ASP Tutorials - Herong's Tutorial Notes
Dr. Herong Yang, Version 4.11

ASP Sessions

Part:   1  2  3 

ASP Tutorials - Herong's Tutorial Notes © Dr. Herong Yang

hyBook - Guestbook Application

Using MS Access Databases

ActiveX Data Object (ADO)

Controlling Response Header Lines

Microsoft Scripting Runtime DLL

Using Cookies

ASP Sessions

ASP Objects

Microsoft Script Debugger

Internet Information Services (IIS)

... Table of Contents

(Continued from previous part...)

Here is the second ASP page, reg_done.asp: 

<script language="vbscript" runat="server">
'  reg_done.asp
'  Copyright (c) 2002 by Dr. Herong Yang
'  This ASP page confirms a registration.
'
   response.write("<html><body>")
   ' Save the data here
   response.write("<b>Thank you registrating with us</b>:<br/>")
   response.write("Firt Name:")
   response.write(application("first_name") & "<br/>" & vbNewLine)
   response.write("Last Name:")
   response.write(request.QueryString("last_name") & "<br/>" &vbNewLine)
   response.write("Email:")
   response.write(session("email") & "<br/>" & vbNewLine)
   response.write("URL:")
   response.write(session("url") & "<br/>" & vbNewLine)
   response.write("Your session ID is " & session.SessionID & "<br/>")
   response.write("</body></html>")
</script>

Request reg_form.asp with IE, and fill in the form with: 

Firt Name: Bill
Last Name: Smith
Email: bill@smith.com
URL: www.smith.com

Then click the Submit button, you will get the output of reg_done.asp: 

Thank you registrating with us:
Firt Name:Bill
Last Name:Smith
Email:bill@smith.com
URL:www.smith.com
Your session ID is 42285894

A couple of interesting notes:

  • reg_form.asp page is designed to serve two functions: presenting the form and collecting data from the submitted form.
  • When reg_form.asp is requested for the first time, there will be no "submit" in the QueryString. So the ASP script will continue with presenting-form section.
  • When the user finishes filling in the form, and clicks the Submit button, the browser will request reg_form.asp again and attach all the data in the form as QueryString. This behavior is specified by the <form> tag.
  • When reg_form.asp is requested by the Submit button, "submit" will have "Submit" as its value. So the ASP script will continue with the collecting-data section.
  • In the collecting-data section, I wanted to pass the collected data to another ASP page. Here I intentionally used three approaches to pass the data to reg-done.asp.
  • "url" and "email" are passed through the session.Contents collection. This is probably the best approach to pass data from one ASP page another.
  • "first_name" is passed through the application.Contents collection. This is not a safe approach to pass values on multi user server, because if there is another user filling this registration at this registration form as you, you could picked value saved by the other user.
  • "last_name" is passed as part of the redirect URL. This is a safe approach. But "last_name" is exposed to the user in the browser's URL area. So you should not use this approach to pass sensitive information from one ASP page to another.

HTTP Communication Level Debugging

If you have a problem with your ASP application at the HTTP communication level, one good debugging tool is the Perl LWP package. It can be used as a Web browser to talk to your ASP application, and to log everything at the HTTP communication level.

Here is my sample Perl program, reg_client.pl, designed to work with my previous ASP registration application: 

#- reg_client.pl
#- Copyright (c) 2002 by Dr. Herong Yang
  use LWP::Debug qw(+);
  use LWP::UserAgent;
  use HTTP::Cookies;
  ($url) = @ARGV;
  $url =  'http://localhost' unless $url;
  $ua = new LWP::UserAgent;
  $cookie_jar = HTTP::Cookies->new;
  &getForm();
  &submitForm();
  exit;
sub getForm {
  $u =  $url.'/reg_form.asp';
  my $req = new HTTP::Request GET => $u;
  my $res = $ua->request($req);
  $req = $res->request();
  $cookie_jar->extract_cookies($res);
  &dump($req,$res);
}
sub submitForm {
  $u =  $url.'/reg_form.asp?first_name=Herong&submit=Submit';
  my $req = new HTTP::Request GET => $u;
  $cookie_jar->add_cookie_header($req);
  my $res = $ua->request($req);
  $req = $res->request();
  $cookie_jar->extract_cookies($res);
  &dump($req,$res);
}
sub dump {
   local ($req,$res) = @_;
   print "\nREQUEST-HEADERS\n";
   print $req->headers_as_string();
   print "\nREQUEST-CONTENT\n";
   print $req->content;
   if ($res->is_success) {
      print "\nRESPONSE-HEADERS\n";
      print $res->headers_as_string();
      print "\nRESPONSE-CONTENT\n";
      print $res->content;
   } else {
      print "\nRESPONSE-ERROR\n";
      print $res->error_as_HTML();
   }
}

(Continued on next part...)

Part:   1  2  3 

Dr. Herong Yang, updated in 2002
ASP Tutorials - Herong's Tutorial Notes - ASP Sessions