ASP Session Object
A Session object stores information about, or change settings for a user session.
The Session object
When you are working with an application on your computer, you open it, do some changes and then you close it. This is much like a Session. The computer knows who you are. It knows when you open the application and when you close it. However, on the internet there is one problem: the web server does not know who you are and what you do, because the HTTP address doesn't maintain state.
ASP solves this problem by creating a unique cookie for each user. The cookie is sent to the user's computer and it contains information that identifies the user. This interface is called the Session object.
The Session object stores information about, or change settings for a user session.
Variables stored in a Session object hold information about one single user, and are available to all pages in one application. Common information stored in session variables are name, id, and preferences. The server creates a new Session object for each new user, and destroys the Session object when the session expires.
When does a Session Start?
A session starts when:
- A new user requests an ASP file, and the Global.asa file includes a Session_OnStart procedure
- A value is stored in a Session variable
- A user requests an ASP file, and the Global.asa file uses the <object> tag to instantiate an object with session scope
When does a Session End?
A session ends if a user has not requested or refreshed a page in the application for a specified period. By default, this is 20 minutes.
If you want to set a timeout interval that is shorter or longer than the default, use the Timeout property.
The example below sets a timeout interval of 5 minutes:
Use the Abandon method to end a session immediately:
Note: The main problem with sessions is WHEN they should end. We do not know if the user's last request was the final one or not. So we do not know how long we should keep the session "alive". Waiting too long for an idle session uses up resources on the server, but if the session is deleted too soon the user has to start all over again because the server has deleted all the information. Finding the right timeout interval can be difficult!
Tip: Only store SMALL amounts of data in session variables!
Store and Retrieve Session Variables
The most important thing about the Session object is that you can store variables in it.
The example below will set the Session variable username to "Donald Duck" and the Session variable age to "50":
When the value is stored in a session variable it can be reached from ANY page in the ASP application:
The line above returns: "Welcome Donald Duck".
You can also store user preferences in the Session object, and then access that preference to choose what page to return to the user.
The example below specifies a text-only version of the page if the user has a low screen resolution:
This is the text version of the page
This is the multimedia version of the page
Remove Session Variables
The Contents collection contains all session variables.
It is possible to remove a session variable with the Remove method.
The example below removes the session variable "sale" if the value of the session variable "age" is lower than 18:
If Session.Contents("age")<18 then
To remove all variables in a session, use the RemoveAll method:
Loop Through the Contents Collection
The Contents collection contains all session variables. You can loop through the Contents collection, to see what's stored in it:
For Each i in Session.Contents
Response.Write(i & "<br>")
If you do not know the number of items in the Contents collection, you can use the Count property:
Response.Write("Session variables: " & j)
For i=1 to j
Response.Write(Session.Contents(i) & "<br>")
Loop Through the StaticObjects Collection
You can loop through the StaticObjects collection, to see the values of all objects stored in the Session object:
For Each i in Session.StaticObjects
Response.Write(i & "<br>")