javascript asp教程第十二课---session对象

Overview:

The Session Object is how you track a single user across many pages. It has four (4) properties, two (2) collections, one (1) method, and two (2) events.

Get Started:

In this series of examples we will create a password system. We will use the Session Object to track whether or not a user is authorized to view certain pages. Below are several scripts for lesson12. Look at them, play with, and then read the explanations that come further down the page.

<%@LANGUAGE="JavaScript"%>
<%
//No ASP Here, just a regular HTML Page
%>
<HTML>
To play along with our password page, put in a user name and a password.<BR>
<BR>The correct user name is <I>guest</I>.<BR>
And the correct password is also <I>guest</I>.<BR>
<FORM METHOD="post" ACTION="script12a.asp">
User:<INPUT TYPE="text" SIZE="9" NAME="userName" VALUE="guest"><BR>
Pass:<INPUT TYPE="password" SIZE="9" NAME="userPassword" VALUE="guest">
<BR>
<INPUT TYPE="submit" value="Login">
</FORM>
</HTML>

Click Here to run script12.asp in a new window. Below is script12a.asp.

<%@LANGUAGE="JavaScript"%>
<%
var userName=new String(Request.Form("userName"))
var userPassword=new String(Request.Form("userPassword"))
if (userName=="guest" && userPassword=="guest")
{
Session("Authorized")=true
Response.Redirect("script12b.asp")
}
else
{
Session("Authorized")=false
%>
<HTML>
You did not supply the correct Name & Password.<BR>
<A HREF="script12.asp">Click here</A> to log in.
</HTML>
<%
} //end else statement
%>


We'll skip over script12b.asp entirely because it's almost exactly the same as script12c.asp. Down below is script12c.asp.

<%@LANGUAGE="JavaScript"%>
<%
if (Session("Authorized")!=true)
{
%>
<HTML>
You are not an authorized user.<BR>
<A HREF="script12.asp">Click here</A> to log in.
</HTML>
<%
}
else
{
%>
<HTML>
The <B>second</B> of two pages that are password protected.<BR>
<A HREF="script12d.asp">Click Here</A> to log out.
</HTML>
<%
} //end of else statement
%>

Above is script12c.asp, which is the second of two password-protected pages. Below is script12.asp, which is the logout page.

<%@LANGUAGE="JavaScript"%>
<%
if (Session("Authorized")!=true)
{
%>
<HTML>
You are not an authorized user.<BR>
<A HREF="script12.asp">Click here</A> to log in.
</HTML>
<%
}
else
{
var SessionID=Session.SessionID
Session.Abandon()
%>
<HTML>
You have sucessfully logged out.<BR>
This was session <%=SessionID%>.<BR><BR>
Now try a link to one of the
pages you've already visited.<BR><BR>
<A HREF="script12b.asp">script12b.asp</A><BR>
<A HREF="script12c.asp">script12c.asp</A><BR>
<A HREF="script12d.asp">script12d.asp</A><BR>
</HTML>
<%
} //end of else statement
%>

A Quick Explanation:

After all that, the last thing you want to see is another grey box full of code. Sorry to do it one more time but, the keystone to this system is in script12a.asp. I've reprinted it down below.

if (userName=="guest" && userPassword=="guest")
{
Session("Authorized")=true
Response.Redirect("script12b.asp")
}

Any page can now be turned into a password protected page with the following line: if (Session("Authorized")!=true). Session Variables are part of the Session Collections. Let's talk about them.

Session Collections:

The two Session Collections are Session.Contents and Session.StaticObjects. They parallel the Application.Contents and Application.StaticObjects.

Using Session.Contents("someVariable")="someValue" we can set Session Variables. These variables allow us to carry values from one page to the next. Since Contents is the default collection we can use a little shortcut. It goes like this: Session("someVariable")="someValue".

The shortcut is what you saw in the scripts above.

Session.Contents has two methods of its own. They are Session.Contents.Remove("variableName") and Session.Contents.RemoveAll().

We did not demonstrate StaticObjects in the scripts above. It comes in the form of the <OBJECT> flag (set for Session scope).

No Sharing:

Remember how Application variables could be shared by all viewers on your ASP web site? That's not so with Session Variables. They are private; Session Variables are to be accessed only by one user.

Session.Abandon( ):

My bet is you could figure out Session.Abandon() without any explanation. However, let me just state for the record that Session.Abandon() ends the user's session and releases the Session Variables from memory.

Session Properties:

Let's briefly discuss two properties you are not likely to use. Session.CodePage lets you call for foreign character sets, like Chinese or Russian. Session.LCID is a location identifier. It determines the time zone and language for the server. Don't mess with it.

Now let's move on to something you might actually use from time to time. Session.SessionID is a read-only property generated by the server, and assigned to one specific user during one specific session. The SessionID follows the user from the beginning of the session until the end.

Session.Timeout is the number of minutes that a user can be idle before the Server ends the user's individual session and reclaims the memory that was allocated to Session Variables. (Session.Timeout is demonstrated in the global.asa in lesson 10.)

Session Events:

The two Session events are Session_OnStart() and Session_OnEnd(). These events are accessed in the global.asa. You can see an example of global.asa in lesson 10.

(0)

相关推荐

  • java中form以post、get方式提交数据中文乱码问题总结

      一:form在前台以post方式提交数据: 浏览器将数据(假设为"中国")发送给服务器的时候,将数据变成0101的二进制数据(假设为98 99)时必然要查码表,浏览器以哪个码表打开网页,浏览器就以哪个码表提交数据.数据到达服务器后,数据(98 99)要封装到request中,在servlet中调用Request的getParameter方法返回的是字符串("中国"),方法内部拿到数字后要转成字符,一定要查码表,由于request的设计者是外国人,所以默认查的是他

  • java session出现的错误

    复制代码 代码如下: package cn.lang.any.listener; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; public class AmpList implements ServletContextListener,HttpSessionListener,HttpSessionAttributeListener { private ServletContext applica

  • JavaEE实现文件下载

    我们先来看一个最简单的文件下载的例子: 复制代码 代码如下: package com.yyz.response;  import java.io.FileInputStream;  import java.io.IOException;  import java.io.OutputStream;  import javax.servlet.ServletException;  import javax.servlet.http.HttpServlet;  import javax.servlet

  • java中request常用方法小结

    HttpServletRequest对象代表客户端的请求,当客户端通过HTTP协议访问服务器时,HTTP请求头中的所有信息都封装在这个对象中,开发人员通过这个对象的方法,可以获得客户这些信息. request常用方法: 一.获取客户机环境信息常见方法: 1.getRequestURL方法返回客户端发出请求时的完整URL. 2.getRequestURI方法返回请求行中的资源名部分. 3.getQueryString方法返回请求行的参数部分. 4.getRemoteAddr方法返回发出请求的客户机

  • 判断Session的过期时间 采用JavaScript实时显示剩余多少秒

    <%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <%session.timeout=1440 '单位(分钟)1440=24小时 参数不能大于24小时 也就是不能大于1440分钟%> <% if session("login")<>"888888" then'判断Session是否有效 Response.Write("Session过期了&quo

  • PHP中使用Session配合Javascript实现文件上传进度条功能

    Web应用中常需要提供文件上传的功能.典型的场景包括用户头像上传.相册图片上传等.当需要上传的文件比较大的时候,提供一个显示上传进度的进度条就很有必要了. 在PHP 5.4以前,实现这样的进度条并不容易,主要有三种方法: 1.使用Flash, Java, ActiveX 2.使用PHP的APC扩展 3.使用HTML5的File API 第一种方法依赖第三方的浏览器插件,通用性不足,且易带来安全隐患.不过由于Flash的使用比较广泛,因此还是有很多网站使用Flash作为解决方案. 第二种方法的不足

  • JavaScript如何控制Session实现原理及代码

    看到这个题目,或许有人会提出疑问,JavaScript代表客户端,而Session代表的是服务器(不知道这样说大家是否能够理解). 先说一下需求,我在做一个权限管理的时候,需要在点击某个模块时,Session中相应的改变模块代号,而实现这个操作的是一个a标签,当然我不知道 一个linkbutton是否可以同时将跳转页面和修改Session做了,个人感觉应该是可以的,具体能不能,如果有人做了Demo可以留言说明. a标签,实现页面的跳转,他的onclick事件,执行的也是本页面中的js方法,现在就

  • JavaEE通过response实现请求重定向

    请求重定向指的是一个web资源收到客户端请求后,通知客户端去访问另外一个web资源,这称之为请求重定向.302状态码和location头即可实现重定向. 请求重定向最常见的应用场景就是用户登录. 下面的示例代码从另一个页面重定向到用户登录页面: 复制代码 代码如下: package com.yyz.response;  import java.io.IOException;  import javax.servlet.ServletException;  import javax.servlet

  • java设置session过期时间的实现方法

    本文实例讲述了java设置session过期时间的实现方法,分享给大家供大家参考.具体实现方法如下: 1.Timeout in the deployment descriptor (web.xml) 以分钟为单位 复制代码 代码如下: <web-app ...> <session-config> <session-timeout>20</session-timeout> </session-config> </web-app> 上面这

  • JavaScript控制Session操作方法

    看到这个题目,或许有人会提出疑问,JavaScript代表客户端,而Session代表的是服务器(不知道这样说大家是否能够理解). 先说一下需求,我在做一个权限管理的时候,需要在点击某个模块时,Session中相应的改变模块代号,而实现这个操作的是一个a标签,当然我不知道 一个linkbutton是否可以同时将跳转页面和修改Session做了,个人感觉应该是可以的,具体能不能,如果有人做了Demo可以留言说明. a标签,实现页面的跳转,他的onclick事件,执行的也是本页面中的js方法,现在就

随机推荐