Re: ASP Cookies vs. ASP Session variables

by "Jason Boudreault" <theunforgiven(at)home.com>

 Date:  Wed, 8 Nov 2000 10:22:59 -0700
 To:  <hwg-techniques(at)hwg.org>,
=?iso-8859-1?Q?St=E9phane_Bergeron?= <stephberg(at)videotron.ca>
 References:  videotron
  todo: View Thread, Original
This topic has interested me alot, cuz I've just
started with ASP:-)

Anyway, I wouldn't think that they use cookies,
because I turned on COOKIE Warnings and it
never bitched at me about the session() but did
about the cookie I set in the script,

Theres an ASP test script that I've been playing
with here:

http://www14.brinkster.com/eidolon
Log in with eidolon/pass

The username is set in a Cookie
and the UID(userid:-) is set in a
session (UID is #1)

Thanks!

JB


----- Original Message -----
From: "St�phane Bergeron" <stephberg(at)videotron.ca>
To: <hwg-techniques(at)hwg.org>
Sent: Wednesday, November 08, 2000 4:17 AM
Subject: Re: ASP Cookies vs. ASP Session variables


At 08:52 AM 08/11/00 +0000, you wrote:
>As far as I know, ASP sessions use cookies....

Yup they do.  To implement sessions, ASP stores a temporary cookie in the
browser containing the SessionID.  If the browser remains opened too long
without activity, the session may time out on the server before the cookie
expires on the browser but as soon as the browser closes the session ends.
It's much better IMO than storing a number of cookies on the client and
Session variables are much better performance wise too.  One could of
course store one UserID cookie on the client to recognize him/her between
sessions, or some kind of login system could be implemented but the bulk of
the data should be stored in a database on the server and state should be
kept using session variables (which use one temp cookie only).

HTH!

St�phane Bergeron

HWG hwg-techniques mailing list archives, maintained by Webmasters @ IWA