Wrox Programmer Forums
|
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old November 14th, 2008, 02:46 PM
Registered User
 
Join Date: Nov 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Session variable or other

Hello,

I'm not quiet new though not very expirienced to ASP.
I have an website where there could be two types of users.
Dealers and Consumer. Consumers can view the site without having to log in, Dealers have to log in. Consumers on the other hand shouldnt be able to see some information in certain pages which the Dealers should see. What is the best solution to accomplish this without doubling the code?

I thought to put the "user role"" in an session variable, but is that steady enough trough the whole site?

I hope someone can give me some advice.

Thank you in advance!!

Regards,

Peter


 
Old November 14th, 2008, 09:17 PM
Friend of Wrox
 
Join Date: Jun 2008
Posts: 1,649
Thanks: 3
Thanked 141 Times in 140 Posts
Default

Session variable, for sure.

I'd just use the dealer's login name as the "credential". The lack of such a session variable indicates the user is not a dealer. Simple as that.

<%
... check login credentials ...
If LoginOkay Then
    Session("Login") = DealerName
    ...
%>

And then, on each page where login is required:

<%
If Trim("" & Session("LogIn")) = "" Then Server.Transfer "login.asp"
%>

Or similar.
 
Old November 28th, 2008, 07:28 AM
Friend of Wrox
 
Join Date: Dec 2006
Posts: 104
Thanks: 9
Thanked 1 Time in 1 Post
Default


Old Pedant,

Quick question about the line -
Code:
<%
If Trim("" & Session("LogIn")) = "" Then Server.Transfer "login.asp"
%>
Firstly my draconian version would have been -
Code:
If Session("LogIn")= "" then
what is the advantage of using
Code:
Trim("" & Session("LogIn")) = ""
Secondly what is your reason for using Server.Transfer instead of response.redirect?

Most of my coding is a mix of finger in air and example based learning so apologies for not understanding what i am sure is obvious.


Cheers


Aspless



 
Old November 28th, 2008, 06:07 PM
Friend of Wrox
 
Join Date: Jun 2008
Posts: 1,649
Thanks: 3
Thanked 141 Times in 140 Posts
Default

If a session variable is not defined, then it is EMPTY.

That is,
    Response.Write TypeName(Session("asdfasdfasdf"))
will produce "Empty" for output.

And I'm paranoid. Too many times, I've used Empty values where a string value is needed and gotten type mismatch errors.

But I *know* that doing
    "" & EmptyValue
will produce
    ""
as a result. (String concatenation of empty or null does not change the appended-to string).

But you are right, for comparison vs. "", your code is just fine.

Just too much paranoia on my part.

**********

Response.Redirect works by sending an HTTP message back to the browser telling it that the desired URL has "temporarily moved" (301 or 302 error...I always forget which is which). Further, you can't use Response.Redirect if *anything* has already been sent to the browser. So, for example, if you have boilerplate code at the top of the page that sends out content type and what not, you really should do a Response.Clear before the Response.Redirect (but IIS 5 and above handle this for you).

Server.Transfer is done 100% on the server. The browser is completely unaware that the transfer has occurred. So the URL is still the original one, so far as the browser is concerned.

Which is better? Depends entirely on what you are doing.

Oh...one minor advantage: You can put values into session variables and then do a Server.Transfer and the values will be available in the transferred-to page. EVEN IF THE USER HAS COOKIES TURNED OFF! That's because the two pages share the same HTTP Request and so share the same sessionid, which won't be true if cookies are turned off and you do a Response.Redirect.

So... No definitive answer. You get to pick and choose.
 
Old December 4th, 2008, 12:52 PM
Friend of Wrox
 
Join Date: Dec 2006
Posts: 104
Thanks: 9
Thanked 1 Time in 1 Post
Default

Thanks Old Pedant.

I see your point re - the empty output .. Good to know.

Also thanks for explaining the server.transfer function.

Cheers

A slightly more informed Aspless






Similar Threads
Thread Thread Starter Forum Replies Last Post
session and variable... badboy1 ASP.NET 3.5 Basics 1 August 3rd, 2008 09:14 AM
Session Variable youyou_hym Dreamweaver (all versions) 4 January 20th, 2005 11:48 AM
Session variable anuradha80 General .NET 3 November 4th, 2004 12:39 AM
Session variable mrideout BOOK: Beginning ASP.NET 1.0 1 August 12th, 2004 07:01 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.