hwg-techniques archives Mar 2000 new search results previous next

Re: why use cookies for shopping cart?

by =?iso-8859-1?Q?St=E9phane?= Bergeron <stephberg(at)videotron.ca>

 Date:  Mon, 13 Mar 2000 17:22:20 -0500
 To:  hwg-techniques(at)hwg.org
 References:  omnitec omnitec2 omnitec3 omnitec4
  todo: View Thread, Original 
At 12:35 PM 13/03/00 -0500, you wrote:
> >What is a sessionid? This sounds like something unique to IE or IIS [most
>likely]? From what is a 'sessionid' created?
>Yes, it is an IIS thing.  It is a randomly generated number that is
>assigned to each visitor session.  I use this number to track the shopping
>cart.

It is an ASP thing actually and you may not know this but the Session=20
object in ASP _does_ rely on users accepting cookies to work.  The session=
=20
ID is stored in a temporary cookie on the client and it expires as soon as=
=20
the user closes their browser or as soon as the session expires on the=20
server.  If the user doesn't have cookies enabled then every time they=20
request a new page the server starts a new session... and assigns it a new=
=20
Session ID.  Maintaining state on the Web has always been a pain but using=
=20
the hidden form field method seems to be the most reliable way to do=20
it.  One can always test for the presence of cookies and use them to store=
=20
additional info if need be.  To my knowledge, all server side technologies=
=20
that offer features similar to the ASP Session Object (like Cold Fusion and=
=20
others) also rely on cookies to maintain state between pages.

> >Could it be that your asp is setting a hidden variable internally??
>I suppose that is possible.  I do not know all the technical details of how
>it is done, only that it works and I like it.

Like I said, ASP sessions do rely on cookies to work and ASP cannot store=20
hidden variables internally and match them with a specific user unless the=
=20
user has cookies enabled in their browser or unless you pass a unique ID=20
between pages through either a hidden form field or the Query String.  The=
=20
later two methods seem more reliable to me since they don't depend on the=20
user having anything special enabled in their browsers.  Any Web=20
application that relies on either JavaScript or cookies to work is bound to=
=20
fail for some users and it's up to you to determine if the added=20
functionality that the ASP Session Object brings is worth loosing some=20
robustness in your application.

HTH!

St=E9phane Bergeron

HWG hwg-techniques mailing list archives, maintained by Webmasters @ IWA