Session Variables in ASP

Session variables are stored in the server's computers memory. They are deleted once the visitor closes his browser or after a period of inactivity, usually 20 minutes by default.

Below is the syntax for creating a session variable and assigning a value to it.

syntax:Session(“SessionName”)=value

Why use session variables?

Session variables come in very handy for tracking purposes. Some e-commerce sites use session variables to store items in memory that have been placed into a shopping basket.
Here’s another example of how to use session variables. The comments in green should explain what the code is trying to achieve.

<%
'In this example we are retrieving the username and password that a visitor
'enters into the username and password text boxes
Username=Request.Form("Username")
Password=Request.Form("Password")
If Username="MyAdminUserName" AND Password="MyAdminPassword" Then
'If the visitor has logged in using the correct Admistrator details
'we know it's the administrator logging in and set BlnAdminLoggedIn to true
Session("BlnAdminLoggedIn")=True
End If
%>

Now If we wanted to create secure pages that only admin could access we could place the code in Example 1 at the top of newly created pages. This would check to see if the visitor has logged in properly with the admin username and password because if they have the Session("BlnAdminLoggedIn") will hold a value of true in their computers memory. If not then redirect the visitor to another page called 'noaccess.asp'.

Example 1:

<%
If Session("BlnAdminLoggedIn") <>True Then
reponse.redirect "noaccess.asp"
End If
%>

ASP.NET 3.5/2.0 Web Hosting: 3 Months FREE – Click Here!