TOPIC:

SESSION AND SERVER OBJECT IN ASP

CONTENTS
INTRODUCTION
WHAT IS ASP?
ASP SESSION OBJECT
SESSION MANAGEMENT IN ASP SESSION AND CONCERNS
SERVER OBJECT
METHODS OF SERVER OBJECT
SUMMARY
LOVELY INSTITUTE OF MANAGEMENT
NAME: SANDEEP KAUR
ROLL NUMBER: 7114233724
CLASS: BCA
TH
S!"# S!$ %C &
SUBMITTED TO :
INTRODUCTION
Active Server Pages (ASP) was Microsoft's first server-side script engine for
dynamicay-generated we! pages" It is aso #nown as Cassic ASP or ASP Cassic "It
$as now !een repaced !y ASP"%&T" It is a server side tec$noogy t$at ena!es 's to
ma#e dynamic and interactive we! pages t$at are not affected !y t$e type of !rowser
t$e we! site visitor is 'sing"
T$e ASP Session o!(ect stores information needed for a partic'ar 'ser's session on t$e
we! server" It is a'tomaticay created every time w$en an ASP page from t$e we! site
or we! appication is re)'ested !y a 'ser w$o does not aready $ave a session* and it
remains avaia!e 'nti t$e session e+pires"
T$e ASP Server o!(ect provides access to met$ods and properties on t$e server" Most
of its met$ods and properties serve as 'tiity f'nctions"
WHAT IS ASP?
ASP stands for Active Server Pages" It is a server side tec$noogy t$at ena!es yo' to
ma#e dynamic and interactive we! pages t$at are not affected !y t$e type of !rowser
t$e we! site visitor is 'sing"
Act'ay* ASP pages are scripts t$at are r'n* or e+ec'ted* on t$e we! server" T$e script
is interpreted from top to !ottom to create ,TM- pages t$at are sent to t$e !rowser for
dispay"
ASP is 's'ay r'n on Microsoft we! server* Internet Information Server (IIS)" It is t$is
we! server t$at ASP pages 's'ay r'n !est on" IIS or its micro version Persona .e!
Server (P.S) comes free wit$ .indows.
ASP C'"()*+,+-+*.
To r'n IIS yo' m'st $ave .indows %T /"0 or ater
To r'n P.S yo' m'st $ave .indows 12 or ater
C$iiASP is a tec$noogy t$at r'ns ASP wit$o't .indows OS
InstantASP is anot$er tec$noogy t$at r'ns ASP wit$o't .indows
W/)* +0 )1 ASP F+-!?
An ASP fie is ('st t$e same as an ,TM- fie
An ASP fie can contain te+t* ,TM-* 3M-* and scripts
Scripts in an ASP fie are e+ec'ted on t$e server
An ASP fie $as t$e fie e+tension 4"asp4
H'2 D'!0 ASP D+33!4 34'" HTML?
.$en a !rowser re)'ests an ,TM- fie* t$e server ret'rns t$e fie
.$en a !rowser re)'ests an ASP fie* IIS passes t$e re)'est to t$e ASP engine"
T$e ASP engine reads t$e ASP fie* ine !y ine* and e+ec'tes t$e scripts in t$e
fie" 5inay* t$e ASP fie is ret'rned to t$e !rowser as pain ,TM-
W/)* $)1 ASP 5' 3'4 60?
6ynamicay edit* c$ange* or add any content of a .e! page
7espond to 'ser )'eries or data s'!mitted from ,TM- forms
Access any data or data!ases and ret'rn t$e res'ts to a !rowser
C'stomi8e a .e! page to ma#e it more 'sef' for individ'a 'sers
T$e advantages of 'sing ASP instead of C9I and Per* are t$ose of simpicity and
speed
Provide sec'rity - since ASP code cannot !e viewed from t$e !rowser
Cever ASP programming can minimi8e t$e networ# traffic
H'2 *' +10*)-- ASP '1 '64 '21 $'"(6*!4?
If we are r'nning .indows 3P Professiona on yo'r comp'ter* we can insta Microsoft's
we! server* Internet Information Server 2": (IIS) for free from t$e .indows 3P Pro
instaation C6 and config're it to r'n on system !y foowing t$e instr'ctions !eow:
:" Pace t$e .indows 3P Professiona C6-7om into yo'r C6-7om 6rive"
;" 5rom o'r Start <'tton* go to Settings* and Contro Pane
=" Open Add>7emove .indows Components fo'nd in Add>7emove Programs in t$e
Contro Pane"
/" In t$e .indows Component .i8ard c$ec# Internet Information Services* cic#
ne+t and foow t$e on-screen instr'ctions"
2" Ma#e s're t$at yo'r .e! server is r'nning" Its stat's can !e c$ec#ed !y going
into t$e Contro Pane* t$en Administrative Toos* and do'!e-cic# t$e IIS
Manager icon
?" Test t$at IIS is wor#ing" Type into t$e address !ar of yo'r we! !rowser
$ttp:>>oca$ost>" @o' s$o'd see t$e IIS doc'mentation* if it's wor#ing correcty"
<'t we cannot r'n ASP on .indows 3P ,ome &dition"
ASP Session Obe!"
.$en we are wor#ing wit$ an appication on o'r comp'ter* we open it* do some
c$anges and t$en yo' cose it" T$is is m'c$ i#e a Session" T$e comp'ter #nows w$o
we are" It #nows w$en we open t$e appication and w$en we cose it" ,owever* on t$e
internet t$ere is one pro!em: t$e we! server does not #now w$o yo' are and w$at yo'
do* !eca'se t$e ,TTP address doesn't maintain state"
ASP soves t$is pro!em !y creating a 'ni)'e coo#ie for eac$ 'ser" T$e coo#ie is sent
to t$e 'ser's comp'ter and it contains information t$at identifies t$e 'ser" T$is interface
is caed t$e Session o!(ect"
T$e Session o!(ect stores information a!o't* or c$ange settings for a 'ser session"
S!00+'1 ID : Session I6 is t$e 'ni)'e in# !etween !rowser and t$e server" Once t$e
session is created a session I6 is generated w$ic$ is a 'ni)'e n'm!er and it is #ept at
'ser end ( cient !rowser ) 'sing coo#ies" Server #eeps a t$e varia!es corresponding
to t$is session I6 at server side" &ac$ time !rowser moves to different pages it s'!mit
session I6 to server and server after matc$ing ret'rns a t$e session varia!es
associated wit$ t$is session I6" T$is session I6 is aso 'sed in many cases to identify
and #eep trac# of 'ser activity" 5or e+ampe in a s$opping cart script we can #eep a t$e
p'rc$ases done !y t$e visitor in a temporary ta!e wit$ a 'ni)'e fied storing t$e
session I6" <ased on t$is session I6 w$at are t$e p'rc$ases and t$e tota )'antity*
pac#ets etc can !e cac'ated at t$e c$ec#o't time" Session I6 is t$e !est way to
maintain 'ni)'e in# wit$ t$e server as many ot$er visitors wi !e 'sing t$e same site
and doing p'rc$asing at t$e same time"
W/!1 2! 0/'6-5 1'* 60! S!00+'1: Sessions are 'sed to store 'ser specific
information so it s$o'd not !e 'sed to store go!a information" 5or e+ampe t$ere is an
anno'ncement for a t$e mem!ers t$at site mem!er area wi not !e avaia!e d'ring a
partic'ar period d'e to sc$ed'e maintenance" T$is message is for a so we s$o'd not
'se session to store t$is message" In anot$er case we are 'sing a mem!ers$ip system
w$ere 'ser ogin id is to !e avaia!e inside ot$er pages* $ere detais are 'ser specific
so t$ey are to !e stored 'sing session
L')5 '1 S!47!4: A session varia!es are stored at server end" So eac$ session of t$e
visitor adds oad to t$e server reso'rces as server $as to maintain t$e session
varia!es" Say for e+ampe we are 'sing ten varia!es for eac$ session of t$e visitor"
%ow at a moment if one t$o'sand visitors ogs in to t$e server t$en tota session
varia!es wi !e :0 + :000" Imagine if t$e site !ecame more pop'ar and wit$ growing
visitor oad on server aso wi go 'p" So ony 'ser specific re)'irements are to !e #ept
in session and specia care is to !e ta#en 'p for $ig$ traffic sites"
S!$64+*.: T$is is t$e !iggest advantage of 'sing session" As t$e data reside at server
side so it remains sec're irrespective of 'ser !rowser environment" Some cases i#e
'ser a't$entication res'ts* passwords etc are #ept in sessions ony as 'sers are
e+pected to 'se different comp'ters at different ocations so t$ey can't !e eft at cient
side" A'ery string data gets easiy e+posed !y c$ec#ing t$e $istory of t$e !rowser"
A"'61* '3 D)*): <etter not to oad t$e server wit$ more session data as it drains t$e
server reso'rces" T$is is important partic'ary for $ig$ traffic sites" %ow temporary
ta!es are avaia!e in data!ases w$ic$ are fast and maintain overa sma si8e for
data!ase"
Variables: Baria!es stored in a Session o!(ect $od information a!o't one singe 'ser*
and are avaia!e to a pages in one appication" Common information stored in session
varia!es are name* id* and preferences" T$e server creates a new Session o!(ect for
eac$ new 'ser* and destroys t$e Session o!(ect w$en t$e session e+pires"
S!00+'1 T+"! O6* '4 564)*+'1 '3 )$*+7! 0!00+'1 +1 ASP: As t$e session varia!es are
stored at server side we can't #eep t$em for ever" T$en $ow ong we can #eep t$e
session varia!es at o'r server end C It depends on $ow fre)'enty or $ow ong t$e 'ser
is interacting wit$ t$e server" If t$e interacting period is going on t$en server $as to #eep
t$e session varia!es active !'t if t$e 'ser is not active t$en it wi remove t$e session
varia!es"T$e d'ration wit$in w$ic$ t$e visitor m'st interact wit$ server to #eep t$e
session ive is ;0 min'tes !y defa't" <'t t$is d'ration can !e c$anged at script end !y
t$is command"
Session"Timeo't D :0
T$e a!ove ine wi fi+ t$e interva for :0 min'te and wit$in t$is time t$e visitor $as to
interact wit$ t$e server to #eep t$e session ive" So inside o'r script we can manage t$e
session time as per o'r re)'irement"
T/! S!00+'1 ',8!$*90 $'--!$*+'10# (4'(!4*+!0# "!*/'50# )15 !7!1*0 )4! 5!0$4+,!5
,!-'2:
Collections
Collection Description
Contents Contains a t$e items appended to t$e session t$ro'g$ a
script command
Static O!(ects Contains a o!(ects append to t$e session wit$ ,TM-
Eo!(ectF tag
Properties
Property Description
CodePage Specifies t$e c$aracter set t$at wi !e 'sed w$en dispaying
dynamic content
-CI6 Sets or ret'rns an integer t$at specifies a ocation or region"
Contents i#e date* time* and c'rrency wi !e dispayed
according to t$at ocation or region
SessionI6 7et'rns a 'ni)'e id for eac$ 'ser" T$e 'ni)'e id is
generated !y t$e server
Timeo't Sets or ret'rns t$e timeo't period (in min'tes) for t$e
Session o!(ect in t$is appication
Methods
Method Description
A!andon 6estroys a 'ser session
Contents"7emove 6eetes an item from t$e Contents coection
Contents"7emoveA() 6eetes a items from t$e Contents coection
Events
Events Description
SessionGOn&nd Occ'rs w$en a session ends
SessionGOnStart Occ'rs w$en a session starts
Session #$n$%e#en" in ASP session $n& !on!e'ns
.$en t$e first re)'est comes from t$e cient !rowser* it mar#s t$e !eginning of a new
session" T$is means t$at a session o!(ect is created and a session id is assigned to t$is
session o!(ect on t$e server" T$is session id is now sent to t$e !rowser in an encrypted
form as a session coo#ie" T$e !rowser wi store t$is coo#ie in memory for entire
d'ration 'nti t$e !rowser is cosed" &ac$ s'!se)'ent re)'est from t$e !rowser wi
send t$is coo#ie as part of t$e $eader" T$e server on receiving t$e coo#ie wi #now t$e
corresponding session id and $ence t$e sessions o!(ect"
T$e 0!00+'1 ID is a read-ony va'e t$at 'ni)'ey identifies t$e c'rrent cients to t$e
.e! server" In cassic ASP* session I6s are assigned in a se)'entia manner i"e"* t$e
session I6 1H:;/1=02 is foowed !y t$e session I6 1H:;/1=0?* and so on" T$e
session coo#ie for session I6 1H:;/1=02 wo'd !e stored on t$e cient mac$ine as t$e
coo#ie
.e $ave descri!ed $ow session states are maintained in ,TTP in genera and in ASP
in partic'ar" T$e point of concern t$at we $ave o!served in many we! appications is
t$at t$e coo#ie va'e does not c$ange !etween 'na't$enticated pages and
a't$enticated appication area" Since t$e 'ser session is associated to t$e session
coo#ie* if a maicio's 'ser gets $od of session coo#ie prior to 'ser a't$entication* $e
can access t$e a't$enticated appication area aso" Cassic ASP does not s'pport any
met$od to enforce t$e c$ange of coo#ie va'e"
R!"!5+!0: T$ere are severa ways to circ'mvent t$is pro!em even t$o'g$ t$e ASP
patform itsef does not provide for any way !y w$ic$ t$e session coo#ie va'e can !e
atered" T$ese so'tions can originate eit$er from t$e cient side or in a form of a $eader
directive from t$e server side" T$e so'tions see# to eit$er e+pire t$e session coo#ie or
ann' t$e session coo#ie va'e so t$at t$e session coo#ie va'e on t$e ne+t re)'est
wo'd !e c$anged"
C'':+! !;(+4)*+'1: T$is is a cient side so'tion" .$en t$e ogin page is oaded* a (ava
script f'nction can !e caed w$ic$ wo'd set t$e e+pire parameter of t$e c'rrent coo#ie
to a previo's date" Ipon s'!se)'ent re)'est t$e server wo'd set t$e session coo#ie
va'e to a new string"
A116--+1< 0!00+'1 $'':+! 7)-6!: T$is is a server side so'tion" Is'ay w$en a 'ser
s'!mits $is ogin credentias* t$e re)'est is sent to an intermediate page for
a't$entication J a't$enticate"asp" .e add one more stage of server processing of
ann'ing t$e session coo#ie J ann'session"asp" T$e server can set t$e coo#ie va'e of
t$e ASPS&SSIO%I6 to %I-- 'sing t$e meta tag and set-coo#ie directive"%ow* w$en
t$e re)'est is sent to t$e server for a't$enticate"asp page t$e session coo#ie va'e
wo'd !e n' and t$e re)'est goes aong wit$ IserI6 and password as part of t$e !ody
of t$e re)'est" Ipon a't$entication and setting of session varia!es on t$e server* t$e
server sends a redirect re)'est to t$e cient and sets t$e session coo#ie to a new va'e
in t$e !rowser" %ow a s'!se)'ent re)'ests to a't$entication part of t$e appication wi
'se t$is new session coo#ie va'e"
ASPSESSIONIDJHSDFEKK=KJSHFWEJNDFSERFWERKJN
L'<+1=)0(
A116-0!00+'1=)0
(
)6*/!1*+$)*!=)0( W!-$'"!=)0(
SERVER OBJECT
T$e Server o!(ect provides access to properties and met$ods on t$e server" M'c$ of
f'nctionaity it provides is simpy f'nctionaity t$e we! server itsef 'ses in t$e norma
processing of cient re)'ests and server responses"Its properties and met$ods are
descri!ed !eow:
P4'(!4*+!0
Property Description
ScriptTimeo't Sets or ret'rns t$e ma+im'm n'm!er of seconds a script can r'n
!efore it is terminated
M!*/'50
Method Description
CreateO!(ect Creates an instance of an o!(ect
&+ec'te &+ec'tes an ASP fie from inside anot$er ASP fie
9et-ast&rror() 7et'rns an ASP &rror o!(ect t$at descri!es t$e error condition t$at
occ'rred
,TM-&ncode Appies ,TM- encoding to a specified string
MapPat$ Maps a specified pat$ to a p$ysica pat$
Transfer Sends (transfers) a t$e information created in one ASP fie to a
second ASP fie
I7-&ncode Appies I7- encoding r'es to a specified string
R!>6+4!"!1*0:
Client: 7e)'ires .indows 3P Professiona* .indows ;000 Professiona* or .indows
%T .or#station /"0"
Server: 7e)'ires .indows Server ;00=* .indows ;000 Server* or .indows %T
Server /"0"
Product: IIS
METHODS OF SERVER OBJECT
?1@ S!47!4=C4!)*!O,8!$* M!*/'5
T$e CreateO!(ect met$od creates an instance of a server component" If t$e component
$as impemented t$e OnStartPage and On&ndPage met$ods* t$e OnStartPage met$od
is caed at t$is time
S@%TA3 : CreateO!(ect( progI6)
progI6 specifies t$e type of o!(ect to create"
?2@ S!47!4=E;!$6*! M!*/'5
T$e &+ec'te met$od cas an "asp fie* and processes it as if it were part of t$e caing
ASP script" T$e &+ec'te met$od is simiar to a proced're ca in many programming
ang'ages"
Synta+: &+ec'te( Pat$)
.$ere Pat$ is a string specifying t$e ocation of t$e "asp fie to e+ec'te" T$e Pat$
parameter may !e for eit$er an a!so'te or a reative pat$"
?3@ S!47!4=G!*L)0*E44'4 M!*/'5
T$e 9et-ast&rror met$od ret'rns an ASP&rror O!(ect descri!ing t$e error condition t$at
occ'rred" T$is met$od is avaia!e ony !efore t$e "asp fie $as sent any content to t$e
cient"
Synta+: 9et-ast&rror( )"
T$is met$od $as no parameters "
T$is met$od $as no ret'rn va'es"
?4@ S!47!4=HTMLE1$'5! M!*/'5
T$e ,TM-&ncode met$od appies ,TM- encoding to a specified string" T$is is 'sef'
as a )'ic# met$od of encoding form data and ot$er cient re)'est data !efore 'sing it in
yo'r .e! appication" &ncoding data converts potentiay 'nsafe c$aracters to t$eir
,TM--encoded e)'ivaent"
Synta+: ,TM-&ncode( string )
String specifies t$e string to encode" T$is met$od $as no ret'rn va'es"
?A@ S!47!4=M)(P)*/ M!*/'5
T$e MapPat$ met$od maps t$e specified reative or virt'a pat$ to t$e corresponding
p$ysica directory on t$e server"
Synta+: MapPat$( Pat$)
Pat$ specifies t$e reative or virt'a pat$ to map to a p$ysica directory"
T$is met$od $as no ret'rn va'es"
?@ S!47!4=T4)103!4 M!*/'5
T$e Transfer met$od sends a of t$e information t$at $as !een assem!ed for
processing !y one "asp fie to a second "asp fie"
Synta+: Transfer( Pat$)
Pat$ is t$e ocation of t$e "asp fie to w$ic$ contro s$o'd !e transferred"
T$is met$od $as no ret'rn va'es"
?7@ S!47!4=URLE1$'5! M!*/'5
T$e I7-&ncode met$od appies I7- encoding r'es* inc'ding escape c$aracters* to a
specified string"I7-&ncode converts c$aracters as foows:
Spaces ( ) are converted to p's signs (K)"
%on-ap$an'meric c$aracters are escaped to t$eir $e+adecima representation"
Synta+: I7-&ncode( string )
string specifies t$e string to encode"
T$is met$od $as no ret'rn va'es"
SUMMARY
Active Server Pages (ASP) is a server-side scripting tec$noogy t$at can !e 'sed to
create dynamic and interactive .e! appications" An ASP page is an ,TM- page t$at
contains server-side scripts t$at are processed !y t$e .e! server !efore !eing sent to
t$e 'ser's !rowser" @o' can com!ine ASP wit$ &+tensi!e Mar#'p -ang'age (3M-)*
Component O!(ect Mode (COM)* and ,yperte+t Mar#'p -ang'age (,TM-) to create
powerf' interactive .e! sites"
Server-side scripts r'n w$en a !rowser re)'ests an "asp fie from t$e .e! server" ASP
is caed !y t$e .e! server* w$ic$ processes t$e re)'ested fie from top to !ottom and
e+ec'tes any script commands" It t$en formats a standard .e! page and sends it to t$e
!rowser"
A of t$e ASP pages are written in a scripting ang'age" It is 'p to t$e deveoper* w$ic$
scripting ang'age to c$oose* $owever* most of t$e asp deveopers aro'nd t$e word
'se B<Script and some 'se Lscript or PerScript as we"
S!00+'1 O,8!$*: considered to !e one of t$e most important and 'sef' o!(ect of ASP"
L'st consider its nameM session* w$at comes in yo'r mindC .$enever yo' 'se any
appication* yo' open it and finay yo' cose itM t$is period is caed as a Session" In
order for t$e we! server to #now w$o are yo' and w$at yo' do* ASP provides a 'ni)'e
coo#ie w$ic$ is created for every 'ser" T$e coo#ie is stored at t$e cient side and
contains information t$at can !e 'sed to identify t$e 'ser" T$e Session O!(ect contains
information i#e name* preferences and 'ni)'e 'ser id" Server creates session for every
'ser and destroys it as soon as t$e session e+pires"
S!47!4 O,8!$*: t$e ASP server o!(ect is 'sed to access vario's properties and met$ods
on t$e server* as t$e name impies"