Looking for a hack to prevent rewriting an app without using session variables

Question

Our company uses an app that was originally ColdFusion + Access later converted to classic ASP + MS Sql for task/time tracking called the request system. It's broken down by department, so there's one for MIS, marketing, logistics, etc. The problem comes in when (mainly managers) are using more than one at a time, with 2 browser windows open. The request system uses session variables, a lot of session variables, "session" is referenced 2300 times in the application. When 2 are open at once as you can imagine this causes all sorts of anomalies from the variables getting mixed up.

There's a 3 year old MIS request in the system to "fix" this and it's been worked on by 3 developers, and now it's my turn to take a shot at it. I was wondering if anyone else has had to work on a project like this, and if there was some sort of hack to try and mitigate some of the problems. I was thinking of maybe calling something in global.asa to load misc. session variables from the querystring. The problem is, there's all sorts of this going on:

If (Session("Application") <> Request("App")) and Request("App") <> "" THEN
  Session("Application") = Request("App")
End If

Looking at the functions in include files, you'll have a function with 4 parameters, that makes references to 6 different session variables. So you get the idea, this is going to be painful.

Has anyone had to do anything like this in the past? Any hacks you found useful?

Answer 1

refactor the code away from the direct Session("whatever") interface:

1. create an API for session access and replace all existing use of Session with it (it can be a session 'class/object' or just an include-file)
2. mangle the passed-in names for session variables with something that will make them unique per domain according to your needs (department or whatever)
3. test carefully

then rewrite the whole thing later in a modern web language, and/or find another job before they ask you to perform another miracle ;-)

Answer 2

My manager (who's a business guy, not a code guy), is infatuated with this system. He's in no rush to rewrite it. If I did rewrite this the only session variables used would be login-related. I'm more concerned with fast than right unfortunately :(

Answer 3

How many times "Session" is referenced doesn't mean as much as you seem to think it does. Also, unless there's a coding error, having two browsers open should start two separate sessions, and there shouldn't be any "mixing up" of the values for those sessions.

I suspect it may have to do with something else like both sessions reading from the same cookie or some issues with the App variables. Without seeing the whole source, its hard to say. It may be worth finding out if there's someone more familiar with the code to help you out.

And yes, its going to be painful to dig around in the code, but at least you'll know more the next time you have to fix something. ;)

Besides, rewriting isn't always the best option. You never know what sorts of fun business logic/bug fixes get lost in the rewrites.

Answer 4

I agree with AnonJr

Blockquote having two browsers open should start two separate sessions Blockquote

maybe the use of static global variables is causing your dataloss

Answer 5

In your sessions class (if you will use one), when you reference each variable, use a prefix or something common so that you can identify all your variables...then you can loop through ALL session variables and perhaps find others that are being referenced/created...

Private Const PREFIX As String = "MyPrefix_"
Public Shared Property MyVariable() As String
    Get
        Return HttpContext.Current.Session(String.Concat(PREFIX, "MyVariable"))
    End Get
    Set(ByVal value As String)
        HttpContext.Current.Session(String.Concat(PREFIX, "MyVariable")) = value
    End Set
End Property

loop to find session variables that aren't in your class

For Each Item As Object In HttpContext.Current.Session.Contents
    If Not Item.ToString.StartsWith(PREFIX) Then

    End If
Next