ASP Session Object
The Session object is used to store information about a user session or to modify settings for a user session.
Session Object
When you operate an application on your computer, you open it, make some changes, and then close it. This is similar to a session. The computer knows who you are. It knows when you open and close the application. However, on the internet, the problem arises: since HTTP addresses cannot maintain state, web servers do not know who you are or what you have done.
ASP solves this problem by creating a unique cookie for each user. The cookie is sent to the user's computer and contains information that identifies the user. This interface is called the Session object.
The Session object is used to store information about a user session or to modify settings for a user session.
Variables stored in the Session object hold information for a single user and are available to all pages in the application. Common information stored in session variables usually includes name, id, and parameters. The server creates a new Session for each new user and removes the Session object when the session expires.
When Does a Session Start?
A session begins when:
- A new user requests an ASP file, and the Global.asa file references the Session_OnStart subroutine
- A value is stored in a Session variable
- A user requests an ASP file, and the Global.asa uses the
<object>tag to instantiate an object with session scope
When Does a Session End?
A session ends if the user does not request or refresh a page within the application for a specified amount of time. The default is 20 minutes.
If you want to set the timeout interval shorter or longer than the default, you can use the Timeout property.
The following example sets a timeout interval of 5 minutes:
To end a session immediately, use the Abandon method:
Note: The main issue with using sessions is knowing when they should end. We don't know if the user's latest request is their last. Therefore, we are unsure how long to keep a session "alive." Waiting too long for an idle session can exhaust server resources. However, if a session is deleted too early, users will have to start over repeatedly because the server has deleted all their information. Finding the right timeout interval is challenging!
Tip: Store only a small amount of data in session variables!
Storing and Retrieving Session Variables
The greatest advantage of the Session object is that it allows you to store variables to be read by subsequent pages, with a wide scope of application.
The following example assigns "Donald Duck" to a Session variable named username and "50" to a Session variable named age:
Once a value is stored in a session variable, it can be used by any page in the ASP application:
This line of code returns: "Welcome Donald Duck".
You can also store user parameters in the Session object and then use these parameters to decide what page to return to the user.
The following example specifies that if the user has a low display resolution, a plain text version of the page is returned:
Removing Session Variables
The Contents collection contains all session variables.
You can remove session variables using the Remove method.
In the following example, if the session variable "age" is less than 18, the session variable "sale" is removed:
To remove all variables from the session, use the RemoveAll method:
Iterating Through the Contents Collection
The Contents collection contains all session variables. You can iterate through the Contents collection to see the variables stored within:
Result:
If you do not know the number of items in the Contents collection, you can use the Count property:
Result:
Iterating Through the StaticObjects Collection
You can iterate through the StaticObjects collection to see all objects stored in the Session object: