Partager via


Maintaining Session State without Cookies

Some browsers do not recognize cookies, and users can choose to disable cookies in their browsers. The HTTP POST method provides an alternative to cookies to maintain session state. The HTTP POST method provides the same state information as would a cookie but has the advantage that it works even when cookies are not available. This method is not common in practice, but it is a good example to learn from. The HTTP POST method works similarly to an in-memory cookie; user information can be maintained only during the visit, and the session state information is gone when the user turns off the browser.

DataEntry.asp

Open a new file in your text editor, paste in the following script, and save the files as C:\Inetpub\Wwwroot\Tutorial\DataEntry.asp. View the file in your browser by typing https://Localhost/Tutorial/DataEntry.asp.

<%@ Language= "VBScript" %>  

  <html>  
  <head>  
  <title>Data Entry Without Cookies</title>  
  </head>  
  <body> 
  <font face="MS Gothic"> 

  <!-- In this example, subroutines are listed first.  
       There's a subroutine for each page of the order process. 
       The main calling code is at the bottom. -->  

  <% Sub DisplayInitialPage %> 

    <table border=1 cellpadding=3 cellspacing=0 width=500 bordercolor=#808080 align=center>  
    <tr><td bgColor=#004080 align=center>  
    <font color=#ffffff><H2>Order Form</H2></font>  
    </td></tr><tr><td bgColor=#e1e1e1 align=left>  
    <P><B>Step 1 of 4</B></P> 
    <P align=center> 
    This form uses the HTTP POST method to pass along hidden values that contain  
    your order information. This form does not use cookies.  <b>DO NOT ENTER CREDIT CARD  
    INFORMATION UNLESS YOU SEE HTTPS:// IN THE ADDRESS BAR OF YOUR WEB BROWSER, AS THIS INDICATES A  
    SECURE SOCKETS LAYER (SSL) CONNECTION.</b> 
    </P>  

    <FORM METHOD=POST ACTION="DataEntry.asp" NAME=DataEntryForm>  
    <P>Enter your name  
    <INPUT TYPE="TEXT" NAME=FullName>  
    <BR>Enter your imaginary credit card number  
    <INPUT TYPE="TEXT" NAME=CreditCard> 
    </P>  
    <!-- Keeps track of the information by using the hidden HTML form variable Next Page. -->  
    <INPUT TYPE="HIDDEN" NAME=NextPage VALUE=2>  
    <INPUT TYPE="SUBMIT" VALUE="Next ->" NAME=NextButton>  
    </FORM>  

    </td></tr>  
    </table> 


  <% End Sub %> 


  <% Sub DisplayDogBreed %> 

    <table border=1 cellpadding=3 cellspacing=0 width=500 align=center>  
    <tr><td bgColor=#004080 align=center>  
    <font color=#ffffff><H2>Order Form</H2></font>  
    </td></tr><tr><td bgColor=#e1e1e1>  
    <P><B>Step 2 of 4</B></P> 
    <P align=center> 
    Please select the type of dog you want.  
    </P>  

    <FORM METHOD=POST ACTION="DataEntry.asp" NAME=DataEntryForm> 
    <P> 
    <INPUT TYPE=RADIO NAME=DogSelected VALUE="Cocker Spaniel" CHECKED>Cocker Spaniel<BR> 
    <INPUT TYPE=RADIO NAME=DogSelected VALUE="Doberman">Doberman<BR> 
    <INPUT TYPE=RADIO NAME=DogSelected VALUE="Timber Wolf">Timber Wolf<BR> 
    <INPUT TYPE=RADIO NAME=DogSelected VALUE="Mastiff">Mastiff<BR> 
    </P> 
    <!--Keeps track of the information by using the hidden HTML form variable Next Page. -->  
    <INPUT TYPE="HIDDEN" NAME=NextPage VALUE=3> 
    <INPUT TYPE="SUBMIT" VALUE="Next ->" NAME=NextButton>  
    </FORM>  
    </td></tr> 
    </table>  


  <% End Sub %> 


  <% Sub DisplayCity %>  

    <table border=1 cellpadding=3 cellspacing=0 width=500 align=center>  
    <tr><td bgColor=#004080 align=center>  
    <font color=#ffffff><H2>Order Form</H2></font>  
    </td></tr><tr><td bgColor=#e1e1e1>  
    <P><B>Step 3 of 4</B></P> 
    <P align=center> 
    We deliver from the following cities. Please choose the one closest to you. 
    </P>  

    <FORM METHOD=POST ACTION="DataEntry.asp" NAME=DataEntryForm> 
    <P> 
    <INPUT TYPE=RADIO NAME=CitySelected VALUE="Seattle" CHECKED>Seattle<BR> 
    <INPUT TYPE=RADIO NAME=CitySelected VALUE="Los Angeles">Los Angeles<BR> 
    <INPUT TYPE=RADIO NAME=CitySelected VALUE="Boston">Boston<BR> 
    <INPUT TYPE=RADIO NAME=CitySelected VALUE="New York">New York<BR> 
    </P> 
    <!--Keeps track of the information by using the hidden HTML form variable Next Page. -->  
    <INPUT TYPE="HIDDEN" NAME=NextPage VALUE=4> 
    <INPUT TYPE="SUBMIT" VALUE="Next ->" NAME=NextButton>  
    </FORM>  
    </td></tr> 
    </table>  


  <% End Sub %> 


  <% Sub DisplaySummary %> 

    <table border=1 cellpadding=3 cellspacing=0 width=500 align=center>  
    <tr><td bgColor=#004080 align=center>  
    <font color=#ffffff><H2>Order Form Completed</H2></font>  
    </td></tr><tr><td bgColor=#e1e1e1>  
    <P><B>Step 4 of 4</B></P> 
    <P align=center> 
    The following information was entered.<BR>  
    A transaction will now be executed to complete your order if your name and  
    credit card are valid. 
    </P>  
      <table cellpadding=4>  
      <tr bgcolor=#ffffcc><td> 
      Name 
      </td><td> 
      <%=Session.Value("FullName")%>  
      </td></tr><tr bgcolor=Beige><td> 
      Credit Card  
      </td><td> 
      <%=Session.Value("CreditCard")%>  
      </td></tr><tr bgcolor=Beige><td> 
      Dog Ordered  
      </td><td> 
      <%=Session.Value("DogSelected")%> 
      </td></tr><tr bgcolor=Beige><td> 
      City Ordered From  
      </td><td>   
      <%=Session.Value("CitySelected")%> 
      </td></tr>  
      </table>  

    </td>  
    </tr>  
    </table>  


  <% End Sub %> 


  <% Sub StoreUserDataInSessionObject  %> 
  <% 
    Dim FormKey 
    For Each FormKey in Request.Form 
    Session(FormKey) = Server.HTMLEncode(Request.Form.Item(FormKey)) 
    Next  
  %> 
  <% End Sub  %> 


  <% 
    'This is the main code that calls all the subroutines depending on the 
    ' hidden form elements. 

    Dim CurrentPage  

    If Server.HTMLEncode(Request.Form.Item("NextPage")) = "" Then 
      CurrentPage = 1  
    Else 
      CurrentPage = Server.HTMLEncode(Request.Form.Item("NextPage")) 
    End If  

    'Save all user data so far. 
    Call StoreUserDataInSessionObject 

    Select Case CurrentPage  
      Case 1 : Call DisplayInitialPage  
      Case 2 : Call DisplayDogBreed  
      Case 3 : Call DisplayCity  
      Case 4 : Call DisplaySummary  
    End Select %>  

  <BR>  
  <H3 align=center><A HREF="DataEntry.asp">Reset Order</A></H3>  

  </font> 
  </body>  
  </html>  

In the browser, you should see the following:

Order Form

Step 1 of 4

This form uses the HTTP post method to pass along hidden values that contain your order information. This form does not use cookies. DO NOT ENTER CREDIT CARD INFORMATION UNLESS YOU SEE HTTPS:// IN THE ADDRESS BAR OF YOUR WEB BROWSER, AS THIS INDICATES A SECURE SOCKETS LAYER (SSL) CONNECTION.

Enter your name

Text Box

Enter your imaginary credit card number

Text Box