Problem with sending data via the Post method. (URGENT)

[Vishal]

Hello,

I already asked this question in the ASP.NET forums,
but no help came. So I am hoping that somebody can help me
out. This is really very URGENT me.

For my e-commerce application, I need to send data from my
server via the post method to the payment server. The
payment server does not run asp.net. I dont know what they
run. The payment server then returns to my server with the
result in the qs.

Here is the code, which I use to send the data to the
server:

Private Sub Page_Load(ByVal sender As System.Object, ByVal
e As System.EventArgs) Handles MyBase.Load
Dim data() As String =
{"name=vishal", "Joined=15May2004", "TotalPosts=112"}
PagePipe("http://www.site.com/file.htm", Data)
End Sub
Private Sub PagePipe(ByVal URL As String, ByVal data
As String())
Dim HWR As System.Net.HttpWebRequest
Dim sr As System.IO.StreamReader
Dim s, sData As String
Dim enc As System.Text.ASCIIEncoding
Dim b() As Byte
' set up request
HWR = System.Net.HttpWebRequest.Create(URL)
HWR.Method = "POST"
For Each s In data
sData += s + "&"
Next
sData = sData.Trim("&")
enc = New System.Text.ASCIIEncoding()
b = enc.GetBytes(sData)
HWR.ContentType = "application/x-www-form-
urlencoded"
HWR.ContentLength = b.Length
HWR.GetRequestStream().Write(b, 0, b.Length)
' get response
Response.Clear()
Response.Buffer = False
Response.ContentType = HWR.ContentType
sr = New System.IO.StreamReader(HWR.GetResponse
().GetResponseStream)
Response.Write(sr.ReadToEnd)
Response.End()
End Sub

The user must login before he can make any purchase. Once
he has logged in, I store the userid in a session object.
However when I use the above code, then I am somehow
loosing the session variable value or it is not
recognized. Now the return page is a page, which always
check at the beginning if the user is logged in or not.
Unfortunaly now the user is redirected to the login.aspx
instead of the result.aspx. If I do a response.write for
the userid then it is empty. Can somebody see why this is
happens and how it can be avoided?

Thanks in advance

 

[Ken Dopierala Jr.]

Hi,

Does your site require your user to login everytime they open a new browser?
Are you using Forms Authentication? If so then in your application there is
a call somewhere to SetAuthCookie(). Set the final parameter to True:

FormsAuthentication.SetAuthCookie(txtUserName, True)

Now give it a try. Does it work? If so then when your e-commerce server
passes back to you would need to pass back their credentials in order to log
them in. In order to make it more secure you should pass back and ID with
which you can then retrieve their credentials and re-log them in. I think.
I'm not exactly sure how things are working. Could post more information?
From your code it doesn't even appear they are leaving your server so I
can't imagine why they are losing Session. This was just a wild guess.
Good luck! Ken.

 

[Vishal]

I am using a simple session authentication. User enters
login and pw which I compare with my database. Once he has
entered the correct value, I store the userid in the
session object, which indicates that he is logged in.

Thanks for your interest. Please let me know if you need
any other information. I really need to solve this issue.

 

[Ken Dopierala Jr.]

Hi,

Okay, let's narrow this down. In your page load event you are posting to
your ecommerce server. By the time it gets back to your user they have lost
their session? I don't see what is happening. Comment out your entire page
load event and do a response.write(sessionvalue). Do they still have their
session? If so, process your ecommerce request. But instead of sending
back everything you receive in your response.writes just do a
response.write(sessionvalue). If you still have access to the session then
it is your response.writes that send back the entire response you get from
the ecommerce server that is causing you the problems. Hopefully someone
else has experience with this and can just tell you what is wrong. What I
would like to do is have you start commenting out code until you figure out
where you are losing the session. Once that is figured out we can come up
with a solution. Good luck! Ken.

 

[Vishal]

Hi Ken,

here is what happens after the test. If I send the data
via the post method and do a response.write of the
reesponse, then there is no session id. If I call the page
(result.aspx) directly after the purchase has been done,
then it still has the session ID. So the problem is that
the response which I got back from the server doesnt know
or recognize the session id. Can you please help me out
here?

Thanks in advance

 

[Ken Dopierala Jr.]

Hi,

I think the problem is that when you are doing your Post you can't use your
users session. You would actually be creating an entirely new session.
When you redirect to result.aspx you are back to using your users session.
I can't see a way of doing what you are trying to do from the server. With
my ecommerce sites I send my processor the amount of the purchase and a
description (usually an Invoice #). I also send the processor two URLs.
The processor then redirects to one URL upon success and to the other upon
failure. Once that redirection happens the user is back to using their own
session on my site.

All I can think of is after you do your post don't Response.Write the entire
message to the user. Find what you need in it and then just put that in a
label or textbox or cell or something. I post to other sites behind the
scenes all the time to grab information for my user but I don't send back
the entire contents of that response. For one thing it would mess up my
ASP.Net Form tag, for another the content type I get back from my post is
many times not the same content type my user requested my page with in their
browser. There is a very good chance that by doing what you are doing you
are messing up not only your Form tag but also possibly your view state and
if you are using cookieless sessions this could be why you are losing your
session state. I hope this helps. Good luck! Ken.