Overview:
The Session Object is how you track a single user across many pages. It has four (4) properties, two (2) collections, one (1) method, and two (2) events.
Get Started:
In this series of examples we will create a password system. We will use the Session Object to track whether or not a user is authorized to view certain pages. Below are several scripts for lesson12. Look at them, play with, and then read the explanations that come further down the page.
<%@LANGUAGE="JavaScript"%> <% //No ASP Here, just a regular HTML Page %> <HTML> To play along with our password page, put in a user name and a password.<BR> <BR>The correct user name is <I>guest</I>.<BR> And the correct password is also <I>guest</I>.<BR> <FORM METHOD="post" ACTION="script12a.asp"> User:<INPUT TYPE="text" SIZE="9" NAME="userName" VALUE="guest"><BR> Pass:<INPUT TYPE="password" SIZE="9" NAME="userPassword" VALUE="guest"> <BR> <INPUT TYPE="submit" value="Login"> </FORM> </HTML>
Click Here to run script12.asp in a new window. Below is script12a.asp.
<%@LANGUAGE="JavaScript"%> <% var userName=new String(Request.Form("userName")) var userPassword=new String(Request.Form("userPassword")) if (userName=="guest" && userPassword=="guest") { Session("Authorized")=true Response.Redirect("script12b.asp") } else { Session("Authorized")=false %> <HTML> You did not supply the correct Name & Password.<BR> <A HREF="script12.asp">Click here</A> to log in. </HTML> <% } //end else statement %>
We'll skip over script12b.asp entirely because it's almost exactly the same as script12c.asp. Down below is script12c.asp.
<%@LANGUAGE="JavaScript"%> <% if (Session("Authorized")!=true) { %> <HTML> You are not an authorized user.<BR> <A HREF="script12.asp">Click here</A> to log in. </HTML> <% } else { %> <HTML> The <B>second</B> of two pages that are password protected.<BR> <A HREF="script12d.asp">Click Here</A> to log out. </HTML> <% } //end of else statement %>
Above is script12c.asp, which is the second of two password-protected pages. Below is script12.asp, which is the logout page.
<%@LANGUAGE="JavaScript"%> <% if (Session("Authorized")!=true) { %> <HTML> You are not an authorized user.<BR> <A HREF="script12.asp">Click here</A> to log in. </HTML> <% } else { var SessionID=Session.SessionID Session.Abandon() %> <HTML> You have sucessfully logged out.<BR> This was session <%=SessionID%>.<BR><BR> Now try a link to one of the pages you've already visited.<BR><BR> <A HREF="script12b.asp">script12b.asp</A><BR> <A HREF="script12c.asp">script12c.asp</A><BR> <A HREF="script12d.asp">script12d.asp</A><BR> </HTML> <% } //end of else statement %>