Session
Session Object in ASP
The Session object is used to store user-specific information or manage settings during a user’s session on a website.
Understanding the Session Object
When you work on an application on your computer, the system knows who you are, when you start the application, and when you close it. This is similar to a session.
On the web, however, the server does not automatically recognize users because HTTP is a stateless protocol. This means the server cannot remember users between requests.
ASP overcomes this limitation by creating a unique cookie for each user. This cookie is stored on the user’s computer and helps the server identify the user across multiple requests. This mechanism is managed through the Session object.
The Session object stores information related to one specific user session and makes that data available to all pages within the same application.
Purpose of the Session Object
Stores user-related data such as name, ID, and preferences
Maintains user-specific settings across multiple pages
Creates a new session for each user
Automatically destroys the session when it expires
When Does a Session Start?
A session begins when one of the following occurs:
A new user requests an ASP page and Global.asa contains a Session_OnStart procedure
A value is assigned to a Session variable
An ASP file instantiates an object with session scope using the
When Does a Session End?
A session ends when a user does not request or refresh any page within a defined time period.
By default, the session timeout is 20 minutes.
Changing the Session Timeout
You can modify the timeout duration using the Timeout property:
<% Session.Timeout = 5 %>
This sets the session to expire after 5 minutes of inactivity.
Ending a Session Manually
To end a session immediately, use the Abandon method:
<% Session.Abandon %>
Important Note on Sessions
Determining when a session should end is challenging. Ending a session too late wastes server resources, while ending it too early forces users to restart their activity.
Best Practice:
Store only small amounts of data in session variables.
Storing and Accessing Session Variables
The key feature of the Session object is the ability to store variables.
Example: Storing Session Data
<% Session("username") = "Donald Duck" Session("age") = 50 %>
Once stored, these values can be accessed from any page in the application:
Welcome <% Response.Write(Session("username")) %>
Output:
Welcome Donald Duck
Using Session Variables for User Preferences
Session variables can also be used to customize content based on user preferences.
Example:
<% If Session("screenres") = "low" Then %> This is the text version of the page <% Else %> This is the multimedia version of the page <% End If %>
Removing Session Variables
All session variables are stored in the Contents collection.
Removing a Single Session Variable
<% If Session.Contents("age") < 18 Then Session.Contents.Remove("sale") End If %>
Removing All Session Variables
<% Session.Contents.RemoveAll() %>
Looping Through Session Variables
You can loop through the Contents collection to see all stored session variables:
<%
Session("username") = "Donald Duck"
Session("age") = 50
Dim i
For Each i In Session.Contents
Response.Write(i & "
")
Next
%>
Output:
username age
Counting Session Variables
If the total number of session variables is unknown, use the Count property:
<%
Dim i, j
j = Session.Contents.Count
Response.Write("Session variables: " & j & "
")
For i = 1 To j
Response.Write(Session.Contents(i) & "
")
Next
%>
Output:
Session variables: 2 Donald Duck 50
Looping Through StaticObjects Collection
The StaticObjects collection stores objects declared with session scope. You can loop through them as follows:
<%
Dim i
For Each i In Session.StaticObjects
Response.Write(i & "
")
Next
%>