Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here


Microsoft: ASP (Active Server Pages) FAQ

session variables

Can I use session variables if the user does not have cookies enabled? by onpnt
Posted: 27 Aug 02

There has been a question asked multiple times lately on the relationship between cookies and session variables and I have yet to see a complete explanation on the main question being "Will session variables work if cookies are disabled".  It drove me nuts seeing everyone going back and forth on this one so I did the tests and did the research and this is what I have for my results along with the answer to the question.
Here is a simple test I performed
With cookies disabled
response.write(session.sessionID &"<br>")
session("var2") = "didn't need cookies" & "<br>"
response.write "the session variable contains " & session("var2")
Now of course this worked fine.  I even received a session ID.
Here's what I got

the session variable contains didn't need cookies
However, when I tried to call this variable on the next page
response.write "The session variable contains " & session("var2")
I recieved this
The session variable contains the session variable contains

So it did not work with cookies disabled.  So, with these results in hand I am confident in stating
"The user must have cookies enabled in order for you to use a session variable ACROSS the pages of the site"

I think that is the main comment here.  The session variables will work in one page of course, but when you try to call upon this variable in the next page you will not receive its value.  

Here is the best article I found on this issue thus far and if I find more then I will add, but I think it along with this test pretty much sums it up.

(By the way, when I enabled cookies the test worked fine)

This is from http://www.4guysfromrolla.com/

Question: For session variables to work, must the Web visitor have cookies enabled?

Answer: Kind of. Session variables are bits of information that can be stored on a user-by-user basis. These bits of information are stored on the Web server. To tie these bits of memory with a particular user, for session variables to persist across Web pages, the user must have cookies enabled. When a user first visits a page on a site that uses Session variables, two things happen:

-- A block of memory is allocated for that particular user's session variables on the Web server. This block of memory is identified by a unique SessionID
-- A cookie is written to the user's computer, storing the value of the SessionID

When the user visits another page on the site that uses session variables, the users SessionID cookie is referenced to determine if the user already has a session variable memory block setup. If he does, the values that are stored there are referenced. Through this mechanism, one can create seemingly "global" variables that persist from one page to another.

Back to Microsoft: ASP (Active Server Pages) FAQ Index
Back to Microsoft: ASP (Active Server Pages) Forum

My Archive

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close