I forgot, help please

Hi Folks

I have seen a method of obtaining all of the SESSION (or COOKIES maybe)
using a "for each" statement.

BUT

I have forgotten how/when/where I saw it.


I am particularly interested in the "automatically generated long
unique string Session Identifier"


Please forgive my "No-Tech" description of what I require - I fear
Senile Decay is happening quicker than I thought.

Best regards
Thank you
Pete (Northolt UK)

Re: I forgot, help please

Should have said "Using ASP on the Server"

p byers wrote:

> Hi Folks
>
> I have seen a method of obtaining all of the SESSION (or COOKIES maybe)
> using a "for each" statement.
>
> BUT
>
> I have forgotten how/when/where I saw it.
>
> I am particularly interested in the "automatically generated long
> unique string Session Identifier"
>
> Please forgive my "No-Tech" description of what I require - I fear
> Senile Decay is happening quicker than I thought.
>
> Best regards
> Thank you
> Pete (Northolt UK)

Re: I forgot, help please

google is your friend....

<%
'Print out the entire cookie collection.
'-----------------------------------------
For Each cookie in Request.Cookies
If Not cookie.HasKeys Then
'Print out the cookie string
%>
<%= cookie %> = <%= Request.Cookies(cookie)%>
<%
Else
'Print out the cookie collection
'------------------------------------------
For Each key in Request.Cookies(cookie)
%>
<%= cookie %> (<%= key %>) = <%= Request.Cookies(cookie)(key)%>
<%
Next
End If
Next
%>

Re: I forgot, help please

About half way down.
http://www.angelfire.com/tx4/cus/notes/asp.html

I add this one, as I like the way he has formatted his code. It is very easy
to read and understand.

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

*************************************************
| Think outside the box!
|
*************************************************
"p byers" wrote in message
news:47921961.6FA91AA6@sst-ltd.co.uk...
> Hi Folks
>
> I have seen a method of obtaining all of the SESSION (or COOKIES maybe)
> using a "for each" statement.
>
> BUT
>
> I have forgotten how/when/where I saw it.
>
>
> I am particularly interested in the "automatically generated long
> unique string Session Identifier"
>
>
> Please forgive my "No-Tech" description of what I require - I fear
> Senile Decay is happening quicker than I thought.
>
> Best regards
> Thank you
> Pete (Northolt UK)
>
>
>

Re: I forgot, help please

"Jon Paal [MSMD]" wrote in message
news:13p49udg2i164c0@corp.supernews.com...
> google is your friend....
>
> <%
> 'Print out the entire cookie collection.
> '-----------------------------------------
> For Each cookie in Request.Cookies
> If Not cookie.HasKeys Then
> 'Print out the cookie string
> %>
> <%= cookie %> = <%= Request.Cookies(cookie)%>
> <%
> Else
> 'Print out the cookie collection
> '------------------------------------------
> For Each key in Request.Cookies(cookie)
> %>
> <%= cookie %> (<%= key %>) = <%= Request.Cookies(cookie)(key)%>
> <%
> Next
> End If
> Next
> %>
>

Close but no banana. ;)

Try:-

Dim cookie, key, subKey
Dim i
'Print out the entire cookie collection.
'-----------------------------------------
For Each key in Request.Cookies
Set cookie = Request.Cookies(key)
If Not cookie.HasKeys Then
'Print out the cookie string
%>
<%=key %> = <%=cookie%>

<%
Else
'Print out the cookie collection
'------------------------------------------
For Each subKey in cookie
%>
<%= key %> (<%= subKey %>) = <%= cookie(subKey)%>

<%
Next
End If
Next


--
Anthony Jones - MVP ASP/ASP.NET

Re: I forgot, help please

chuckle ... ;))

my source is from the MS ASP help file....

Re: I forgot, help please

Thank you both for you quick helpful replies
Pete (Northolt UK)

p byers wrote:

> Hi Folks
>
> I have seen a method of obtaining all of the SESSION (or COOKIES maybe)
> using a "for each" statement.
>
> BUT
>
> I have forgotten how/when/where I saw it.
>
> I am particularly interested in the "automatically generated long
> unique string Session Identifier"
>
> Please forgive my "No-Tech" description of what I require - I fear
> Senile Decay is happening quicker than I thought.
>
> Best regards
> Thank you
> Pete (Northolt UK)

Re: I forgot, help please

"p byers" wrote in message
news:47921961.6FA91AA6@sst-ltd.co.uk...
> Hi Folks
>
> I have seen a method of obtaining all of the SESSION (or COOKIES maybe)
> using a "for each" statement.
>
> BUT
>
> I have forgotten how/when/where I saw it.
>
>
> I am particularly interested in the "automatically generated long
> unique string Session Identifier"
>
>
> Please forgive my "No-Tech" description of what I require - I fear
> Senile Decay is happening quicker than I thought.
>


If you run the code posted elsewhere in this thread you'll get list of the
current cookies in the request. You'll notice though that the one cookie
that you're actually after is missing. It is consumed by ASP in order to
included the correct session object in the script context and is not made
available in the Request.Cookies collection.

You can see it thougn in this:-

Response.Write Request.ServerVariables("HTTP_COOKIE")

But this is simplye the cookie header value in full so will contain all
cookies for the currently location unparsedd.


You could extract it with some Regex:-

Dim sCookieHeader : sCookieHeader = Request.ServerVariables("HTTP_COOKIE")
Dim rgx : Set rgx = NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)", True,
True)
Dim oMatch
For Each oMatch in rgx.Execute(sCookieHeader)
Response.Write oMatch.Value & "
"
Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
Next

Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)

Set NewRegExp = new RegExp
NewRegExp.Pattern = rsPattern
NewRegExp.Global = rbGlobal
NewRegExp.IgnoreCase = rbCaseInsensitive

End Function


However if you were to unload the app or recycle the app pool you will start
to see multiple ASPSESSIONIDxxxxx headers. I guess you will need to know
which is the current one, its guess because I'm not sure how any of this
would be useful?



--
Anthony Jones - MVP ASP/ASP.NET

Re: I forgot, help please

Anthony wrote on Sat, 19 Jan 2008 22:23:58 -0000:

> "p byers" wrote in message
> news:47921961.6FA91AA6@sst-ltd.co.uk...
>> Hi Folks

>> I have seen a method of obtaining all of the SESSION (or COOKIES
>> maybe)
>> using a "for each" statement.

>> BUT

>> I have forgotten how/when/where I saw it.


>> I am particularly interested in the "automatically generated long
>> unique string Session Identifier"


>> Please forgive my "No-Tech" description of what I require - I fear
>> Senile Decay is happening quicker than I thought.



> If you run the code posted elsewhere in this thread you'll get list of
> the current cookies in the request. You'll notice though that the one
> cookie that you're actually after is missing. It is consumed by ASP in
> order to included the correct session object in the script context and
> is not made available in the Request.Cookies collection.

> You can see it thougn in this:-

> Response.Write Request.ServerVariables("HTTP_COOKIE")

> But this is simplye the cookie header value in full so will contain all
> cookies for the currently location unparsedd.


> You could extract it with some Regex:-

> Dim sCookieHeader : sCookieHeader =
> Request.ServerVariables("HTTP_COOKIE")
> Dim rgx : Set rgx = NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)",
> True,
> True)
> Dim oMatch
> For Each oMatch in rgx.Execute(sCookieHeader)
> Response.Write oMatch.Value & "
"
> Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
> Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
> Next

> Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)

> Set NewRegExp = new RegExp
> NewRegExp.Pattern = rsPattern
> NewRegExp.Global = rbGlobal
> NewRegExp.IgnoreCase = rbCaseInsensitive

> End Function


> However if you were to unload the app or recycle the app pool you will
> start to see multiple ASPSESSIONIDxxxxx headers. I guess you will
> need to know which is the current one, its guess because I'm not sure
> how any of this would be useful?


Doesn't

Response.Write Session.SessionID

return the appropriate session ID value that is currently in use (assuming
that sessions are enabled of course).

--
Dan

Re: I forgot, help please

Daniel wrote to Anthony Jones on Mon, 21 Jan 2008 13:38:05 -0000:

> Anthony wrote on Sat, 19 Jan 2008 22:23:58 -0000:

>> "p byers" wrote in message
>> news:47921961.6FA91AA6@sst-ltd.co.uk...
>>> Hi Folks

>>> I have seen a method of obtaining all of the SESSION (or COOKIES
>>> maybe)
>>> using a "for each" statement.

>>> BUT

>>> I have forgotten how/when/where I saw it.


>>> I am particularly interested in the "automatically generated long
>>> unique string Session Identifier"


>>> Please forgive my "No-Tech" description of what I require - I fear
>>> Senile Decay is happening quicker than I thought.



>> If you run the code posted elsewhere in this thread you'll get list
>> of the current cookies in the request. You'll notice though that the
>> one cookie that you're actually after is missing. It is consumed by
>> ASP in order to included the correct session object in the script
>> context and is not made available in the Request.Cookies collection.

>> You can see it thougn in this:-

>> Response.Write Request.ServerVariables("HTTP_COOKIE")

>> But this is simplye the cookie header value in full so will contain
>> all cookies for the currently location unparsedd.


>> You could extract it with some Regex:-

>> Dim sCookieHeader : sCookieHeader =
>> Request.ServerVariables("HTTP_COOKIE")
>> Dim rgx : Set rgx = NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)",
>> True,
>> True)
>> Dim oMatch
>> For Each oMatch in rgx.Execute(sCookieHeader)
>> Response.Write oMatch.Value & "
"
>> Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
>> Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
>> Next

>> Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)

>> Set NewRegExp = new RegExp
>> NewRegExp.Pattern = rsPattern
>> NewRegExp.Global = rbGlobal
>> NewRegExp.IgnoreCase = rbCaseInsensitive

>> End Function


>> However if you were to unload the app or recycle the app pool you
>> will start to see multiple ASPSESSIONIDxxxxx headers. I guess you
>> will need to know which is the current one, its guess because I'm not
>> sure how any of this would be useful?


> Doesn't

> Response.Write Session.SessionID

> return the appropriate session ID value that is currently in use
> (assuming that sessions are enabled of course).

Sorry for not posting a complete reply.

Anyway, once you've got the value of Session.SessionID, you should then be
able to compare it's value to the ASPSESSIONIDxxxxx values and find the
correct one, assuming that you don't have two with the same value (which
shouldn't happen normally, but there's always a chance).

--
Dan

Re: I forgot, help please

"Daniel Crichton" wrote in message
news:OdwRtSDXIHA.6140@TK2MSFTNGP02.phx.gbl...
> Daniel wrote to Anthony Jones on Mon, 21 Jan 2008 13:38:05 -0000:
>
> > Anthony wrote on Sat, 19 Jan 2008 22:23:58 -0000:
>
> >> "p byers" wrote in message
> >> news:47921961.6FA91AA6@sst-ltd.co.uk...
> >>> Hi Folks
>
> >>> I have seen a method of obtaining all of the SESSION (or COOKIES
> >>> maybe)
> >>> using a "for each" statement.
>
> >>> BUT
>
> >>> I have forgotten how/when/where I saw it.
>
>
> >>> I am particularly interested in the "automatically generated long
> >>> unique string Session Identifier"
>
>
> >>> Please forgive my "No-Tech" description of what I require - I fear
> >>> Senile Decay is happening quicker than I thought.
>
>
>
> >> If you run the code posted elsewhere in this thread you'll get list
> >> of the current cookies in the request. You'll notice though that the
> >> one cookie that you're actually after is missing. It is consumed by
> >> ASP in order to included the correct session object in the script
> >> context and is not made available in the Request.Cookies collection.
>
> >> You can see it thougn in this:-
>
> >> Response.Write Request.ServerVariables("HTTP_COOKIE")
>
> >> But this is simplye the cookie header value in full so will contain
> >> all cookies for the currently location unparsedd.
>
>
> >> You could extract it with some Regex:-
>
> >> Dim sCookieHeader : sCookieHeader =
> >> Request.ServerVariables("HTTP_COOKIE")
> >> Dim rgx : Set rgx = NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)",
> >> True,
> >> True)
> >> Dim oMatch
> >> For Each oMatch in rgx.Execute(sCookieHeader)
> >> Response.Write oMatch.Value & "
"
> >> Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
> >> Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
> >> Next
>
> >> Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)
>
> >> Set NewRegExp = new RegExp
> >> NewRegExp.Pattern = rsPattern
> >> NewRegExp.Global = rbGlobal
> >> NewRegExp.IgnoreCase = rbCaseInsensitive
>
> >> End Function
>
>
> >> However if you were to unload the app or recycle the app pool you
> >> will start to see multiple ASPSESSIONIDxxxxx headers. I guess you
> >> will need to know which is the current one, its guess because I'm not
> >> sure how any of this would be useful?
>
>
> > Doesn't
>
> > Response.Write Session.SessionID
>
> > return the appropriate session ID value that is currently in use
> > (assuming that sessions are enabled of course).
>
> Sorry for not posting a complete reply.
>
> Anyway, once you've got the value of Session.SessionID, you should then be
> able to compare it's value to the ASPSESSIONIDxxxxx values and find the
> correct one, assuming that you don't have two with the same value (which
> shouldn't happen normally, but there's always a chance).
>

Its a good point. I was working on the assumption that SessionID is not
useful for some reason. I didn't occur to me that the OP may not be aware of
its existance.

I'm not sure why there would be any need to compare it to the cookie value
though. Also I'm not sure how or even if its possible to map the value of
SessionID to the cooke value.

--
Anthony Jones - MVP ASP/ASP.NET

Re: I forgot, help please

Anthony wrote on Mon, 21 Jan 2008 21:57:23 -0000:

> "Daniel Crichton" wrote in message
> news:OdwRtSDXIHA.6140@TK2MSFTNGP02.phx.gbl...
>> Daniel wrote to Anthony Jones on Mon, 21 Jan 2008 13:38:05 -0000:

>>> Anthony wrote on Sat, 19 Jan 2008 22:23:58 -0000:

>>>> "p byers" wrote in message
>>>> news:47921961.6FA91AA6@sst-ltd.co.uk...
>>>>> Hi Folks

>>>>> I have seen a method of obtaining all of the SESSION (or COOKIES
>>>>> maybe)
>>>>> using a "for each" statement.

>>>>> BUT

>>>>> I have forgotten how/when/where I saw it.


>>>>> I am particularly interested in the "automatically generated long
>>>>> unique string Session Identifier"


>>>>> Please forgive my "No-Tech" description of what I require - I
>>>>> fear
>>>>> Senile Decay is happening quicker than I thought.



>>>> If you run the code posted elsewhere in this thread you'll get list
>>>> of the current cookies in the request. You'll notice though that
>>>> the one cookie that you're actually after is missing. It is
>>>> consumed by
>>>> ASP in order to included the correct session object in the script
>>>> context and is not made available in the Request.Cookies
>>>> collection.

>>>> You can see it thougn in this:-

>>>> Response.Write Request.ServerVariables("HTTP_COOKIE")

>>>> But this is simplye the cookie header value in full so will contain
>>>> all cookies for the currently location unparsedd.


>>>> You could extract it with some Regex:-

>>>> Dim sCookieHeader : sCookieHeader =
>>>> Request.ServerVariables("HTTP_COOKIE")
>>>> Dim rgx : Set rgx =
>>>> NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)",
>>>> True,
>>>> True)
>>>> Dim oMatch
>>>> For Each oMatch in rgx.Execute(sCookieHeader)
>>>> Response.Write oMatch.Value & "
"
>>>> Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
>>>> Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
>>>> Next

>>>> Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)

>>>> Set NewRegExp = new RegExp
>>>> NewRegExp.Pattern = rsPattern
>>>> NewRegExp.Global = rbGlobal
>>>> NewRegExp.IgnoreCase = rbCaseInsensitive

>>>> End Function


>>>> However if you were to unload the app or recycle the app pool you
>>>> will start to see multiple ASPSESSIONIDxxxxx headers. I guess you
>>>> will need to know which is the current one, its guess because I'm
>>>> not sure how any of this would be useful?


>>> Doesn't

>>> Response.Write Session.SessionID

>>> return the appropriate session ID value that is currently in use
>>> (assuming that sessions are enabled of course).

>> Sorry for not posting a complete reply.

>> Anyway, once you've got the value of Session.SessionID, you should
>> then be able to compare it's value to the ASPSESSIONIDxxxxx values
>> and find the correct one, assuming that you don't have two with the
>> same value (which shouldn't happen normally, but there's always a
>> chance).


> Its a good point. I was working on the assumption that SessionID is not
> useful for some reason. I didn't occur to me that the OP may not be
> aware of its existance.

> I'm not sure why there would be any need to compare it to the cookie
> value though. Also I'm not sure how or even if its possible to map the
> value of
> SessionID to the cooke value.

Given that you can parse the HTTP_COOKIE header, and so extract the values
for each ASPSESSIONIDxxxxxx cookie, and using the value of .SessionID, you
should then be able to find the ASPSESSIONIDxxxxxx cookie that is passing
the SessionID. Whether this is useful to know or not is anyone's guess :P

But at least there is a way of getting the "automatically generated long
unique string Session Identifier" that the OP was asking for, which should
be Session.SessionID.

--
Dan

Re: I forgot, help please

"Daniel Crichton" wrote in message
news:uh1XhrNXIHA.1164@TK2MSFTNGP02.phx.gbl...
> Anthony wrote on Mon, 21 Jan 2008 21:57:23 -0000:
>
> > "Daniel Crichton" wrote in message
> > news:OdwRtSDXIHA.6140@TK2MSFTNGP02.phx.gbl...
> >> Daniel wrote to Anthony Jones on Mon, 21 Jan 2008 13:38:05 -0000:
>
> >>> Anthony wrote on Sat, 19 Jan 2008 22:23:58 -0000:
>
> >>>> "p byers" wrote in message
> >>>> news:47921961.6FA91AA6@sst-ltd.co.uk...
> >>>>> Hi Folks
>
> >>>>> I have seen a method of obtaining all of the SESSION (or COOKIES
> >>>>> maybe)
> >>>>> using a "for each" statement.
>
> >>>>> BUT
>
> >>>>> I have forgotten how/when/where I saw it.
>
>
> >>>>> I am particularly interested in the "automatically generated long
> >>>>> unique string Session Identifier"
>
>
> >>>>> Please forgive my "No-Tech" description of what I require - I
> >>>>> fear
> >>>>> Senile Decay is happening quicker than I thought.
>
>
>
> >>>> If you run the code posted elsewhere in this thread you'll get list
> >>>> of the current cookies in the request. You'll notice though that
> >>>> the one cookie that you're actually after is missing. It is
> >>>> consumed by
> >>>> ASP in order to included the correct session object in the script
> >>>> context and is not made available in the Request.Cookies
> >>>> collection.
>
> >>>> You can see it thougn in this:-
>
> >>>> Response.Write Request.ServerVariables("HTTP_COOKIE")
>
> >>>> But this is simplye the cookie header value in full so will contain
> >>>> all cookies for the currently location unparsedd.
>
>
> >>>> You could extract it with some Regex:-
>
> >>>> Dim sCookieHeader : sCookieHeader =
> >>>> Request.ServerVariables("HTTP_COOKIE")
> >>>> Dim rgx : Set rgx =
> >>>> NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)",
> >>>> True,
> >>>> True)
> >>>> Dim oMatch
> >>>> For Each oMatch in rgx.Execute(sCookieHeader)
> >>>> Response.Write oMatch.Value & "
"
> >>>> Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
> >>>> Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
> >>>> Next
>
> >>>> Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)
>
> >>>> Set NewRegExp = new RegExp
> >>>> NewRegExp.Pattern = rsPattern
> >>>> NewRegExp.Global = rbGlobal
> >>>> NewRegExp.IgnoreCase = rbCaseInsensitive
>
> >>>> End Function
>
>
> >>>> However if you were to unload the app or recycle the app pool you
> >>>> will start to see multiple ASPSESSIONIDxxxxx headers. I guess you
> >>>> will need to know which is the current one, its guess because I'm
> >>>> not sure how any of this would be useful?
>
>
> >>> Doesn't
>
> >>> Response.Write Session.SessionID
>
> >>> return the appropriate session ID value that is currently in use
> >>> (assuming that sessions are enabled of course).
>
> >> Sorry for not posting a complete reply.
>
> >> Anyway, once you've got the value of Session.SessionID, you should
> >> then be able to compare it's value to the ASPSESSIONIDxxxxx values
> >> and find the correct one, assuming that you don't have two with the
> >> same value (which shouldn't happen normally, but there's always a
> >> chance).
>
>
> > Its a good point. I was working on the assumption that SessionID is not
> > useful for some reason. I didn't occur to me that the OP may not be
> > aware of its existance.
>
> > I'm not sure why there would be any need to compare it to the cookie
> > value though. Also I'm not sure how or even if its possible to map the
> > value of
> > SessionID to the cooke value.
>
> Given that you can parse the HTTP_COOKIE header, and so extract the values
> for each ASPSESSIONIDxxxxxx cookie, and using the value of .SessionID, you
> should then be able to find the ASPSESSIONIDxxxxxx cookie that is passing
> the SessionID. Whether this is useful to know or not is anyone's guess :P
>
> But at least there is a way of getting the "automatically generated long
> unique string Session Identifier" that the OP was asking for, which should
> be Session.SessionID.

Ah but is it though? That's the point I'm trying to make. Perhaps a sample
will make it clear:-

Session ID: <%=Session.SessionID%>



<%
Dim sCookieHeader : sCookieHeader = Request.ServerVariables("HTTP_COOKIE")
Dim oMatch
For Each oMatch in NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)", True,
True).Execute(sCookieHeader)
Response.Write oMatch.Value & "
"
Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
Next

Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)

Set NewRegExp = new RegExp
NewRegExp.Pattern = rsPattern
NewRegExp.Global = rbGlobal
NewRegExp.IgnoreCase = rbCaseInsensitive

End Function
%>

Hit a page with this code in and refresh it for good measure. Then go into
IIS manager and recycle the app pool (or unload the app from the home
directory tab if using 5.1 or below).

Now referesh the page a couple more times. You'll note that you end up with
two ASPSESSIONIDxxxxxxx cookies. For example I end up with:-

Session ID: 771969469

ASPSESSIONIDSSTDDBCA=LMAPAAOCHCCELDPEKPDAOECH
App Instance: SSTDDBCA
Session Code: LMAPAAOCHCCELDPEKPDAOECH
ASPSESSIONIDSQTABCDA=NLBFDAOCKCODENCGMBCCMIHH
App Instance: SQTABCDA
Session Code: NLBFDAOCKCODENCGMBCCMIHH

So the big question is how do I determine which of LMAPAAOCHCCELDPEKPDAOECH
or NLBFDAOCKCODENCGMBCCMIHH is equivalent to 771969469?

It is not apparent to me how these can be reconciled.

--
Anthony Jones - MVP ASP/ASP.NET

Re: I forgot, help please

Anthony wrote on Tue, 22 Jan 2008 10:17:17 -0000:

> "Daniel Crichton" wrote in message
> news:uh1XhrNXIHA.1164@TK2MSFTNGP02.phx.gbl...
>> Anthony wrote on Mon, 21 Jan 2008 21:57:23 -0000:

>>> "Daniel Crichton" wrote in message
>>> news:OdwRtSDXIHA.6140@TK2MSFTNGP02.phx.gbl...
>>>> Daniel wrote to Anthony Jones on Mon, 21 Jan 2008 13:38:05 -0000:

>>>>> Anthony wrote on Sat, 19 Jan 2008 22:23:58 -0000:

>>>>>> "p byers" wrote in message
>>>>>> news:47921961.6FA91AA6@sst-ltd.co.uk...
>>>>>>> Hi Folks

>>>>>>> I have seen a method of obtaining all of the SESSION (or
>>>>>>> COOKIES maybe)
>>>>>>> using a "for each" statement.

>>>>>>> BUT

>>>>>>> I have forgotten how/when/where I saw it.


>>>>>>> I am particularly interested in the "automatically generated
>>>>>>> long unique string Session Identifier"


>>>>>>> Please forgive my "No-Tech" description of what I require - I
>>>>>>> fear
>>>>>>> Senile Decay is happening quicker than I thought.



>>>>>> If you run the code posted elsewhere in this thread you'll get
>>>>>> list of the current cookies in the request. You'll notice though
>>>>>> that the one cookie that you're actually after is missing. It is
>>>>>> consumed by
>>>>>> ASP in order to included the correct session object in the script
>>>>>> context and is not made available in the Request.Cookies
>>>>>> collection.

>>>>>> You can see it thougn in this:-

>>>>>> Response.Write Request.ServerVariables("HTTP_COOKIE")

>>>>>> But this is simplye the cookie header value in full so will
>>>>>> contain all cookies for the currently location unparsedd.


>>>>>> You could extract it with some Regex:-

>>>>>> Dim sCookieHeader : sCookieHeader =
>>>>>> Request.ServerVariables("HTTP_COOKIE")
>>>>>> Dim rgx : Set rgx =
>>>>>> NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)",
>>>>>> True,
>>>>>> True)
>>>>>> Dim oMatch
>>>>>> For Each oMatch in rgx.Execute(sCookieHeader)
>>>>>> Response.Write oMatch.Value & "
"
>>>>>> Response.Write "App Instance: " & oMatch.SubMatches(0) & " >>>>>> />"
>>>>>> Response.Write "Session Code: " & oMatch.SubMatches(1) & " >>>>>> />"
>>>>>> Next

>>>>>> Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)

>>>>>> Set NewRegExp = new RegExp
>>>>>> NewRegExp.Pattern = rsPattern
>>>>>> NewRegExp.Global = rbGlobal
>>>>>> NewRegExp.IgnoreCase = rbCaseInsensitive

>>>>>> End Function


>>>>>> However if you were to unload the app or recycle the app pool you
>>>>>> will start to see multiple ASPSESSIONIDxxxxx headers. I guess
>>>>>> you will need to know which is the current one, its guess because
>>>>>> I'm not sure how any of this would be useful?


>>>>> Doesn't

>>>>> Response.Write Session.SessionID

>>>>> return the appropriate session ID value that is currently in use
>>>>> (assuming that sessions are enabled of course).

>>>> Sorry for not posting a complete reply.

>>>> Anyway, once you've got the value of Session.SessionID, you should
>>>> then be able to compare it's value to the ASPSESSIONIDxxxxx values
>>>> and find the correct one, assuming that you don't have two with the
>>>> same value (which shouldn't happen normally, but there's always a
>>>> chance).


>>> Its a good point. I was working on the assumption that SessionID is
>>> not useful for some reason. I didn't occur to me that the OP may not
>>> be aware of its existance.

>>> I'm not sure why there would be any need to compare it to the cookie
>>> value though. Also I'm not sure how or even if its possible to map
>>> the value of
>>> SessionID to the cooke value.

>> Given that you can parse the HTTP_COOKIE header, and so extract the
>> values for each ASPSESSIONIDxxxxxx cookie, and using the value of
>> .SessionID, you should then be able to find the ASPSESSIONIDxxxxxx
>> cookie that is passing the SessionID. Whether this is useful to know
>> or not is anyone's guess :P

>> But at least there is a way of getting the "automatically generated
>> long unique string Session Identifier" that the OP was asking for,
>> which should be Session.SessionID.

> Ah but is it though? That's the point I'm trying to make. Perhaps a
> sample will make it clear:-

> Session ID: <%=Session.SessionID%>

>

> <%
> Dim sCookieHeader : sCookieHeader =
> Request.ServerVariables("HTTP_COOKIE")
> Dim oMatch
> For Each oMatch in NewRegExp("ASPSESSIONID([A-Z0-9]+)=([A-Z0-9]+)",
> True,
> True).Execute(sCookieHeader)
> Response.Write oMatch.Value & "
"
> Response.Write "App Instance: " & oMatch.SubMatches(0) & "
"
> Response.Write "Session Code: " & oMatch.SubMatches(1) & "
"
> Next

> Function NewRegExp(rsPattern, rbGlobal, rbCaseInsensitive)

> Set NewRegExp = new RegExp
> NewRegExp.Pattern = rsPattern
> NewRegExp.Global = rbGlobal
> NewRegExp.IgnoreCase = rbCaseInsensitive

> End Function %>

> Hit a page with this code in and refresh it for good measure. Then go
> into
> IIS manager and recycle the app pool (or unload the app from the home
> directory tab if using 5.1 or below).

> Now referesh the page a couple more times. You'll note that you end up
> with two ASPSESSIONIDxxxxxxx cookies. For example I end up with:-

> Session ID: 771969469

> ASPSESSIONIDSSTDDBCA=LMAPAAOCHCCELDPEKPDAOECH
> App Instance: SSTDDBCA
> Session Code: LMAPAAOCHCCELDPEKPDAOECH
> ASPSESSIONIDSQTABCDA=NLBFDAOCKCODENCGMBCCMIHH
> App Instance: SQTABCDA
> Session Code: NLBFDAOCKCODENCGMBCCMIHH

> So the big question is how do I determine which of
> LMAPAAOCHCCELDPEKPDAOECH or NLBFDAOCKCODENCGMBCCMIHH is equivalent
> to 771969469?

> It is not apparent to me how these can be reconciled.

In that case just call me an idiot - I had assumed (obviously incorrectly)
that the SessionID value matched the current cookie value. Next time I'll
actually test my assumption before posting, I normally would have but I've
had my head dug in ASP for the past few weeks for a new web site we just
launched.

--
Dan