I have a site that uses a secure login. From there svAccessGroup is set for the site. If a user enters the forum and then uses the 'Home' link to return to my main page on the site, they get 'No Access' So it seems the sv's from my site are being over written or killed. Anyone got a suggestion?
Snitz coexists OK with outside Session variables for me. Maybe there is some other problem. You can put some selective 'response.write' statements in your code to verify if the session variable is disappearing or not.
My first thought is: Look in your global.asa and make sure your session timeout wasn't somehow dropped to a really short amount of time. That may not be it, but I had the same issue once, and that was the reason.
Ok, Ive been away for a while but my users are complaining...
On my 'UserLogin' page (to the web site) I set the following session "svAccessGroup" from this various pages are controled. Now if any user logs into the Forum and then later hits the Home link (this takes them back to the 'Main' page... their access group session variable is dropped. The 'svAccessGroup' no longer exists. I have placed text: "Your access level is...." and when they return it has been droped.
I can't find any file names Global.asp (or am I missunderstanding something)
Something is killing the sv's but I can't see what!
You say it is secure site. Does this mean you are operating on a HTTPS rather than a HTTP?
Only a thought but if for any reason, your pages are switching between the two protocols, that would 'kill' your session variables because they only apply in one protocol.
We had a similar problem with trying to edit cookies from within our HTTPS when they had been created from our HTTP area. We basically couldn't access them because they didn't belong to the protocol.
May or may not help you but worth raising anyway I thought.
Thanks for the thought but no it's a http:// with user log-on from the default.asp This is where I'm setting the session's and and the site is working OK until you enter the forum and return :((
The part of the login code that sets the variables is as follows:
<% If rsLogin__strUserID <> "xyz" then If Not rsLogin.EOF Then Session("svID") = (rsLogin.Fields.Item("ID").Value) Session("svUserID") = (rsLogin.Fields.Item("UserID").Value) Session("svPassword") = (rsLogin.Fields.Item("Password").Value) Session("svAccessGroup") = (rsLogin.Fields.Item("AccessGroup").Value) Session("svFirstName") = (rsLogin.Fields.Item("FirstName").Value) Session("svType") = (rsLogin.Fields.Item("Type").Value) Session("svCompany") = (rsLogin.Fields.Item("CompanyName").Value) Response.Redirect "main.asp" Else Response.Redirect "login/loginretry.asp" End If End If %>
Pretty simple but why should the AccessGroup on be killed off?
Sorry.. don't understand what you mean by this. I have all on one site (dir on the host) database is in usual protected folder along with my database. All the link does is direct the user to the forum.asp
notice that there is no www in this second link. It is actually a different site as far as sessions and cookies go, hence why you have no session variables carried through.
Make sure you use relative links instead of absolute and then you will be ok.
In general, if you create a new web project with Visual Interdev or a new web site with Frontpage, you are creating a new web application with it's own global.asa. In IIS you can manually configure any virtual directory as a web application.
Each web application has it's own set of application and I think session objects. If you reference a page in a different web application there can be unexpected results with your application and session data.
Topic Locked
Posted - 02 July 2001 : 06:09:21
