| CIS 209 | Web Page Scripting Languages |
The HTTP protocol is a stateless protocol, meaning that each request for a page is processed without any knowledge of previous pages requested. The server has no record of previous browser requests. In an e-commerce application, we need to know who's credit card was just submitted for which order.
In this chapter, we will learn how to create application- and session-level variables that allow us to maintain information between individual users sessions. And, we'll learn to use cookies to maintain information across user sessions. Finally, we'll look at ways to maintain state without using cookies at all.
A Web application is a group of files and folders located under the Web application's root directory. We can create scripts that run when the Web application starts and stops. These scripts are stored within a Global Application File. We can create instances of server objects, such as database access components, within the Global Application File, and then these objects are available to the entire Web application. We can also create application-level and session-level variables that are available to any page within the Web application.
Other advantages of defining a group of Web pages as a Web application is that you can run your Web application in its own memory space to prevent an error in one Web application from bringing down the rest of the Web applications on the server. This memory space is referred to as an isolated process, and is separate from the process that contains the IIS Web server. See http://msdn.microsoft.com/library/en-us/iisref/html/psdk/asp/eadg7lpv.asp and http://msdn.microsoft.com/library/en-us/iisref/html/psdk/asp/eadg7j8u.asp.
A Web application can have only one Global Application File. The Global Application File is a text file called global.asa, which must reside in the root directory of the Web application. The Global Application File does not contain any HTML or client-side scripts. The Global Application File defines four subroutines, which run when the application starts and ends, and when the session starts and ends.
It is a good idea to keep all four subroutines listed in the Global Application File, even ones that are not used, since you might want to add code to the subroutines later.
The application and session objects are part of the ASP built-in object model. The application object allows you to maintain application state. You can maintain information across the entire Web application with the application object.
The client must support per-session cookies in order for ASP to maintain state within an application. A per-session cookie is used to allow the server to identify the client. The per-session cookie is temporary, and is deleted when the session ends.
Since we will not be creating a Global Application File on our class server, we will not have assignments that use the Application Object. However, here is how it works.
The application starts when the first user accesses a page with the .asp file
extension. When the application starts, the Application_OnStart subroutine is
executed. This subroutine can be used to initialize application variables.
Application variables do not change from user to user. Below is the syntax for
declaring an application variable and assigning the variable a numeric value.
Because the keyword Contents and the Item property are optional, all three
samples will produce the same results.
Application.Contents.Item(“ApplicationVariableName”) = NumericExpression
Application.Contents(“ApplicationVariableName”) = NumericExpression
Application(“ApplicationVariableName”) = NumericExpression
The syntax for declaring a string value is the same except that the expression is enclosed in quotation marks(“).
Application.Contents.Item(“ApplicationVariableName”) = String Expression
Whenever you use application or session variables, you are using system resources, including memory, to store the values for the variables. Therefore, you should only use application and session variables when necessary.
Because the application variables are stored within a collection array, you must specify which variable you want to retrieve by using its name or its index position within the collection array. The number 1 identifies the first application variable in the collection. The following sample code illustrates how to retrieve the first application variable.
<% = Application.Contents(1) %>
<% = Application.Contents.Item(1) %>
The sample code below show you how to retrieve an application variable named appName, write it to the Web page, and store the value of the application variable in a local variable.
<% = application(“appName”)
dim strAppName
strAppName = application(“appName”) %>
You can remove an application variable individually, or remove all of the variables within the contents of collection. When the application ends all of the application variables are removed automatically. The sample code below would remove an application variable named appcourse and the second example will remove all variables.
<% Application.Lock
Application.Contents.Remove “appcourse”
Application.Unlock
%>
<% Application.Lock
Application.Contents.RemoveAll
Application.Unlock
%>
A component is an executable code that is encapsulated within a dynamic-link library (.dll) or an executable (.exe) file. After the component is installed on the server or client, you can use the objects, properties, methods and event handlers built within the component. The component must be installed and registered using the RegSvr32 utility on the Web server.
The ASP built-in server object has a method called CreateObject that allows you to instantiate an object on the server. When the CreateObject method creates the object, it will immediately begin to use system resources. To conserve system resources, it is important to release objects created with the CreateObject method as soon as they are no longer needed. The StaticObjects collection contain
With ASP, sessions can be maintained using session variables, but, only within that session or Web application. In a moment, we'll learn how to use cookies to maintain state across multiple Web applications. Check out the MSDN Library link on Managing Sessions with IIS5 at http://msdn.microsoft.com/library/en-us/iisref/html/psdk/asp/iiapsess.asp.
A session begins when a user requests an ASP page from a Web application. The first ASP page request directs the Global Application File to start the Session_OnStart subroutine. The session remains open as long as the user remains active on the server. When the session ends, the Session_OnEnd subroutine is called.
To create a session variable, identify the session object, the name of the session variable in quotation marks, the assignment operator (=), and the value. Below is sample code that shows how to retrieve a session variable, write it to the Web page, and store the value of the session variable in a local variable.
<% Session.Contents(“SessionVariableName”) %>
<% Session(“SessionVariableName”) %>
<% dim strSessVarName
strSessVarName = Session (“SessionVariableName”) %>
Session variables like application variables, are stored within a collection. The following sample code shows how you would retrieve the first session variable and write it to the browser.
Check out this EXAMPLE which demonstrates how we can use session variables to maintain state for a membership form.
<% = session.contents(1) %>
The session object contains several properties and methods that can be accessed from ASP pages.
Session.Timout = timeoutInMinutesSession.SessionIDSession.Abandon<% =Session.CodePage %><% Session.LCID = 2057 %>Cookies are used to maintain information about an individual user across sessions. A cookie is a small piece of information that is stored on the client's local computer. Because clients can delete their cookies at any time, your Web application should not be dependent upon the existence of a cookie. The cookie file stores the name of the cookie, the value, and the name of the server that wrote the cookie.
Cookies are limited to four KB of data. Most cookies are 100-200 bytes in size. The maximum number of cookies allowed is 300. When the limit is reached, the oldest cookies are automatically deleted. The maximum disk space for cookies is 1.2MB (4KB x 300 cookies). Therefore cookies do not "eat up" a client's hard drive space.
Check out the MSDN Library on how we can use a cookie to store a user number which can be looked up in a database on the server to get all that user's information. We'll cover the database part in the last couple of chapters, but, for now, take a look at how this might work at http://msdn.microsoft.com/library/en-us/dnbegvb/html/theloginaspforminaction.asp. Also, you may want to take a look at another article on cookies from http://www.microsoft.com/Mind/1198/cookie/COOKIE.ASP.
ASP provides a simple method to write and read cookies. Cookies are written using the response object, and read using the request object. To create a cookie you name the cookie and give it a value. You must also identify when the cookie expires. We will use the Cookies method of the Response object to write a cookie value.
The general syntax to write a cookie is:
<% Response.Cookies(“CookieName”) = ”CookieValue” %>
<% Response.Cookies(“CookieName”).Expires = “CookieExpirationDate” %>
Below is the syntax for writing a simple cookie using an absolute expiration date.
<% Response.Cookies(“myCookie”) = ”value” %>
<% Response.Cookies(“myCookie”).Expires = “MM DD, YYYY” %>
The following sample code creates a cookie named logininfo with a value of active. The expiration date is set to 20 days from the current date.
<% Response.Cookies(“logininfo”) = “active” %>
<% Response.Cookies(“logininfo”).Expires = “Date + 20” %>
If you want the browser to delete the cookie just specify a date in the past.
<% Response.Cookies(“logininfo”).Expires = “Date – 1” %>
To following sample code shows how to assign a value to a cookie. The code takes information from a form that the user has submitted and assigns the value to a cookie.
Dim username
Username = Request.Form(“txtUserName”)
<% Response.Cookies(“myCookie”) = username
<% Response.Cookies(“myCookie”).Expires = “Date + 30” %>
In PHP, the general syntax of writing a cookie is:
setcookie(name, value, expire, path, domain);
We can write a cookie with PHP with setcookie("userID", $ID,
time()+36000);
You can retrieve a cookie’s value using the request object.
<% Request.Cookies(“CookieName”) %>
There is a property called “hasKeys” that identifies whether a cookie contains multiple cookies.
<% Request.Cookies(“GroupCookieName”).HasKeys %>
In PHP, we can retrieve a cookie with the following code:
<?
if (isset($_COOKIE["userID"])) {
echo "Your user id is " . $_COOKIE["userID"] . "!<br />";
} else {
echo "You are not logged in!<br />";
}
?>
In the following EXAMPLE a cookie is used to change the background by assigning the value of the cookie to the bgcolor property.
Check out the 282cookies.asp page which demonstrates how we can uses cookies to keep track of how many times a visitor came to our site.
Check out this EXAMPLE on group cookies.
Here are some ways to maintain state, without using cookies: