Check for session cookies?

Forum Moderators: open

Message Too Old, No Replies

Check for session cookies?

My site uses session variables but it doesn't work if no sessions

KRMwebdesign

10:02 am on Jan 20, 2010 (gmt 0)

My site uses session variables for those who are logged in but as far as I know it won't work if sessions are not enabled. Is there any way to check that sessions are enabled on the browser before executing the rest of my code?

I'm using classic ASP.

Thanks for any help given.

Ocean10000

5:05 am on Jan 21, 2010 (gmt 0)

Are you talking about determining when browsers have disabled cookies, used to track the sessionID?

Seb7

1:04 pm on Jan 22, 2010 (gmt 0)

Its difficault.

Often, I just set a session on every page, and test if it exists. This tells me if they are using cookies, but not if they are not.

eg.

[fixed]
 if session("hassession")="y" then
 response.write "we have a working session"
 else
 session("hassession")="y"
 end if
[/fixed]

I suppose you could write a little javascript which exectutes a little ajax or something when it can see a session cookie from the server. but then they doesnt neccessary mean they have been disabled either.

Here part of some old javascript of my mine which looks for a session cookie:

[fixed]
 var thesession,thesessionn,thesessionv;
 var allcookie = unescape(document.cookie);
 var allcookies = allcookie.split(";");
 for ( i = 0; i < allcookies.length; i++ ) {
acookie = allcookies[i].split("=");
acookie[0] = acookie[0].replace(/^\s+Ś\s+$/g, '');
if (acookie[0].substring(0,10)=="ASPSESSION") {
thesessionn = acookie[0];
thesessionv = acookie[1].replace(/^\s+Ś\s+$/g, '')}
}
[/fixed]

I would be interested to know if anyone has a good method of testing this.

KRMwebdesign

12:37 pm on Jan 25, 2010 (gmt 0)

My question was regarding if they have sessions enabled on the browser. I've seen it done on social networking sites like Bebo and MySpace. If you don't have sessions enabled a message will show up saying

"this website uses sessions. You will need to enable sessions in the browser settings in order to use this site"

At the moment I just have if <% if session("mysession") = "" then response.redirect("login.asp") %> but that won't tell the user why they can't login. Although perhaps I could make this clear on the login page.

Thanks for the help guys. Any other suggestions would also be appreciated.

Seb7

6:57 pm on Feb 10, 2010 (gmt 0)

A simple popup box saying that sessions is not enabled is not easy as it looks.

Note that sessions not working, is usually because cookies are turned off.

Personally, I would just set a session on the login page. If it doesnt exist at login, then redirect to page explaning that they need to session/cookie enable.

eg.
login.asp:


<%
if request.form()<>"" then
if session("working")="ok" then
user = request.form("user") 
pass = request.form("pass") 
'... test user/pass ... 
if ok then
response.redirect "home.asp" 
response.end 
end if
errmsg = "Your login credentials was incorrect." 
else
errmsg = "Please enable cookies" 
end if
end if 

session("working")="ok" 
response.write errmsg 
%> 
<p> 
<form method=post> 
<input name=user> 
<input type=password name=pass> 
<input type=submit value="login">
</form>