the database. When he wants to browse this module, first determine whether it is logged in, if you have logged in again to determine whether its sessionid is the same as the database records, if different can not access.
In this way, when another user logs in with the same member name, the database records the new SessionID, which cannot be checked when accessing the module. This realizes a member name and can only browse a module by one person at a time. This feature has a special role in a number of toll sites, it prevents a member name for many people to browse the problem, for the company to protect the interests.
<%=Session.SessionId%> is a single generated unique ID identification that refreshes debugging.
Second, Session.Timeout
The maximum time interval for the session that is set by this property. The interval is the time that the client side requests from the most recent to the Web server to the next request to the Web server. It can be understood that if a user does not refresh or request a Web page within the time-out period, the session terminates. The Timeout property specifies the time-out period for the session object of the application in minutes, and generally defaults to 20 minutes. This in the Internet cafes and other public places, login personal information page and forget to close the window, it is more important (at least the time can be set short).
<%=Session.TimeOut=10%>
The above SessionID, timeout belong to the two properties of the session object, see one method of the object abandon
Third, Session.Abandon
This method is the only method of the session object that clears the session object to eliminate the user's session object and frees up the resources it occupies. Of course, if you don't explicitly call the Abandon method, the server will also delete the objects and release resources once the session times out.
The following two-page program is used to understand the session object and the use of the Abandon method.
1. Login.asp
<% ' is to extract whether the value of the variable loginout in the URL is true, and if true, execute Session.Abandon (). If Request.QueryString ("loginout") = "true" then Session.Abandon () End If "Only if you click on the Submit button, then to judge that the extracted object is not empty," The session object is established. Submitname=request.form ("Submit1") if Submitname= "Submit" Then if Request.Form ("name") <> "" and Request.Form (" PWD ") <>" "Then session (" name ") =request.form (" name ") session (" PW ") =request.form (" pwd ") End IfEnd if%><% ' If the session ("name") is not empty, the value of the session ("name") is displayed, and a link to the info.asp is made. If session ("name") <> "Thenresponse.write" ("Your Name value is:" &session ("name")) Response.Write ("<br><a href= ' info.asp ' > Show your Data </a> ' else ' otherwise, that is, the session ("name") is null and does not exist, then the form is displayed to enter the platform on which to establish the session. %><form action= "Login.asp" method= "POST" > Name: <input type= "text" name= "name" ><br> Password: <input type= "Password" name= "pwd" ><br><input type= "Submit" value= "Submit" Name= "Submit1" ></form>< !--also made a link to info.asp. --><a href= "info.asp" > Display your information </a><%end if%>
Note that the session ("name") is empty and not empty, have done a link to the info.asp, the specific debugging results, and then look at the content of info.asp.
2. Info.asp
<% ' If the Session object value is null, jump to login.aspif session ("name") = "" Then Response.Redirect ("login.asp") ' Otherwise display personal information else Response.Write ("Your Name:" &session ("name") & "<br>") Response.Write ("Your Password:" &session ("PW") & "< Br> ") End if%><a href=" Login.asp "> Return </a><a href=" Login.asp?loginout=true "> Exit </a>
It can be seen that the info.asp page content display is in fact need conditions. That is, you have to have a session value to exist so that you can display specific information. This is used more in the login system.
You can think of login.asp as a login window, of course my this relatively simple (as long as the input with the name and password on the production session), the actual situation is: To determine the input of the name and password and the database with the name and password, if the correct match to generate session. However, the role of info.asp page just can be done as a permission page, because the page needs to enter the session, and the emergence of the session is to ensure that the name of the correct password.
So when you start to appear in the form window, you dot login.asp link is not open, only when the table is submitted to a single session before entering. This is the essence of the login system, do you Know? :)
Four, Session_OnStart
Session_OnStart A class of events that belong to the session object. It occurs when a new session is created by the server. The server processes the requested page before it is executed. The Session_OnStart event is the best time to set session variables, because they are set before any pages are accessed.
Each time a routine of an object triggers a Session_OnStart event, and then runs the process of Session_OnStart events. That is, when the server receives an HTTP request for a URL in the application, it triggers the event and establishes a Session object.
Of course, when it comes to the Session_OnStart incident, you can't stop talking about a file Global.asa (P.S: I'm going to put this file and the chat program together, so don't explain too much now)
The specific usage first discloses, writes in the Global.asa file inside
<script runat=server Language=vbscript> ... Sub Session_OnStart ..... End Sub.......</script>
Five, Session_OnEnd
A look also knows is the session object another kind of event. When the Session.Abandon method is invoked or not refreshed during the timeout time, this triggers the Session_OnEnd event and executes the script inside. The same specific usage is described in detail in the Global.asa file topic to be written later, the simple syntax is as follows: