Overview:
The Session Object is how you track a single user across many pages. It has four (4) properties, two (2) collections, one (1) method, and two (2) events.
Get Started:
In this series of examples we will create a password system. We will use the Session Object to track whether or not a user is authorized to view certain pages. Below are several scripts for lesson12. Look at them, play with, and then read the explanations that come further down the page.
<%@LANGUAGE="JavaScript"%> <% //No ASP Here, just a regular HTML Page %> <HTML> To play along with our password page, put in a user name and a password.<BR> <BR>The correct user name is <I>guest</I>.<BR> And the correct password is also <I>guest</I>.<BR> <FORM METHOD="post" ACTION="script12a.asp"> User:<INPUT TYPE="text" SIZE="9" NAME="userName" VALUE="guest"><BR> Pass:<INPUT TYPE="password" SIZE="9" NAME="userPassword" VALUE="guest"> <BR> <INPUT TYPE="submit" value="Login"> </FORM> </HTML>
Click Here to run script12.asp in a new window. Below is script12a.asp.
<%@LANGUAGE="JavaScript"%>
<%
var userName=new String(Request.Form("userName"))
var userPassword=new String(Request.Form("userPassword"))
if (userName=="guest" && userPassword=="guest")
{
Session("Authorized")=true
Response.Redirect("script12b.asp")
}
else
{
Session("Authorized")=false
%>
<HTML>
You did not supply the correct Name & Password.<BR>
<A HREF="script12.asp">Click here</A> to log in.
</HTML>
<%
} //end else statement
%>
We'll skip over script12b.asp entirely because it's almost exactly the same as script12c.asp. Down below is script12c.asp.
<%@LANGUAGE="JavaScript"%>
<%
if (Session("Authorized")!=true)
{
%>
<HTML>
You are not an authorized user.<BR>
<A HREF="script12.asp">Click here</A> to log in.
</HTML>
<%
}
else
{
%>
<HTML>
The <B>second</B> of two pages that are password protected.<BR>
<A HREF="script12d.asp">Click Here</A> to log out.
</HTML>
<%
} //end of else statement
%>
Above is script12c.asp, which is the second of two password-protected pages. Below is script12.asp, which is the logout page.
<%@LANGUAGE="JavaScript"%>
<%
if (Session("Authorized")!=true)
{
%>
<HTML>
You are not an authorized user.<BR>
<A HREF="script12.asp">Click here</A> to log in.
</HTML>
<%
}
else
{
var SessionID=Session.SessionID
Session.Abandon()
%>
<HTML>
You have sucessfully logged out.<BR>
This was session <%=SessionID%>.<BR><BR>
Now try a link to one of the
pages you've already visited.<BR><BR>
<A HREF="script12b.asp">script12b.asp</A><BR>
<A HREF="script12c.asp">script12c.asp</A><BR>
<A HREF="script12d.asp">script12d.asp</A><BR>
</HTML>
<%
} //end of else statement
%>