Problem with unique session variables

N

Newton

Hi,

I got here the following problem. I am programming
web application for examing students.
After student will log on I need to keep his ID,
Privileges, Login, Password for manipulating with other
functions. All these information I will keep by

Session["ID"] = "2"
Session["Privileges"] = "Student"

and so on...
But my problem is, when later will log on teacher in
Session["Privileges"] will be "Teacher". It will be
replaced, so student will receive privileges of teacher.
And that is my problem. I heard that it is neccessary to
create unique ID for session.
I am working in ASP.NET with C# and there is
possibility to create this ID with method
Session.SessionID() but I dont know how to use it, how
those session variables can be different...

Is anybody here, who can show me some easy example how
to solve my problem?
Please. Thank you very much...

Newton
 
S

S. Justin Gengo

Newton,

Session variables are unique by nature.

Unless the teacher and the student log on to the exact same machine (and for
that matter without closing the browser windows) the Session["Privileges"]
variables will be tracked seperately for each user.

You shouldn't have a problem using the Session variable as is.

I hope this is good news! :)

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
 
B

Bill Richardson

-----Original Message-----
Hi,

I got here the following problem. I am programming
web application for examing students.
After student will log on I need to keep his ID,
Privileges, Login, Password for manipulating with other
functions. All these information I will keep by

Session["ID"] = "2"
Session["Privileges"] = "Student"

and so on...
But my problem is, when later will log on teacher in
Session["Privileges"] will be "Teacher". It will be
replaced, so student will receive privileges of teacher.
And that is my problem. I heard that it is neccessary to
create unique ID for session.
I am working in ASP.NET with C# and there is
possibility to create this ID with method
Session.SessionID() but I dont know how to use it, how
those session variables can be different...

Is anybody here, who can show me some easy example how
to solve my problem?
Please. Thank you very much...

Newton

.
Click to expand...
..Net will create the unique ID automatically.

In machine.config, set the

<sessionState mode=

setting to "InProc" (unless you have a web farm, then
you'll need to use a StateServer or SQLServer to maintain
session state). Also set the appropriate session timeout
(in minutes) in the same line. This will timeout the
session within the set number of minutes of INACTIVITY.

Then provide the user with a way to logout, which should
call Session.Abandon to log out of the current session.

Finally, at the top of each page, check Session
["Privileges"], and if not set, redirect to the login page.

That should allow you timeout users, and allow them to log
themselves out.

Bill Richardson
Proflowers.com
 
N

Newton

Hi,
believe me... they are not unique by nature... I started
internet explorer with my application and logged on as a
student, clicked the button and this application shown me
that student has logged on. Then i opened another
explorer and logged on as a teacher, clicked the button
and application shown me that teacher has logged on. Then
I returned to that explorer where student has logged on,
clicked the button and it shown me, that teacher has
logged on, so the session variable was overwritten.

Believe me... theyu are not unique by nature...
 
S

S. Justin Gengo

Newton,

Was this on the same machine? Sessions are unique to the machine not to each
browser window...

If this was on the same machine then you are getting the behaviour this was
designed to produce.

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
Newton said:
Hi,
believe me... they are not unique by nature... I started
internet explorer with my application and logged on as a
student, clicked the button and this application shown me
that student has logged on. Then i opened another
explorer and logged on as a teacher, clicked the button
and application shown me that teacher has logged on. Then
I returned to that explorer where student has logged on,
clicked the button and it shown me, that teacher has
logged on, so the session variable was overwritten.

Believe me... theyu are not unique by nature...
-----Original Message-----
Newton,

Session variables are unique by nature.

Unless the teacher and the student log on to the exact same machine (and for
that matter without closing the browser windows) the Session["Privileges"]
variables will be tracked seperately for each user.

You shouldn't have a problem using the Session variable as is.

I hope this is good news! :)

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Struct Member Variables Problem 0
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Help me, going live with a quiz 0
ValueError - "Found input variables with inconsistent numbers of samples: [100, 120]" 1
Problem with session variables 4
Session variables not working 0
Need help , Having problem with Drag n Drop... 1
Big problem I need to solve with some unix utils 1

Members online

No members online now.
Total: 40 (members: 0, guests: 40)
Robots: 153

Forum statistics

Threads
473,754
Messages
2,569,527
Members
45,000
Latest member
MurrayKeync

Latest Threads

Top