I am building a web application which uses an externally built class to handle much of the work and rules for the site. Most pages will require access to this class to get the information it needs to display. In the past I would put such a class in a session variable, so it's easily accessible when required and not need to be continual...
How might a person simulate firing the HttpSessionListener.sessionDestroyed object in a session listener? Is just setting the Tomcat session timeout to 1 and then waiting the only way? ...
We have a page of search results which the user can hit in several ways. 90% of the ways will set up a 'Search Criteria' session object, which the results page will use to retrieve the search results. When the session object isn't found, we will typically show the user an 'invalid search' message, and give them a link to the main searc...
I want to maintain state in my Perl web app. How can I do this effectively? I looked at CGI::Session but it says that it doesn't work well with UTF-8 pages, which is a requirement. I'd also like to be able to pass some basic information to another Java application running on the Glassfish app server, so people aren't forced to login t...
i'm hearing that some people believe storing info on the server in a session is a bad idea, that its not secure. as a result, in a multi-page business process function, the application is writing data to a db, then retrieving the info when its needed. is there something necessarily unsafe about storing private info in a session? ...
Is it possible to read the data in the php $_SESSION array in the .htaccess file in Apache? So say I have the following: $_SESSION['foo'] = 'bar'; could I then in .htaccess do something like: RewriteRule bla.png folder/{the php session var foo}/file.png Is that possible? I already have a working workaround but if this is possible ...
i redirect the user to the login page when user click log out however i don't think it clear any application or session because all the data persisted when the user log back in. currently the login page have a login control and the code behind on the page only wired up the login Authenticate. Can someone direct me to a good tutorial or...
I've got an existing site I'm taking over, and right now it stores, in a session variable, the id of the currently logged in user (if logged in at all -- otherwise I'm sure it is empty string or null or something). The client now wants, after someone is logged in, to "keep" them logged in on that computer for an indefinite amount of tim...
I have created an HttpCookie in order to share data across a subdomain : HttpCookie cookie = new HttpCookie("sessionGUID"); cookie.Value = value; cookie.Domain = ".example.com"; Response.Cookies.Set(cookie); I carelessly assumed since it is a 'session' cookie (no expires) that it would expire along with my ASP.NET session. Of course ...
Both Session.Clear() and Session.Abandon() get rid of session variables. As I understand it, Abandon() ends the current session, and causes a new session to be created thus causing the End and Start events to fire. It seems preferable to call Abandon() in most cases, such as logging a user out. Are there scenarios where I'd use Clear(...
I'll get straight to the point! My javascript sends about 20 AJAX requests to my PHP file to respond to (via an external web API) when the user submits their search. The results are stored in an array in the session array. I've read that browsers will only allow 2 simultaneous requests to a server. My first problem is that while there...
Suppose user has opened my web application in many different browser windows. After sometime he is timed out / sign out from the application. I want to close all the related browser windows. How can we handle this? (I think GMAIL does that) ...
We are currently using database to maintain state information (in a separate table) for the user. We fetch that information from the database every time user access the application (sends request) and update it in the database back after processing the request. This has worked very well for us in many of our projects and is very easy to...
I need to check all of my asp code to prevent SQL injection. Should I check the session object, too? How might a session be hijacked? Thank you!! ...
I need to renew my old session if the session timeout exceeds the default 20 mins. Is there any session renew concepts in ASP.net? ...
I'm making a php web application which stores user specific information that is not shared with other users. Would it be a good idea to store some of this information in the $_SESSION variable for caching? For example: cache a list of categories the user has created for their account. ...
We have two types of user - those that move around the building and access the app with PDAs on a wireless network, and those that are deskbound. Occasionally, a mobile user will try to use one of the deskbound users PCs to access the app. This can often result in data and pages bleeding between the two users. Modifying user behaviour i...
Does IIS create the session id when a request is received and where is that saved (client or server)? How does server recognize that the request is coming from the same user/session? ...
(this is regarding the Ramaze.net framework) I ran into some really strange problems while storing custom Objects in session. I noticed that only the attributes on the objects immediately stored in session were being updated. However, if those objects contained references to other objects, those referenced objects were not updated if th...
Hi All, We are invoking Asp.Net ajax web service from the client side. So the JavaScript functions have calls like: // The function to alter the server side state object and set the selected node for the case tree. function JSMethod(caseId, url) { Sample.XYZ.Method(param1, param2, OnMethodReturn); } function OnMethodReturn(re...