State Management :: When Redirect The Users To The Secure Site, The Basket Appears Empty?
Oct 1, 2010
I have 2 sites, one the main product site the other a secure site featuring the basket and checkout processes.
When a user clicks "add item to basket" I am creating a basket in a database and then adding the items to the basket. The theory was then to store the id from the database for the basket (the basketid) in a cookie, redirect the user to secure site, use the basket id from the cookie and display the contents in the basket.
However I am having trouble getting the secure site to use the same cookie. When I redirect the users to the secure site, the basket appears empty. I need to go back to the main site and then back to secure before the cookie appears.
Here is the code for the cookie
[Code]....
And then on the secure site this is how it gets the basket ID from the cookie
[Code]....
But like I say it's having problems. I've tried replacing the cookies with session variables as well but it didn't work.
View 6 Replies
Similar Messages:
Jul 28, 2010
I have 2 sites, one the main product site the other a secure site featuring the basket and checkout processes.
When a user clicks "add item to basket" I am creating a basket in a database and then adding the items to the basket. The theory was then to store the id from the database for the basket (the basketid) in a cookie, redirect the user to secure site, use the basket id from the cookie and display the contents in the basket.
However I am having trouble getting the secure site to use the same cookie. When I redirect the users to the secure site, the basket appears empty. I need to go back to the main site and then back to secure before the cookie appears.
Here is the code for the cookie
[Code]....
And then on the secure site this is how it gets the basket ID from the cookie
[Code]....
But like I say it's having problems. I've tried replacing the cookies with session variables as well but it didn't work.
View 1 Replies
Jul 14, 2010
I need to get the calling page url referrer and host name. I works for me if the calling pages are within the same network. When a page is called from an internal site that are outside of my network, I got the following error:
Object reference not set to an instance of an object.
It failed on this line:
string userURL = Request.UrlReferrer.ToString();
View 1 Replies
Jan 29, 2011
I need to save how many times (seconds / minutes) each user spend in my site from his enterance to my site till exit it. How can I do this?
View 9 Replies
Apr 2, 2010
l am facing a problem with session.
If many users access the site, the session gets crashed and data which i store to access across pages is getting lost.
a best way to store data (as session does) so that i can use the data across my web application.
View 5 Replies
Sep 8, 2010
I am busy building a shopping cart with cookies. I have datalist which I populate from the cookies with a delete button next to each cookie
[Code]....
Now the problem is that when I hit the delete / remove button to expire the cookie, what happens when repopulating the datalist is that it shows the original cookie with all it's values as well as a new entry where all the values are blank.
View 3 Replies
Jul 28, 2010
I have two websites one in ASP.Net and other in PHP.I want that if a person logged in on one website then he gets a link for second website. When he/she click on that link his userID is passed to second site. If i am using query string then it is security lack. Can I use web Services for that. How I make web service secure. Is there are other way of doing this.
View 8 Replies
Aug 30, 2010
Example scenario:
User login has a list of associated 'accounts' it has access to... this list of accounts is stored in a database table, say tblAccountAccessControl, something like:
login, accountID
userA, account123
userA, account456
userA, account798
userB, accountABC
userB, accountDEF
etc..
This info is used throughout the web application and determines the 'domain' of information the particular login has access to. For example there are many other tables that have the 'accountID' field and whenever a page pulls data from the table it only pulls data that the currently logged in user should be allowed to see, based on that tblAccountAccessControl data.
The security question:
Do I need to query the database every time I need to get this list of allowed accountID's? I was about to use a plain old query string to pass a particular accountID to another page but quickly caught myself as I realized that would be a major security flaw (the receiving page was going to use that accountID to grab info from the database, and there would be nothing preventing a user from simply typing in a url manually to get data from an accountID they are not supposed to be allowed to view). So I then thought I'll just store the list of accountID's in a session state variable so they will be carried with the user throughout the session.
But then I remembered there are tools out there that allow you to easily intercept and modify asp.net viewstate information and I'm not sure if that would included session state variables, but I'm guessing they would. Is there a way to create a secure query string? If I used session state would that session state information be exposed and modifyable by utilities out there? Am I just stuck having to query the database every time I need this info to assure security? What about encrypting it and then storing in session state variable (just thought of that one)?
View 5 Replies
Jul 6, 2010
I have a treeview that shown groups and their sub groups in my usercontrol. I pass the parent GroupId to the usercpntrol from the page. I want to cache nodes of treeview for every Parent Group Id. My code is works good for first time and fill the cache object . after refresh the page, cache object fill the TreeNodeCollection succesfully and everything is ok. But after another refresh, cache object is not null but is empty and TreeNodeCollection.count is zero(0). What's my fault? Please help me to solve this problem.
[Code]....
View 5 Replies
Mar 8, 2010
My app has broken after upgrading to ASP.NET 2.0. The problem is that Request.QueryString is empty when the SelectedIndexChanged event of a IE Web Controls tab strip is fired. It worked perfectly in ASP.NET 1. I have the tab strip contained within my own UserControl.
View 3 Replies
Feb 14, 2011
I have this code in a button click event:
[Code]....
When the page is first opened, Session("LeverancieFilterExpression")) is supposed to be blank or empty so the next statement should be executed but this is not happening. Can anyone explain why? I have the .IsNullOrEmpty method elsewhere in the program and it seems to work. Also, I have
[Code]....
in the page load.
View 9 Replies
May 26, 2010
I am trying to pass a key value from one page to another, using VB.net and Visual Studio 2008 Professional. I am creating a session variable in one aspx page and trying to retrive the value in the second aspx page (Dircted to by a button with the postbackurl set) However, the session object is empty when I try to access it in the second page. If, however, i put a debug hold on the code which retrieves the variable, and examine the session object from the "locals" debug window, i see contents. When I then resume the application the code retrieves the value correctly. I am executing my code using the development server that comes with Visual Studio. Could it have something to do with that?
First Page:
[Code]....
Second Page:
[Code]....
View 4 Replies
Mar 30, 2010
Can anyone explain to me why this first example works fine but the second, which would use a little less code and in my mind appears to achieve the same result, yet throws a null ref error?
This works ...
if (Session["sid"] == null || Session["sid"].ToString() == "")
{
// session is NOT valid.
}
else
{
// session is valid.
}
This does not work?
if (String.IsNullOrEmpty(Session["sid"].ToString()))
{
// session is NOT valid.
}
else
{
// session is valid.
}
View 5 Replies
Jul 6, 2010
Our project contains the folder structure. when I redirect to page in different folder, session automaticaly ends. How can I prevent this?
View 2 Replies
Dec 20, 2010
I created three web pages: Page1, Page2, Page3. In Page1, two variables(Var1, Var2) were stored by subkeys(Key1, Key2) in a single cookie. After storing, Page1 was redirected to Page2 by Server.Transfer() as the following code:
Response.Cookies("MyCookie")("Key1") = Var1
Response.Cookies("MyCookie")("Key2") = Var2
Server.Transfer("Page2.aspx")
Similarly, I use subkeys(Key3 ~ Key5) to store three variables(Var3 ~ Var5) in Page2 and then redirect to Page3 as the following code:
Response.Cookies("MyCookie")("Key3") = Var3
Response.Cookies("MyCookie")("Key4") = Var4
Response.Cookies("MyCookie")("Key5") = Var5
Server.Transfer("Page3.aspx")
If Cookies("MyCookie") isn't rewritten by other code, it should return Var1 ~ Var5 respectively to execute Request.Cookies("MyCookie")("Key1") ~ Request.Cookies("MyCookie")("Key5") in Page3. However... Strange things happened, Var1 and Var2 were not returned, but empty string are returned instead.
View 10 Replies
Jul 30, 2010
In certain pages when i try to rediect to a perticular page the Session automaically gets assigned to null, have no idea why is this happening.-No where I'm using Session.Remove or Session.RemoveAll.-Also not even using EnableSessionState="true" or "false" as by default it will always be true, I know...
View 3 Replies
Jan 4, 2011
I have an issue of losing an InProc session variable when I call Response.redirect. I have seen a number of posts related to this, but haven't found a solution. My code is essentially:
Session("MyVariable") = "SomeBoolean"
Response.Redirect("NewUrl.aspx", false)
When I try to read Session("MyVariable") on the NewUrl.aspx page, it doesn't exists.
What's odd is that this doesn't typically happen in my local environemnt, but hapens quite often, if not all the time, on the shared server this application resides on. I saw some info about web farms and load balancing which could cause an issue. I am fairly certain this app is not part of a web farm.
A little background, in case there is a better method than using Session State...
I have created the ability for an administrator of this applicationto log in as any other user using a "Skeleton Key" password. When the admin does this, I store a boolean in session which refers to the fact that they are logged in and "Impersonating' another user. This gives the admin additional access that the user would not normally have. Anyhow, that is why I store a sessoin variable.
View 6 Replies
Oct 8, 2010
How can I redirect the user to the first page when they've been idle for more than 20 minutes or so?Here's my session timeout time in my web config file:
[Code]....
View 6 Replies
Jan 7, 2011
i have a website and i know that the session expires and it gives me instance of object not set error.
I have a masterpage could i do it in there on page_load?
View 3 Replies
May 19, 2010
[Code]....
Above is my configuration.
Because one user is getting the session values of other users due to some reason that I dont know .
View 3 Replies
Apr 22, 2010
I have created a simple website in asp.net using forms authendications but when I publish my website in IIS 6 on a Windows Server 2003 machine it keeps the users logged in for ever even though I have set the web.config to expire after 30 min. My website has 2 pages a login.aspx and a home.html. When I run the website in my development machine using the ASP.NET Development Server I have no problem the website works as expected meaning the users can not access the home.html unless the have been authendicated by the login.aspx page.
Also once loged in, after clearing the browser cookies the web site asks for login again which is again the behavior that I am trying to accomplish. However once the website is on IIS does not take in account the authendication that I have set up on my web.config. What is overriding my web.config? Do I need to make some changes to the global configuration of IIS?
View 2 Replies
May 4, 2010
i'v an enquiry form, user is operator as Role users fill enquiry form (enquiry.aspx) and view enquiry list done by thmselvs in viewEnquiry.aspx page in GridView im testing using different users accssing this application same time The Problem:
user1 has done 10 enquiries, and in viewEnquiry.aspx able to see is 8 enquiries the 2 remaining enquiries is reflecting in user2's profile or (in viewEnquiry.aspx page as logged in user2) what i'v done: i'v used "public static string UserName;" in Global class file clGlobal.cs in App_Code when user done login successful i stored UserName = dr.GetValue(2).toString(); and clGlobal.UserName = "" on Logout and on master page Load of User im checking (if clGlobal.UserName == "") then redirct to Login.aspx
View 1 Replies
Jun 22, 2010
I are building a web application which will be deployed to Windows Azure. I want user to set session timeout value which will be stored in Database. Currently I am aware of Web.Config method to set session timeout. i.e.
<sessionState
mode ="InProc"
timeout ="60"></sessionState>
Is there any method to set session timeout value according to User's Preference?
View 5 Replies
Aug 3, 2010
We have a problem when 2 users from different machines click on button to open the same modal window at the same time from the same page, they see the same data, which are not suppose to be.
i do my checks and see that they are getting the same page instance , i see that the page.GetHashCode and the page.SessionID is same for both users.
View 2 Replies
Jun 1, 2010
I have a default 30 min session timeout for normal users. Now i want to set 1 hour time out for admin users. Can someone guide me how to acomplish this.
View 4 Replies
