ONE person gets an ASP error....

[Steve Bywaters]

There are several hundred of my client's franchisees happily accessing my
ASP/VBscript web site... but one - just one - has reported the following:


"I have been trying to log onto the LSM since friday and get this message
when I want to go into any of the items on Home Page.
Response object error
'ASP 0156: '80004000'
Header error
/lsm/ListPolls.asp.Line 21
The HTTP header are already written to the client browser. Any HTTP header
modifications must be made before writing page content."


I have tried the page(s) in question and all is well... so have others - no
problem.
So how can ONE person get such a server-side error?

Points:
* She is using IE6 (.1) on W98
* I understand that the 'error' often is produced when a Redirect is issued
after starting to write the page... and that Response.Buffer will solve
that 'problem'. I have used this in the past, when *I* have seen an error
occur, but since she is the only one getting the error, and it (apparently)
happens on several pages), that would seem a silly way to go (since I do NOT
get the problem)
* Line 21 - as indicated the offending line - is ONLY called if
authorisation (via Session var) fails.... but she couldn't have got this far
into the site unless she *had* logged in, and auth. stored.... ???

Can someone provide more insight as to what's happening?

Steve

 

[Ray at]

While I imagine you could purposely cause this error for one person if you
really wanted to, i.e.

<%
if request.servervariables("remote_addr") = "192.168.1.50" then
response.flush
response.redirect "elsewhere.asp"
end if
%>

I'll assume you're not doing that. Are you buffering? What version of IIS?
IIS 4 (NT 4 with Option Pack) does not buffer by default, where as IIS5 and
over do. Do you have response.buffer = true for good measure? That should
avoid this for all people. Perhaps others are just getting a 500 error,
whereas this user has friendly errors disabled, and no one is reporting the
500 to you. Turning on buffering should solve the problem. I cannot think
of any reason why it would buffer for everyone but one person.

Ray at home

 

[Steve Bywaters]

No buffering (on these pages)....
I understand your hypothesis, but it's not correct in this case
Other users are *not* getting the error... they get the correct page
display.

In fact it is more subtle than this (as indicated in orig. post).. because
the line no of failure is a line that gets executed only on failure of
access - ie if a session value is not set, they are 'Redirect'ed to a denied
page (which is failing for ONE user)!!
BUT they cannot get to even go to the "failing" page *unless* they ARE
logged in correctly....

Huh (!?)... I don't get this.

Steve

 

[Sylvain Lafontaine]

Probably she have disabled her cookies, including session cookies, or she is
behind a firewall or a proxy who block them or she is using some kind of
anonymiser software.

In all these cases, she will be in a session-less state: the IIS will be
unable to retain her session's values when going from one page to another
because her session cookie is blocked or otherwise unavailable.

S. L.

 

[Ken Schaefer]

www.adopenstatic.com/faq/headererror.asp explains why you are getting this
error.

Why don't you post lines 1-21 of the page in question?

Cheers
Ken


: No buffering (on these pages)....
: I understand your hypothesis, but it's not correct in this case
: Other users are *not* getting the error... they get the correct page
: display.
:
: In fact it is more subtle than this (as indicated in orig. post).. because
: the line no of failure is a line that gets executed only on failure of
: access - ie if a session value is not set, they are 'Redirect'ed to a
denied
: page (which is failing for ONE user)!!
: BUT they cannot get to even go to the "failing" page *unless* they ARE
: logged in correctly....
:
: Huh (!?)... I don't get this.
:
: Steve
:
:
:
: "Ray at <%=sLocation%>" <myFirstNameATlane34dotKOMM> wrote in message
: : > While I imagine you could purposely cause this error for one person if
you
: > really wanted to, i.e.
: >
: > <%
: > if request.servervariables("remote_addr") = "192.168.1.50" then
: > response.flush
: > response.redirect "elsewhere.asp"
: > end if
: > %>
: >
: > I'll assume you're not doing that. Are you buffering? What version of
: IIS?
: > IIS 4 (NT 4 with Option Pack) does not buffer by default, where as IIS5
: and
: > over do. Do you have response.buffer = true for good measure? That
: should
: > avoid this for all people. Perhaps others are just getting a 500 error,
: > whereas this user has friendly errors disabled, and no one is reporting
: the
: > 500 to you. Turning on buffering should solve the problem. I cannot
: think
: > of any reason why it would buffer for everyone but one person.
: >
: > Ray at home
: >
: > : > > There are several hundred of my client's franchisees happily accessing
: my
: > > ASP/VBscript web site... but one - just one - has reported the
: following:
: > >
: > >
: > > "I have been trying to log onto the LSM since friday and get this
: message
: > > when I want to go into any of the items on Home Page.
: > > Response object error
: > > 'ASP 0156: '80004000'
: > > Header error
: > > /lsm/ListPolls.asp.Line 21
: > > The HTTP header are already written to the client browser. Any HTTP
: header
: > > modifications must be made before writing page content."
: > >
: > >
: > > I have tried the page(s) in question and all is well... so have
others -
: > no
: > > problem.
: > > So how can ONE person get such a server-side error?
: > >
: > > Points:
: > > * She is using IE6 (.1) on W98
: > > * I understand that the 'error' often is produced when a Redirect is
: > issued
: > > after starting to write the page... and that Response.Buffer will
solve
: > > that 'problem'. I have used this in the past, when *I* have seen an
: error
: > > occur, but since she is the only one getting the error, and it
: > (apparently)
: > > happens on several pages), that would seem a silly way to go (since I
do
: > NOT
: > > get the problem)
: > > * Line 21 - as indicated the offending line - is ONLY called if
: > > authorisation (via Session var) fails.... but she couldn't have got
this
: > far
: > > into the site unless she *had* logged in, and auth. stored.... ???
: > >
: > > Can someone provide more insight as to what's happening?
: > >
: > > Steve
: > >
: > >
: > >
: > >
: > >
: > >
: > >
: >
: >
:
:
:
:

 

[Steve Bywaters]

" www.adopenstatic.com/faq/headererror.asp explains why you are getting this
error."

Yes, I know about buffering... I explained that in the post.
But code is not writing the headers BEFORE Line 21 (see below).

In addition, there's the issue of 'authorisation' .. (see prev. post)


FYI: here's lines 1-21... (std. Dreamweaver code)

<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/EEM1.asp" -->
<!--#include file="Functions.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="1,2,3"
MM_authFailedURL="AccessDenied.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1)
Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" &
Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" &
Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)

 

[Ray at]

No buffering (on these pages)....

Don't put redirects in after some response has been written if you're not
buffering. Or, don't not buffer if you're redirecting after some response
has been written - however you want to look at it.

Ray at home

 

[Kris Eiben]

Hmmm. Is it possible that this one user is, for whatever reason, going
through a path in your code branching that you don't expect anyone to go
through? So that, for her only, there _is_ content being written to the
browser before a redirect? Maybe some test code that response.writes a
variable, that you never bothered to comment out because nobody takes
that branch? Or a stray "<" outside of your ASP code? Have you checked
all your include files?

 

[TomB]

Is it possible she's bookmarked this page and is going directly there
without going through your login routine?

 

[Phillip Windell]

I think Sylvain has hit on the answer. She has session cookies turned
off in the browser, so the session get lost each time a new page is
requested.

 

[Ray at]

You could be right, there. Of course, the bigger issue, in my opinion, is
don't redirect if you're writing a response and not buffering!

Ray at work

 

[Steve Bywaters]

There are 400+ users on the site... *1* person has the problem.....
ie it's not code

 

[Ray at]

It's a server-side ASP error, and it's not the code? It IS the code. You
have to code for all possible client configurations, and if you do not, and
an error is generated because of it, it's either a problem with the code or
the coder, however you want to look at it.

Ray at work

 

[Steve Bywaters]

Hardly a 'bigger issue'... there are 400+ users on the site... no
problems... *ONE* person is getting this anomally, which is caused by
(maybe) session cookies.

There are plenty of Redirects on the site... none are causing a problem to
anyone else!
So no - not a 'bigger problem' at all.

But haven't ranted a tad <g>.... my code up to the reported problem line is
included below - for my sake, can you point out *where* I am 'writing a
response then redirecting'?
(It is standard Dreamweaver, btw)

<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/EEM1.asp" -->
<!--#include file="Functions.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="1,2,3"
MM_authFailedURL="AccessDenied.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1)
Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" &
Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" &
Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)


Failure (allegedly) occurs on this last line.
Steve

You could be right, there. Of course, the bigger issue, in my opinion, is
don't redirect if you're writing a response and not buffering!

Ray at work

I think Sylvain has hit on the answer. She has session cookies turned
off in the browser, so the session get lost each time a new page is
requested.


--

Phillip Windell [CCNA, MVP, MCP]
WAND-TV (ABC Affiliate)
www.wandtv.com

 

[Ray at]

Yeah, right here:
<!--#include file="Connections/EEM1.asp" -->

I'd be willing to bet that include has html in it. Would you just buffer
your damn pages? You're not going to be able to win an argument with your
server and convince it to do something different.

Ray at work

Hardly a 'bigger issue'... there are 400+ users on the site... no
problems... *ONE* person is getting this anomally, which is caused by
(maybe) session cookies.

There are plenty of Redirects on the site... none are causing a problem to
anyone else!
So no - not a 'bigger problem' at all.

But haven't ranted a tad <g>.... my code up to the reported problem line is
included below - for my sake, can you point out *where* I am 'writing a
response then redirecting'?
(It is standard Dreamweaver, btw)

<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/EEM1.asp" -->
<!--#include file="Functions.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="1,2,3"
MM_authFailedURL="AccessDenied.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1)
Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" &
Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" &
Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)


Failure (allegedly) occurs on this last line.
Steve

You could be right, there. Of course, the bigger issue, in my opinion, is
don't redirect if you're writing a response and not buffering!

Ray at work

I think Sylvain has hit on the answer. She has session cookies turned
off in the browser, so the session get lost each time a new page is
requested.


--

Phillip Windell [CCNA, MVP, MCP]
WAND-TV (ABC Affiliate)
www.wandtv.com

 

[Steve Bywaters]

With due respect, that's nonsense!
If an error occurs because session cookies are turned off that is not the
'fault' of the code.
(If client-side javascript tricks won't run because js is turned off, that's
not the fault of the code, is it?)
You trying too hard... and missing the fundamental point. Tha ASP error is
an artefact not the primary.

Steve

 

[Steve Bywaters]

Thanks for that.... I've passed on your suggestions..we'll see what happens.

Steve

 

[Ray at]

You are missing the point that it is up to the programmer to deal with
different configurations. It is up to the programmer to decide if he will
deal with users that have JS disabled. You, the owner of the site, need to
make a decision about how much you will cater to the users, and if you
choose not to cater to all of them, write YOUR code accordingly.

Ray at work

 

[Steve Bywaters]

You lose the bet!

<%
' FileName="Connection_ado_conn_string.htm"
' Type="ADO"
' HTTP="false"
' Catalog=""
' Schema=""
MM_EEM1_STRING = "Driver={SQL
Server};Server=(local);Database=LSM;UID=EEMweb1;PWD=Clarion5"
%>

Yeah, right here:
<!--#include file="Connections/EEM1.asp" -->

I'd be willing to bet that include has html in it. Would you just buffer
your damn pages? You're not going to be able to win an argument with your
server and convince it to do something different.

Ray at work

Hardly a 'bigger issue'... there are 400+ users on the site... no
problems... *ONE* person is getting this anomally, which is caused by
(maybe) session cookies.

There are plenty of Redirects on the site... none are causing a problem to
anyone else!
So no - not a 'bigger problem' at all.

But haven't ranted a tad <g>.... my code up to the reported problem line is
included below - for my sake, can you point out *where* I am 'writing a
response then redirecting'?
(It is standard Dreamweaver, btw)

<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/EEM1.asp" -->
<!--#include file="Functions.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="1,2,3"
MM_authFailedURL="AccessDenied.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1)
Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer &

"?"

&
Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" &
Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)


Failure (allegedly) occurs on this last line.
Steve

opinion,

is

don't redirect if you're writing a response and not buffering!

Ray at work

"Phillip Windell" <none> wrote in message
I think Sylvain has hit on the answer. She has session cookies turned
off in the browser, so the session get lost each time a new page is
requested.


--

Phillip Windell [CCNA, MVP, MCP]
WAND-TV (ABC Affiliate)
www.wandtv.com

 

[Ray at]

Yeah, I figured I would after I noticed it was one of those "connections"
includes that DW creates. DAmn! I'll paypal you a dollar.

RAy at work