Presentation is loading. Please wait.

Presentation is loading. Please wait.

 2004 Tau Yenny, SI - Binus M0194 Web-based Programming Lanjut Session 2.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: " 2004 Tau Yenny, SI - Binus M0194 Web-based Programming Lanjut Session 2."— Presentation transcript:

1  2004 Tau Yenny, SI - Binus M0194 Web-based Programming Lanjut Session 2

2  2004 Tau Yenny, SI - Binus 2 Application, Session and Cookies Application Object Session Object Cookies

3  2004 Tau Yenny, SI - Binus 3 Managing State on the Web What Exactly is State? Each client makes a connection to the server and the database application. The connection is normally established by authenticating the user. Authentication is typically a combination of identifying users through a user-name and then making them present a password to prove that they are a valid user. Ability to identify each client’s request, and hold values in memory that are related to just that user, provides state.

4  2004 Tau Yenny, SI - Binus 4 Managing State on the Web Why State So Important? To create Web-based application that interacts with users, it must be able to provide individual state for each user. We need to find a way to persist state for each of our visitors. If we can’t do that, we can’t reasonably expect to do anything that requires more than one ASP page, as the variables and other references in that page are all destroyed when page is finished executing

5  2004 Tau Yenny, SI - Binus 5 Managing State on the Web How we Create State on the Web The usual ways of providing state between page requests and site visits is through cookies.  Anonymous vs. Authenticated Visitors The most obvious method, implemented by many sites, is to pop up a login dialog. This authenticates you as a known and valid user, at which point a cookie can be place on your system to hold either the login details, or just a ‘key’ to indicate that you have been identified.  No more Anonymous Visitors A new Session object is created for the first access an ASP page on our server. A session identifier number is allocated to the session, and a cookie containing a specially encrypted version of the session identifier is sent to the client. Every time that this user access an ASP page, ASP looks for this cookie.

6  2004 Tau Yenny, SI - Binus 6 ASP Application Associated with two main topics:  The provision of global scope, through a globally accessible variable storage area  The integration with IIS through COM+, which allow us to better manage components What can we store in an application ?  Simple variables, such as strings and numbers (stored as Variants like all ASP script variables)  Variant-type arrays, made up of one or more dimensions  Variable references (again as Variants) that point to an instance of a COM object A Variant is the only variable type provided in the VBScript scripting engine for ASP (and Internet Explorer).

7  2004 Tau Yenny, SI - Binus 7 ASP Sessions The ASP application object can be used to store state that is global. We can use the same name for each variable. The same code would work transparently for each visitor because it would access that visitor’s own private storage area.

8  2004 Tau Yenny, SI - Binus 8 ASP Sessions Problem with Sessions  Some browsers and Web servers are case sensitive as far as URLs, paths and filenames are concerned. If a cookie has a path specified, and it is different to the path specified in a hyperlink in term of case, the browser may not return it to the server along with a page requested from that directory.  In previous version of IIS and ASP, there were some minor bug- associated problems with nested applications. These have been fixed in ASP 3.0  Session depend on cookies. Visitors that have cookies disabled, or whose browser doesn’t support them, won’t get a session started and so will not have access to a Session object.

9  2004 Tau Yenny, SI - Binus 9 The ASP Application Object Application Object’s Collections Collection NameDescription ContentsA collection of the variables (and their values) that are stored in the Application object, and are not defined using an element. This includes Variant arrays and Variant-type object instance references. StaticObjectsA collection of the variables that are stored in the Application object by using an element.

10  2004 Tau Yenny, SI - Binus 10 The ASP Application Object Application Object’s Methods MethodDescription Contents.Remove (“variable_name”)Removes a named variable from the Application.Contents collection. Contents.Removeall ( )Removes all variables from the Application.Contents collection. Lock ( )Locks the Application object so that only the current ASP pages has access to the contents. Used to ensure that concurrency issues do not corrupt the contents by allowing two users to simultaneously read and update the values. Unlock ( )Releases this ASP page’s lock on the Application object.

11  2004 Tau Yenny, SI - Binus 11 The ASP Application Object Application Object’s Events EventDescription onStartOccurs when the ASP application starts, before the page that the user requests is executed and before any user Session objects are created. Used to initialize variables, create objects, or run other code. onEndOccurs when the ASP application ends. This is after the last user session has ended, and after any code in the onEnd event for that session has executed. All variables existing in the application are destroyed when it ends.

12  2004 Tau Yenny, SI - Binus 12 The ASP Session Object Session Object’s Collections Collection NameDescription ContentsA collection of the variables and their values that are stored in this particular Session object, and are not defined using an element. This includes Variant arrays and Variant- type object instance references. StaticObjectsA collection of the variables that are stored in this particular Session object by using an element.

13  2004 Tau Yenny, SI - Binus 13 The ASP Session Object Session Object’s Properties PropertiesDescription CodePageRead/write. Integer. Defines the code page that will be used to display the page content in the browser. The code page is the numeric value of the character set, and different languages and locales may use different code pages. For example, ANSI code page is 1252 is used for American English and most European languages. Code page 932 is used for Japanese Kanji. LCIDRead/write. Integer. Defines the locale identifier (LCID) of the page that is sent to the browser. The LCID is a standard international abbreviation that uniquely identifies the locale; for instance 2057 defines a locale where the currency symbol used id ‘₤ ‘. This LCID can also be used in statements such as FormatCurrency, where there is an optional LCID argument. The LCID for a page can also be set in the opening ASP processing directive and overrides the setting in the LCID property of the session.

14  2004 Tau Yenny, SI - Binus 14 The ASP Session Object Session Object’s Properties PropertiesDescription SessionIDRead/write. Long. Returns the session identifier for this session, which is generated by the server when the session is created. Uniquely only for the duration of the parent Application object, and so may be re-used when a new application is started. TimeoutRead/write. Integer. Defines the timeout period in minutes for this Session object. If the user does not refresh or request a page within timeout period, the session ends. Can be changed in individual page as required. The default is 10 minutes, and shorter timeouts may be preferred on a high-usage site.

15  2004 Tau Yenny, SI - Binus 15 The ASP Session Object Session Object’s Methods Note that you cannot remove variables from the Session.StaticObjects collection at run-time MethodDescription Contents.Remove (“variable_name”)Removes a named variable from the Session.Contents collection. Contents.Removeall ( )Removes all variables from the Session.Contents collection. Abandon ( )Ends the current user session and destroys the current Session object once execution of this page is complete. You can still access the current session’s variables in this page, even after calling the Abandon method. However the next ASP page that is requested by this user will start a new session, and create a new Session object (if any exist).

16  2004 Tau Yenny, SI - Binus 16 The ASP Session Object Session Object’s Events EventDescription onStartOccurs when the ASP user session starts, before the page that the user requests is executed. Used to initialize variables, create objects, or run other code. onEndOccurs when the ASP user session ends. This happends when the predetermined session timeout period has elapsed since that user’s last page request from the application. All variables existing in the session are destroyed when it ends. It is also possible to end ASP user sessions explicitly in code using the Abandon method, and this event occurs when that happens.

17  2004 Tau Yenny, SI - Binus 17 Using Application and Session Events ASP raises event each time an application or session starts or ends. We can detect and react by writing normal script code in a special file – global.asa – located in the root directory of an application. This file can also contain one or more HTML elements, used to create component instances that will be used within that application or user’s sessions. The following code is an example global.asa file.

18  2004 Tau Yenny, SI - Binus 18 1. 2. 3. 4. 5. 6. 7. 8. Sub Application_onStart() 9. 'create an instance of an ADO Recordset with application-level scope 10. Set Application("ADOConnection") = Server.CreateObject ("ADODB.Connection") 11. Dim varArray(3)'create a Variant array and fill it 12. varArray(0) = "This is a" 13. varArray(1) = "Variant array" 14. varArray(2) = "stored in the" 15. varArray(3) = "Application object" 16. Application("Variant_Array") = varArray'store it in the Application 17. Application("Start_Time") = CStr(Now)'store the date/time as a string 18. Application("Visit_Count") = 0'set counter variable to zero 19. End Sub 20. Sub Application_onEnd() 21. Set Application("ADOConnection") = Nothing 22. End Sub

19  2004 Tau Yenny, SI - Binus 19 23. Sub Session_onStart() 24. 'Create an instance of the Adrotator component with session-level scope 25. Set Session("ASPAdRotator") = Server.CreateObject("MSWC.AdRotator") 26. Dim varArray(3)'create a Variant array and fill it 27. varArray(0) = "This is a" 28. varArray(1) = "Variant array" 29. varArray(2) = "stored in the" 30. varArray(3) = "Session object" 31. Session("Variant_Array") = varArray'store it in the Session 32. Session("Start_Time") = CStr(Now)'store the date/time as a string 33. 34. 'We can access the contents of the Request and Response in a Session_onStart 35. 'event handler for the page that initiated the session. This is the *only* 36. 'place that the ASP page context is available like this. 37. 'as an example, we can get the IP address of the user: 38. Session("Your_IP_Address") = Request.ServerVariables("REMOTE_ADDR") 39. 40. Application.Lock 'prevent concurrent updates 41. intVisits = Application("Visit_Count") + 1 'increment counter variable 42. Application("Visit_Count") = intVisits 'store back in Applcation 43. Application.Unlock 'Release lock on Application 44. End Sub 45. Sub Session_onEnd() 46. Set Session("ASPAdRotator") = Nothing 47. End Sub 48.

20  2004 Tau Yenny, SI - Binus 20 Using Application and Session Events Reading and Storing Values  To set the values : Application(“variable_name”) = variable_value Application(“variable_name”) = variant_array_variable_name Set Application(“variable_name”) = object_reference  To retrieve the values: variable_value = Application(“variable_name”) variant_array_variable_name = Application(“variable_name”) Set object_reference = Application(“variable_name”)

21  2004 Tau Yenny, SI - Binus 21 The ASP Processing Directive Directive KeywordDescription LANGUAGE=“language_name”Sets the default scripting language for the page. For example ENABLESESSIONSTATE = “True” | “False” When set to “True” prevents a session cookie from being sent to the browser, and so no new Session object will be created and any existing session content will not be available. CODEPAGE=“code_page”Sets the code page for the page. For example, LCID=“locale_identifier”Sets the locale identifier for the page. For example,

22  2004 Tau Yenny, SI - Binus 22 The ASP Processing Directive Directive KeywordDescription TRANSACTION = “transaction_type” Specifies that the page file will run under a transaction context. Legal issues are : “Required” : the script wil run within an existing transaction if one is available, or start a new transaction if not. “Requires_New” : the script will always initiate a new transaction. “Supported” : the script will run within an existing transaction if one is available, but will not start a new transaction. “Not_Supported” : the script will not run within any existing transaction, and will not initiate a new transaction We can include more than one in our processing directive – they must be separated by a space, with no spaces around the equals sign, for example :

23  2004 Tau Yenny, SI - Binus 23 1. 2. 3. <% 4. Response.Write " The ASP Application Object 5. Response.Write " The Application.Contents Collection " 6. For Each objItem in Application.Contents 7. If IsObject(Application.Contents(objItem)) Then 8. Response.Write "Object Reference: '" & objItem & "' " 9. ElseIf IsArray(Application.Contents(objItem)) Then 10. Response.Write "Array: '" & objItem & "' contents are : " 11. varArray = Application.Contents(objItem) 12. For intLoop = 0 To Ubound(varArray) 13. Response.Write " Index(" & intLoop & ") = " & varArray(intLoop) & " " 14. Next 15. Else 16. Response.Write "Variable: '" & objItem & "' = " & Application.Contents(objItem) & " " 17. End If 18. Next 19. Response.Write " The Application.StaticObjects Collection " 20. For Each objItem in Application.StaticObjects 21. If IsObject(Application.StaticObjects(objItem)) Then 22. Response.Write "<OBJECT> element: ID='" & objItem & "' “ 23. End If 24. Next 25. %> The ASP Application Object In Action

24  2004 Tau Yenny, SI - Binus 24 21. Add a value to the Application Object 22. " METHOD="POST"> 23. 24. Application(" 25. 26. ")=" 27. 28. " 29. 30. Remove a value from the Application Object 31. 32. Application.Contents.Remove(" 33. 34. <% 35. For Each objItem in Application.Contents 36. Response.Write " " & objItem & " " 37. Next 38. %> 39. 40. ") 41. 42. 43. Application.Contents.RemoveAll 44. The ASP Application Object In Action

25  2004 Tau Yenny, SI - Binus 25 45. <% 46. If Len(Request.Form("cmdAdd")) Then 47. strVarName = Request("txtVarName") 48. strVarValue = Request("txtVarValue") 49. Application.Lock 50. Application(strVarname) = strVarValue 51. Application.Unlock 52. End If 53. If Len(Request.Form("cmdRemove")) Then 54. strToRemove = Request.Form("lstRemove") 55. Application.Lock 56. Application.Contents.Remove(strToRemove) 57. Application.Unlock 58. End If 59. If Len(Request.Form("cmdRemoveAll")) Then 60. Application.Lock 61. Application.Contents.RemoveAll 62. Application.Unlock 63. End If 64. %> 65. 66. The ASP Application Object In Action

26  2004 Tau Yenny, SI - Binus 26 The ASP Application Object In Action

27  2004 Tau Yenny, SI - Binus 27 The ASP Session Object In Action 1. 2. The Session Object 3. 4. <% 5. Response.Write " The ASP Session Object The Session.Contents Collection " 6. For Each objItem in Session.Contents 7. If IsObject(Session.Contents(objItem)) Then 8. Response.Write "Object Reference: '" & objItem & "' " 9. ElseIf IsArray(Session.Contents(objItem)) Then 10. Response.Write "Array: '" & objItem & "' contents are : " 11. varArray = Session.Contents(objItem) 12. For intLoop = 0 To Ubound(varArray) 13. Response.Write " Index(" & intLoop & ") = " & varArray(intLoop) & " " 14. Next 15. Else 16. Response.Write "Variable: '" & objItem & "' = " & Session.Contents(objItem) & " " 17. End If 18. Next 19. Response.Write " The Session.StaticObjects Collection " 20. For Each objItem in Session.StaticObjects 21. If IsObject(Session.StaticObjects(objItem)) Then 22. Response.Write "<OBJECT> element: ID='" & objItem & "' " 23. End If 24. Next 25. Response.Write " Property Values " 26. Response.Write "Session.CodePage = " & Session.CodePage 27. Response.Write "; Session.LCID = " & Session.LCID 28. Response.Write "; Session.SessionID = " & Session.SessionID 29. Response.Write "; Session.TimeOut = " & Session.TimeOut 30. %>

28  2004 Tau Yenny, SI - Binus 28 The ASP Session Object In Action 31. " METHOD="POST"> 32. Add a value to the Session Object 33. 34. Session(" 35. 36. ")=" 37. 38. " 39. Remove a value from the Session Object 40. 41. Session.Contents.Remove(" 42. 43. <% 44. For Each objItem in Session.Contents 45. Response.Write " " & objItem & " " 46. Next 47. %> 48. 49. ") 50. 51. Session.Contents.RemoveAll 52. Terminating This Session 53. 54. Session.Abandon 55.

29  2004 Tau Yenny, SI - Binus 29 The ASP Session Object In Action 55. <% 56. If Len(Request.Form("cmdAdd")) Then 57. strVarName = Request("txtVarName") 58. strVarValue = Request("txtVarValue") 59. Session(strVarname) = strVarValue 60. End If 61. If Len(Request.Form("cmdRemove")) Then 62. strToRemove = Request.Form("lstRemove") 63. Session.Contents.Remove(strToRemove) 64. End If 65. If Len(Request.Form("cmdRemoveAll")) Then 66. Session.Contents.RemoveAll 67. End If 68. If Len(Request.Form("cmdAbandon")) Then 69. Response.Clear 70. Response.Redirect "abandon.asp“ 71. Response.End 72. End If 73. %> 74. 75.

30  2004 Tau Yenny, SI - Binus 30 The ASP Session Object In Action

31  2004 Tau Yenny, SI - Binus 31 The ASP Session Object In Action 1. 2. 3. Terminated Session 4. 5. 6. 7. " METHOD="POST"> 8. Your Session Has Been Terminated 9. A new Session will be started when you load another 10. ASP Page. It will contain any values that are defined in 11. the global.asa file for this application. 12. 13. Return to the previous page 14. 15. abandon.asp

32  2004 Tau Yenny, SI - Binus 32 The ASP Session Object In Action

33  2004 Tau Yenny, SI - Binus 33 Cookies Small chunks of text that are stored on the client’s system by their browser. Sent to the server with every request for a page from the domain to which they apply. Request.Cookies collection is read-only. Response.Cookies collection is write-only. Contain information in two ways:  single value  multiple-values

34  2004 Tau Yenny, SI - Binus 34 Cookies Creating a single value cookie Response.Cookies(“item-name”) = “item-value” Creating a cookie contain multiple values Response.Cookies(“item-name”)(“sub-item-name”) = “sub-item-value” To set the domain and path to which a cookie applies, and it’s expiry date : Response.Cookies(“item-name”).domain = “domain-url” Response.Cookies(“item-name”).path = “virtual-path” Response.Cookies(“item-name”).expires = #date# If the Expires property is not set, the cookie will be destroyed when user closes the current browser instance. To read the values of existing cookies: strSingleValue = Request.Cookies(“item-name”) strSubItemValue = Request.Cookies (“item-name”)(“sub-item-name”)

35  2004 Tau Yenny, SI - Binus 35 Storing a User’s Details in Cookies 1. 2. 3. Cookie Test - Login 4. 5. 6. Please enter your e-mail address and password to login to the system. 7. 8. E-Mail Address: 9. Password: 10. Save Login as a Cookie? 11. 12. 13. 14. 15.

36  2004 Tau Yenny, SI - Binus 36 Storing a User’s Details in Cookies

37  2004 Tau Yenny, SI - Binus 37 Storing a User’s Details in Cookies 1. <% 2. Dim bLoginSaved 3. If Request.Form("SaveLogin") = "on" Then 4. Response.Cookies("SavedLogin")("EMail") = Request.Form("email") 5. Response.Cookies("SavedLogin")("pw") = Request.Form("password") 6. Response.Cookies("SavedLogin").Expires = Date + 30 7. bLoginSaved = True 8. Else 9. bLoginSaved = False 10. End If 11. %> 12. 13. 14. Cookie Test - Check Login 15. 16. 17. <% 18. If bLoginSaved Then 19. Response.Write "Saving Login information to a cookie " 20. End If 21. %> 22. Thank you for logging into the system. 23. E-Mail address confirmation: 24. 25. CheckLogin.asp

38  2004 Tau Yenny, SI - Binus 38 Storing a User’s Details in Cookies

Download ppt " 2004 Tau Yenny, SI - Binus M0194 Web-based Programming Lanjut Session 2."

Similar presentations

Maintaining State Between the Client and Server Internet Programming Using VBScript and JavaScript 9.

Maintaining State Between the Client and Server Internet Programming Using VBScript and JavaScript 9.
UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Web-based Programming Lanjut Pertemuan 2 Matakuliah: M0492 / Web-based Programming Lanjut Tahun: 2007.

Web-based Programming Lanjut Pertemuan 2 Matakuliah: M0492 / Web-based Programming Lanjut Tahun: 2007.
CIS 451: ASP Sessions and Applications Dr. Ralph D. Westfall January, 2009.

CIS 451: ASP Sessions and Applications Dr. Ralph D. Westfall January, 2009.
1 Chapter 12 Working With Access 2000 on the Internet.

1 Chapter 12 Working With Access 2000 on the Internet.
VBA Modules, Functions, Variables, and Constants

VBA Modules, Functions, Variables, and Constants
1 Active Server Pages Active Server Pages (ASPs) are Web pages ASP = server-side scripts + HTML The appearance of an Active Server Page depends on who.

1 Active Server Pages Active Server Pages (ASPs) are Web pages ASP = server-side scripts + HTML The appearance of an Active Server Page depends on who.
Client State Management & Application Security  Client State Management  Concept  ASP Examples  Application Security  Database Based Approach 

Client State Management & Application Security  Client State Management  Concept  ASP Examples  Application Security  Database Based Approach 
CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie(name, value, expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.

CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie("name", "value", expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
McGraw-Hill/Irwin © 2004 by The McGraw-Hill Companies, Inc. All rights reserved. Beginning Active Server Pages Barry Sosinsky Valda Hilley Programming.

McGraw-Hill/Irwin © 2004 by The McGraw-Hill Companies, Inc. All rights reserved. Beginning Active Server Pages Barry Sosinsky Valda Hilley Programming.
Using Data Active Server Pages Objectives In this chapter, you will: Learn about variables and constants Explore application and session variables Learn.

Using Data Active Server Pages Objectives In this chapter, you will: Learn about variables and constants Explore application and session variables Learn.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.

8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.

CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.
IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.

IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.
 2004 Tau Yenny, SI - Binus M0194 Web-based Programming Lanjut Session 1.

 2004 Tau Yenny, SI - Binus M0194 Web-based Programming Lanjut Session 1.

Similar presentations

Ads by Google