Maintaining Session State without Cookies
Some browsers do not recognize cookies, and users can choose to disable cookies in their browsers. The HTTP POST method provides an alternative to cookies to maintain session state. The HTTP POST method provides the same state information as would a cookie but has the advantage that it works even when cookies are not available. This method is not common in practice, but it is a good example to learn from. The HTTP POST method works similarly to an in-memory cookie; user information can be maintained only during the visit, and the session state information is gone when the user turns off the browser.
DataEntry.asp
Open a new file in your text editor, paste in the following script, and save the files as C:\Inetpub\Wwwroot\Tutorial\DataEntry.asp. View the file in your browser by typing https://Localhost/Tutorial/DataEntry.asp.
<%@ Language= "VBScript" %>
<html>
<head>
<title>Data Entry Without Cookies</title>
</head>
<body>
<font face="MS Gothic">
<!-- In this example, subroutines are listed first.
There's a subroutine for each page of the order process.
The main calling code is at the bottom. -->
<% Sub DisplayInitialPage %>
<table border=1 cellpadding=3 cellspacing=0 width=500 bordercolor=#808080 align=center>
<tr><td bgColor=#004080 align=center>
<font color=#ffffff><H2>Order Form</H2></font>
</td></tr><tr><td bgColor=#e1e1e1 align=left>
<P><B>Step 1 of 4</B></P>
<P align=center>
This form uses the HTTP POST method to pass along hidden values that contain
your order information. This form does not use cookies. <b>DO NOT ENTER CREDIT CARD
INFORMATION UNLESS YOU SEE HTTPS:// IN THE ADDRESS BAR OF YOUR WEB BROWSER, AS THIS INDICATES A
SECURE SOCKETS LAYER (SSL) CONNECTION.</b>
</P>
<FORM METHOD=POST ACTION="DataEntry.asp" NAME=DataEntryForm>
<P>Enter your name
<INPUT TYPE="TEXT" NAME=FullName>
<BR>Enter your imaginary credit card number
<INPUT TYPE="TEXT" NAME=CreditCard>
</P>
<!-- Keeps track of the information by using the hidden HTML form variable Next Page. -->
<INPUT TYPE="HIDDEN" NAME=NextPage VALUE=2>
<INPUT TYPE="SUBMIT" VALUE="Next ->" NAME=NextButton>
</FORM>
</td></tr>
</table>
<% End Sub %>
<% Sub DisplayDogBreed %>
<table border=1 cellpadding=3 cellspacing=0 width=500 align=center>
<tr><td bgColor=#004080 align=center>
<font color=#ffffff><H2>Order Form</H2></font>
</td></tr><tr><td bgColor=#e1e1e1>
<P><B>Step 2 of 4</B></P>
<P align=center>
Please select the type of dog you want.
</P>
<FORM METHOD=POST ACTION="DataEntry.asp" NAME=DataEntryForm>
<P>
<INPUT TYPE=RADIO NAME=DogSelected VALUE="Cocker Spaniel" CHECKED>Cocker Spaniel<BR>
<INPUT TYPE=RADIO NAME=DogSelected VALUE="Doberman">Doberman<BR>
<INPUT TYPE=RADIO NAME=DogSelected VALUE="Timber Wolf">Timber Wolf<BR>
<INPUT TYPE=RADIO NAME=DogSelected VALUE="Mastiff">Mastiff<BR>
</P>
<!--Keeps track of the information by using the hidden HTML form variable Next Page. -->
<INPUT TYPE="HIDDEN" NAME=NextPage VALUE=3>
<INPUT TYPE="SUBMIT" VALUE="Next ->" NAME=NextButton>
</FORM>
</td></tr>
</table>
<% End Sub %>
<% Sub DisplayCity %>
<table border=1 cellpadding=3 cellspacing=0 width=500 align=center>
<tr><td bgColor=#004080 align=center>
<font color=#ffffff><H2>Order Form</H2></font>
</td></tr><tr><td bgColor=#e1e1e1>
<P><B>Step 3 of 4</B></P>
<P align=center>
We deliver from the following cities. Please choose the one closest to you.
</P>
<FORM METHOD=POST ACTION="DataEntry.asp" NAME=DataEntryForm>
<P>
<INPUT TYPE=RADIO NAME=CitySelected VALUE="Seattle" CHECKED>Seattle<BR>
<INPUT TYPE=RADIO NAME=CitySelected VALUE="Los Angeles">Los Angeles<BR>
<INPUT TYPE=RADIO NAME=CitySelected VALUE="Boston">Boston<BR>
<INPUT TYPE=RADIO NAME=CitySelected VALUE="New York">New York<BR>
</P>
<!--Keeps track of the information by using the hidden HTML form variable Next Page. -->
<INPUT TYPE="HIDDEN" NAME=NextPage VALUE=4>
<INPUT TYPE="SUBMIT" VALUE="Next ->" NAME=NextButton>
</FORM>
</td></tr>
</table>
<% End Sub %>
<% Sub DisplaySummary %>
<table border=1 cellpadding=3 cellspacing=0 width=500 align=center>
<tr><td bgColor=#004080 align=center>
<font color=#ffffff><H2>Order Form Completed</H2></font>
</td></tr><tr><td bgColor=#e1e1e1>
<P><B>Step 4 of 4</B></P>
<P align=center>
The following information was entered.<BR>
A transaction will now be executed to complete your order if your name and
credit card are valid.
</P>
<table cellpadding=4>
<tr bgcolor=#ffffcc><td>
Name
</td><td>
<%=Session.Value("FullName")%>
</td></tr><tr bgcolor=Beige><td>
Credit Card
</td><td>
<%=Session.Value("CreditCard")%>
</td></tr><tr bgcolor=Beige><td>
Dog Ordered
</td><td>
<%=Session.Value("DogSelected")%>
</td></tr><tr bgcolor=Beige><td>
City Ordered From
</td><td>
<%=Session.Value("CitySelected")%>
</td></tr>
</table>
</td>
</tr>
</table>
<% End Sub %>
<% Sub StoreUserDataInSessionObject %>
<%
Dim FormKey
For Each FormKey in Request.Form
Session(FormKey) = Server.HTMLEncode(Request.Form.Item(FormKey))
Next
%>
<% End Sub %>
<%
'This is the main code that calls all the subroutines depending on the
' hidden form elements.
Dim CurrentPage
If Server.HTMLEncode(Request.Form.Item("NextPage")) = "" Then
CurrentPage = 1
Else
CurrentPage = Server.HTMLEncode(Request.Form.Item("NextPage"))
End If
'Save all user data so far.
Call StoreUserDataInSessionObject
Select Case CurrentPage
Case 1 : Call DisplayInitialPage
Case 2 : Call DisplayDogBreed
Case 3 : Call DisplayCity
Case 4 : Call DisplaySummary
End Select %>
<BR>
<H3 align=center><A HREF="DataEntry.asp">Reset Order</A></H3>
</font>
</body>
</html>
In the browser, you should see the following:
Order Form |
Step 1 of 4 This form uses the HTTP post method to pass along hidden values that contain your order information. This form does not use cookies. DO NOT ENTER CREDIT CARD INFORMATION UNLESS YOU SEE HTTPS:// IN THE ADDRESS BAR OF YOUR WEB BROWSER, AS THIS INDICATES A SECURE SOCKETS LAYER (SSL) CONNECTION. Enter your name .gif "Text Box")
Enter your imaginary credit card number |