A problem I see over and over again on the ASP.NET forums is the following:
In a login page, if the user and password have been validated, the page developer wants to redirect to the default page.
To do this, he writes the following code:
Session["Login"] = true;
Response.Redirect("~/default.aspx");
Well, this doesn't work. Can you see why? Yes, it's because of the way Redirect and session variables work.
When you create a new session (that is, the first time you write to a Session variable), ASP.NET sets a volatile cookie on the client that contains the session token. On all subsequent requests, and as long as the server session and the client cookie have not expired, ASP.NET can look at this cookie and find the right session.
Now, what Redirect does is to send a special header to the client so that it asks the server for a different page than the one it was waiting for. Server-side, after sending this header, Redirect ends the response. This is a very violent thing to do. Response.End actually stops the execution of the page wherever it is using a ThreadAbortException.
What happens really here is that the session token gets lost in the battle.
There are a few things you can do to solve this problem.
First, in the case of the forms authentication, we already provide a special redirect method: FormsAuthentication.RedirectFromLoginPage. This method is great because, well, it works, and also because it will return the user to the page he was asking for in the first place, and not always default. This means that the user can bookmark protected pages on the site, among other things.
Another thing you can do is use the overloaded version of Redirect:
Response.Redirect("~/default.aspx", false);
This does not abort the thread and thus conserve the session token. Actually, this overload is used internally by RedirectFromLoginPage. As a matter of facts, I would advise to always use this overloaded version over the other just to avoid the nasty effects of the exception. The non-overloaded version is actually here to stay syntactically compatible with classic ASP.
UPDATE: session loss problems can also result from a misconfigured application pool. For example, if the application pool your site is running is configured as a web farm or a web garden (by setting the maximum number of worker processes to more than one), and if you're not using the session service or SQL sessions, incoming requests will unpredictably go to one of the worker processes, and if it's not the one the session was created on, it's lost.
The solutions to this problem is either not to use a web garden if you don't need the performance boost, or use one of the out of process session providers.
More on web gardens:
http://technet2.microsoft.com/WindowsServer/en/library/f38ee1ff-bdd5-4a5d-bef6-b037c77b44101033.mspx?mfr=true
How to configure IIS worker process isolation mode:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/26d8cee3-ec31-4148-afab-b6e089a0300b.mspx?mfr=true
Thanks to Frédéric Gareau for pointing that out.
UPDATE 2: Another thing that can cause similar problems is if your server has a name that contains underscores. Underscores are not allowed in host names by RFC 952 and may interfere with the ability to set cookies and thus to persist sessions.
Reference:Tales from the Evil Empire,Bertrand Le Roy's blog
Friday, December 4, 2009
Monday, October 26, 2009
Remove duplicates from array-Vb.net
Public Function removeDup(ByVal arrShpLn As ArrayList) As ArrayList
arrShpLn.Sort()
Dim arrShpCopy = arrShpLn.Clone()
Dim count As Integer = arrShpCopy.Count
Dim i As Integer
For i = count - 1 To 1 Step -1
If (arrShpCopy(i).ToString() = arrShpCopy(i - 1).ToString()) Then
arrShpCopy.RemoveAt(i)
End If
Next i
Return arrShpCopy
End Function
arrShpLn.Sort()
Dim arrShpCopy = arrShpLn.Clone()
Dim count As Integer = arrShpCopy.Count
Dim i As Integer
For i = count - 1 To 1 Step -1
If (arrShpCopy(i).ToString() = arrShpCopy(i - 1).ToString()) Then
arrShpCopy.RemoveAt(i)
End If
Next i
Return arrShpCopy
End Function
Friday, August 28, 2009
Remove a row from datatable
Below is the method to remove a row from datatable based on the conditions
Dim flag As Boolean = False
Dim dtTem As New DataTable
dtTem = dt.Clone()
dtTem.Clear()
' Dim dtrow As DataRow
For Each row As DataRow In dt.Rows
For Each col As DataColumn In dt.Columns
If row(col).ToString.Trim = "" Then
flag = True
ElseIf IsNumeric(row(col)) AndAlso CInt(row(col).ToString.Trim) = 0 Then
flag = True
Else
flag = False
Exit For
End If
Next
//If there is the data, add tht row to datatable
If flag = False Then
'dtrow = dtTem.NewRow()
'dtrow = row
dtTem.ImportRow(row)
End If
Next
Return dtTem
Dim flag As Boolean = False
Dim dtTem As New DataTable
dtTem = dt.Clone()
dtTem.Clear()
' Dim dtrow As DataRow
For Each row As DataRow In dt.Rows
For Each col As DataColumn In dt.Columns
If row(col).ToString.Trim = "" Then
flag = True
ElseIf IsNumeric(row(col)) AndAlso CInt(row(col).ToString.Trim) = 0 Then
flag = True
Else
flag = False
Exit For
End If
Next
//If there is the data, add tht row to datatable
If flag = False Then
'dtrow = dtTem.NewRow()
'dtrow = row
dtTem.ImportRow(row)
End If
Next
Return dtTem
Thursday, August 27, 2009
Removing Columns in DataTable
http://www.codeasp.net/articles/asp.net/113/removing-columns-in-datatable-
Friday, August 21, 2009
Ajax Module Popup Box
<cc1:ModalPopupExtender ID="ModalPopupExtender1" runat="server" CancelControlID="btnCancel"
TargetControlID="btnPopup" PopupControlID="pnlTrackingNr" PopupDragHandleControlID="PopupHeader"
Drag="false" BackgroundCssClass="ModalPopupBG">
</cc1:ModalPopupExtender>
<asp:Panel ID="pnlTrackingNr" Style="display: none" runat="server" HorizontalAlign="Center"
Width="300px" Height="50px" BackColor="WhiteSmoke" BorderColor="#659FD9" BorderWidth="2px" BorderStyle="solid">
<div>
<div id="PopupHeader" style="background: #91B7E7; border-color: #659FD9; color: White;">
<b>Please Confirm</b></div>
<div class="Controls">
<table id="tblWarehouses" width="100%">
<tr valign="top">
<td>
<asp:Label ID="lblWarning" runat="server" CssClass="displayfont"></asp:Label>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button ID="btnYes" Text="Yes" runat="server" CssClass="button" OnClick="btnYes_Click" />
<input id="btnCancel" type="button" class="button" value="No" />
</td>
</tr>
</table>
</div>
</div>
</asp:Panel>
TargetControlID="btnPopup" PopupControlID="pnlTrackingNr" PopupDragHandleControlID="PopupHeader"
Drag="false" BackgroundCssClass="ModalPopupBG">
</cc1:ModalPopupExtender>
<asp:Panel ID="pnlTrackingNr" Style="display: none" runat="server" HorizontalAlign="Center"
Width="300px" Height="50px" BackColor="WhiteSmoke" BorderColor="#659FD9" BorderWidth="2px" BorderStyle="solid">
<div>
<div id="PopupHeader" style="background: #91B7E7; border-color: #659FD9; color: White;">
<b>Please Confirm</b></div>
<div class="Controls">
<table id="tblWarehouses" width="100%">
<tr valign="top">
<td>
<asp:Label ID="lblWarning" runat="server" CssClass="displayfont"></asp:Label>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button ID="btnYes" Text="Yes" runat="server" CssClass="button" OnClick="btnYes_Click" />
<input id="btnCancel" type="button" class="button" value="No" />
</td>
</tr>
</table>
</div>
</div>
</asp:Panel>
Thursday, August 20, 2009
SQL Transactions
This Blog tells you about SQL Sql Transaction
http://www.4guysfromrolla.com/webtech/080305-1.shtml
http://www.4guysfromrolla.com/webtech/080305-1.shtml
Monday, August 10, 2009
Add character in between using OnKeyPress event
<script language="javascript" type="text/javascript">
function padCharacter(Cid,ch,num)
{
var elem = document.getElementById(Cid);
var pad = elem.value;
if(!ch) ch="";
if(pad.length == num)
{
pad=pad +ch;
elem.value=pad;
}
}
</script>
txtPlantJob.Attributes.Add("onkeypress", "padCharacter('" + txtPlantJob.ClientID + "','-',2)")
function padCharacter(Cid,ch,num)
{
var elem = document.getElementById(Cid);
var pad = elem.value;
if(!ch) ch="";
if(pad.length == num)
{
pad=pad +ch;
elem.value=pad;
}
}
</script>
txtPlantJob.Attributes.Add("onkeypress", "padCharacter('" + txtPlantJob.ClientID + "','-',2)")
Subscribe to:
Posts (Atom)