Wrox Programmer Forums

Need to download code?

View our list of code downloads.

| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old January 23rd, 2004, 10:39 AM
Registered User
 
Join Date: Jan 2004
Location: , , .
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default Cookieeeee!!!!

Hi Everyone,

I’m developing a simple ASP discussion group.

Basically I've got the NewTopic.asp and Reply.asp scripts living on:

[u]http://www.AaronsWebsite.com</u>

and a Login.asp script which lives on

[u]https.secure.genericwebhost.com/AaronsWebsite </u>

The NewTopic.asp and Reply.asp scripts check Request.cookies ("LoggedIn"). If the value is "true" then they proceed as normal.

If not, they redirect the usewr to the Login.asp script which lives in the secure directory. It asks for a username and password, checks it against a database etc. A successful submission concludes with the following code:

Response.Cookies("TestLoggedIn") = "True"
Response.Cookies("TestLoggedIn").Domain = "AaronsWebsite.com"
Response.Cookies("TestLoggedIn").Path = "/"

Then it passes control back to the originating script, which should then allow the user to go about their business.

Trouble is it isn't working. Despite all that I'm reading about the Domain property, the NewTopic.asp and Reply.asp scripts don't recognize the cookie set by Login.asp. And the user just gets to log in repeatedly.

I’ve tried passing the user from Login.asp to PostNewTopic.asp both using Response.Redirect (with no HTML having been output) and by outputting a link which the user must click (suspecting that a redirect was wiping the cookie out from the HTTP header data, even though bufferring was off).

Of course, there’s the whole issue of cookie domains, which I learned about on this site. But setting the cookie domain to my original domain, not the https…domain, doesn’t seem to help.

I thought you could set the domain property in your ASP script that lives on one domain to the domain of the other ASP script. I've read several articles, including this one: (http://www.4guysfromrolla.com/webtech/051099-1.shtml) which seem to say that you can set the domain of your cookie to anything you want.

This one's a stumper. Any suggestions?

Thanks.

-- Aaron
Reply With Quote
  #2 (permalink)  
Old January 23rd, 2004, 10:48 AM
Authorized User
 
Join Date: Dec 2003
Location: Middletown, CT, USA.
Posts: 81
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Cookies are typically recognized by the domain which sets them...why not just use the secure domain, password and uid protected, and use session variables?

J

Reply With Quote
  #3 (permalink)  
Old January 23rd, 2004, 11:24 AM
Registered User
 
Join Date: Jan 2004
Location: , , .
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Use session variables instead of cookies? Hmmm. Never thought of that. Which variables would you use? Do they persist the same as an in-memory cookie?

But then, what's all this stuff about being able to set a cookies domain to any domain you want? Is it a bunch of hooey?

Reply With Quote
  #4 (permalink)  
Old January 23rd, 2004, 02:09 PM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

Using sessions instead of using cookies won't help you any. How are sessions identified? A cookie. The session identifier cookie is still going to be affected by the domain.

Peter
------------------------------------------------------
Work smarter, not harder.
Reply With Quote
  #5 (permalink)  
Old January 23rd, 2004, 03:06 PM
Registered User
 
Join Date: Jan 2004
Location: , , .
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default

ARRGGHH!!! Does anyone know any way around this? What's the point of the Cookies(CookieName).Domain property if browsers don't believe it?!!

-- Aaron

Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off




All times are GMT -4. The time now is 07:25 AM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.