Remove From My Forums

Session.Abandon(); not working...

Question

User-92576484 posted

I've got a setup that uses both classic asp and asp.net pages. In order to share session variables I create cookies that are equal to the session variables that I need. Then redirect the page to a .aspx page that takes the cookies, sets session variables in asp.net based off of the cookies, deletes the cookies, and then I'm good to go.

The only issue I'm having is that when I do a Session.Abandon(); in asp.net to logout, the session doesn't end.

Here is my code to get the cookies and set session variabes in .aspx:

*It's in my page load event*

if (Session["loggedIn"] == null)
        {
            if (Request.Cookies["sessionInfo"] != null)
            {
                HttpCookie myCookie = Request.Cookies.Get("sessionInfo");
                myCookie.Name = "sessionInfo";

                Session["logged"] =
                  Convert.ToBoolean(myCookie["logged"].ToString());
                Session["userID"] =
                  Convert.ToInt32(myCookie["userID"].ToString());

                myCookie.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(myCookie);

            }
            else
            {
                Response.Redirect("../login.asp");
            }
        }

Here is how I try to kill the session on the.aspx side:

    protected void Page_Load(object sender, EventArgs e)
    {
        Session.Abandon();
        Response.Redirect("../login.asp");
    }

Any help is appreciated. Thanks!

Friday, November 21, 2008 6:46 PM

Answers

0

Sign in to vote
User527778624 posted

HI,

try this before calling session.Abandon() :

session.Remove("logged"); or session("logged")=null;

--------------------------------------------

Happy Coding.
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Saturday, November 22, 2008 8:02 AM
0

Sign in to vote
User-99544339 posted

Maybe this will work, i used it in a previous project:

            Session.Abandon();

            Session.Contents.Abandon();
            Session.Contents.RemoveAll();
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Monday, November 24, 2008 11:46 AM

All replies

0

Sign in to vote

User-99544339 posted
Here from the API:

When the Abandon method is called, the current Session object is queued for deletion but is not actually deleted until all of the script commands on the current page have been processed. This means that you can access variables stored in the Session object on the same page as the call to the Abandon method but not in any subsequent Web pages.

http://msdn.microsoft.com/en-us/library/ms524310.aspx

Friday, November 21, 2008 7:12 PM
0

Sign in to vote
User527778624 posted

HI,

try this before calling session.Abandon() :

session.Remove("logged"); or session("logged")=null;

--------------------------------------------

Happy Coding.
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Saturday, November 22, 2008 8:02 AM

User-92576484 posted

Hey guys, I made the changes but the session variable is not clearing. Also, I am redirecting, so it can't be the issue w/ session variables persisting in the same page.

Here's my update code:

public partial class logout : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        Session["logged"] = null;
        Session["admin"] = null;
        Session["userID"] = null;
        Session.Abandon();
        Response.Redirect("../login.asp");
    }
}

It looks like everything works. No error, and I get redirected to login.asp. Then if I type in the URL of a page in my site, the session variable is still there.

I test this by outputting the session variable to a label, plus my code is supposed to redirect the user to login.asp if session["logged"]=null.

 lblSessionTest.Text = Session["logged"].ToString();
 
The above code outputs "True" to lblSessionTest on a page I'll go to after abandoning the session variables. This is driving me nuts

Monday, November 24, 2008 11:34 AM

0

Sign in to vote
User-99544339 posted

Maybe this will work, i used it in a previous project:

            Session.Abandon();

            Session.Contents.Abandon();
            Session.Contents.RemoveAll();
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Monday, November 24, 2008 11:46 AM

User-92576484 posted

Nice, that worked. It now looks like my cookies aren't deleting. For example, if I go back to my page that sets the session variables equal to cookies after logging out, the session variables populate again based off of the cookies. After that the other pages work also. But If I log out and go to any other page, I get redirected to the login.

if (Session["logged"] == null)
        {
            if (Request.Cookies["sessionInfo"] != null)
            {
                HttpCookie myCookie = Request.Cookies.Get("sessionInfo");
                myCookie.Name = "sessionInfo";

                Session["logged"] =
                  Convert.ToBoolean(myCookie["logged"].ToString());
                Session["userID"] =
                  Convert.ToInt32(myCookie["userID"].ToString());

                myCookie.Expires = DateTime.Now.AddDays(-1);
                 Response.Cookies.Add(myCookie);

            }
            else
            {
                Response.Redirect("../login.asp");
            }
        }

Monday, November 24, 2008 1:05 PM

Answered by:

Session.Abandon(); not working...

Question

Answers

All replies