Intermittent loss of session variables and cookie contents

S

Steve Remer

My application (relevant code snippets below) originally used Session
variables in order to maintain state from page to page. After being
unable to solve the mystery of why those variables were intermittently
inaccessible, (all Session variables gone, not using InProc Session
state mode), I moved to a cookies-based solution. Now I have cookie
contents that are intermittently inaccessible. Someone suggested using
session variables to "back-up" the cookie functionality, so if one was
not available, I could fall back on the other. Now it turns out that
when one is missing, the other is missing as well.

This is a simple retrieval (from a MSSQL DB) and storage (in a cookie
and session variable at the same time) of a Customer ID upon
successful logon. Then, when customer info in needed, an attempt is
made to get the necessary Customer ID from the cookie. If that is
null, an attempt is made to get it from the Session variable. If that
is null, a 0 value is used for the Cust ID, eventually resulting in an
empty Datareader object.

We've done tons of Google searches on "disappearing cookies"
"disappearing session variables", etc. Until today, when we came up
with the idea of using Session variables to "backup" cookie contents,
we were not aware that both "cookies disappearing" and "Session
variables disappearing" were happening at the same time.

Let me emaphisize that this is only happening about a third of the
time. I have not been able to replicate either the "disappearing
cookie" and disappearing Session variable" behavior myself. I have an
error-trapping routine that emails me with the stack trace upon the
first invalid read of the empty datareader. Also, for what it's worth,
Verio is the hosting company involved.

CODE
_____
Cookie and session variable setting in Logon page:

Dim CustInfo As CWI.CustomersDB = New CWI.CustomersDB()
Dim rdr As SqlDataReader

rdr = CustInfo.CustomerLogin(tbxEmail.Text, tbxPassword.Text)

If Not rdr.Read() Then
lblLogonFailed.Text = "No such Email/Password"

Else
Session.Add("CustID", rdr.GetValue(0))


Dim cookCustID As New HttpCookie("CID")
cookCustID.Values.Add("CustID", CStr(rdr.GetValue(0)))
Dim dtNow As New DateTime()
Dim tsMinutes As New TimeSpan(0, 2, 0, 0)
dtNow = Now.Add(tsMinutes)
cookCustID.Expires = dtNow
Response.Cookies.Add(cookCustID)
End If


COOKIE & SESSION Retrival logic (standard read logic at end omitted)

Dim CustID As Integer
Dim cookCustID As HttpCookie
Dim context As HttpContext = HttpContext.Current

cookCustID = context.Request.Cookies("CID")

If cookCustID Is Nothing Then
If IsDBNull(context.Session.Item("CustID")) Then
CustID = 0
Else
CustID = CInt(context.Session.Item("CustID"))
End If
Else
CustID = cookCustID.Values.Item("CustID")
End If
 
K

Ken Cox [Microsoft MVP]

Hi Steve,

You've probably checked, but make sure you don't have anti-virus software
scanning your Webs or the Temporary files location. They've been known to
make ASP.NET think that a file has changed, causing it to reset the whole
application - taking the Sessions with it. Worse, some virus scanners detect
changes to files, so they scan them again and the vicious circle continues.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top