Session Tracking

Originally, critics accused the Internet and e-business of failing to provide the kind of customized service typically experienced in "brick-and-mortar" stores. To address this problem, e-businesses began to establish mechanisms by which they could personalize users' browsing experiences, tailoring content to individual users while enabling them to bypass irrelevant information. Businesses achieve this level of service by tracking each customer's movement through the Internet and combining the collected data with information provided by the consumer, including billing information, personal preferences, interests and hobbies.

Personalization

Personalization makes it possible for e-businesses to communicate effectively with their customers and also improves users' ability to locate desired products and services. Companies that provide content of particular interest to users can establish relationships with customers and build on those relationships over time. Furthermore, by targeting consumers with personal offers, recommendations, advertisements, promotions and services, e-businesses create customer loyalty. Web sites can use sophisticated technology to allow visitors to customize home pages to suit their individual needs and preferences. Similarly, online shopping sites often store personal information for customers, tailoring notifications and special offers to their interests. Such services encourage customers to visit sites more frequently and make purchases more regularly.

Privacy

A trade-off exists, however, between personalized e-business service and protection of privacy. Some consumers embrace the idea of tailored content, but others fear the possible adverse consequences if the info they provide to e-businesses is released or collected by tracking technologies. Consumers and privacy advocates ask: What if the e-business to which we give personal data sells or gives that information to another organization without our knowledge? What if we do not want our actions on the Interneta supposedly anonymous mediumto be tracked and recorded by unknown parties? What if unauthorized parties gain access to sensitive private data, such as credit-card numbers or medical history? All of these are questions that must be debated and addressed by programmers, consumers, e-businesses and lawmakers alike.

Recognizing Clients

To provide personalized services to consumers, e-businesses must be able to recognize clients when they request information from a site. As we have discussed, the request/response system on which the Web operates is facilitated by HTTP. Unfortunately, HTTP is a stateless protocolit does not support persistent connections that would enable Web servers to maintain state information regarding particular clients. This means that Web servers cannot determine whether a request comes from a particular client or whether the same or different clients generate a series of requests. To circumvent this problem, sites can provide mechanisms by which they identify individual clients. A session represents a unique client on a Web site. If the client leaves a site and then returns later, the client will still be recognized as the same user. To help the server distinguish among clients, each client must identify itself to the server. Tracking individual clients, known as session tracking, can be achieved in a number of ways. One popular technique uses cookies (Section 21.6.1); another uses ASP.NET's HttpSessionState object (Section 21.6.2). Additional sessiontracking techniques include the use of input form elements of type "hidden" and URL rewriting. Using "hidden" form elements, a Web Form can write session-tracking data into a form in the Web page that it returns to the client in response to a prior request. When the user submits the form in the new Web page, all the form data, including the "hidden" fields, is sent to the form handler on the Web server. When a Web site performs URL rewriting, the Web Form embeds session-tracking information directly in the URLs of hyperlinks that the user clicks to send subsequent requests to the Web server.

Note that our previous examples set the Web Form's EnableSessionState property to False. However, because we wish to use session tracking in the following examples, we keep this property's default settingtrue.

21.6.1. Cookies

Cookies provide Web developers with a tool for personalizing Web pages. A cookie is a piece of data stored in a small text file on the user's computer. A cookie maintains information about the client during and between browser sessions. The first time a user visits the Web site, the user's computer might receive a cookie; this cookie is then reactivated each time the user revisits that site. The collected information is intended to be an anonymous record containing data that is used to personalize the user's future visits to the site. For example, cookies in a shopping application might store unique identifiers for users. When a user adds items to an online shopping cart or performs another task resulting in a request to the Web server, the server receives a cookie containing the user's unique identifier. The server then uses the unique identifier to locate the shopping cart and perform any necessary processing.

In addition to identifying users, cookies also can indicate clients' shopping preferences. When a Web Form receives a request from a client, the Web Form can examine the cookie(s) it sent to the client during previous communications, identify the client's preferences and immediately display products of interest to the client.

Every HTTP-based interaction between a client and a server includes a header containing information either about the request (when the communication is from the client to the server) or about the response (when the communication is from the server to the client). When a Web Form receives a request, the header includes information such as the request type (e.g., Get) and any cookies that have been sent previously from the server to be stored on the client machine. When the server formulates its response, the header information contains any cookies the server wants to store on the client computer and other information, such as the MIME type of the response.

The expiration date of a cookie determines how long the cookie remains on the client's computer. If you do not set an expiration date for a cookie, the Web browser maintains the cookie for the duration of the browsing session. Otherwise, the Web browser maintains the cookie until the expiration date occurs. When the browser requests a resource from a Web server, cookies previously sent to the client by that Web server are returned to the Web server as part of the request formulated by the browser. Cookies are deleted when they expire.

Portability Tip 21 3

Clients may disable cookies in their Web browsers to ensure that their privacy is protected. Such clients will experience difficulty using Web applications that depend on cookies to maintain state information.

 

Using Cookies to Provide Book Recommendations

The next Web application demonstrates the use of cookies. The example contains two pages. In the first page (Figs. 21.2321.24), users select a favorite programming language from a group of radio buttons and submit the XHTML form to the Web server for processing. The Web server responds by creating a cookie that stores a record of the chosen language, as well as the ISBN number for a book on that topic. The server then returns an XHTML document to the browser, allowing the user either to select another favorite programming language or to view the second page in our application (Figs. 21.25 and 21.26), which lists recommended books pertaining to the programming language that the user selected previously. When the user clicks the hyperlink, the cookies previously stored on the client are read and used to form the list of book recommendations.

Figure 21.23. ASPX file that presents a list of programming languages.

 1 <%-- Fig. 21.23: Options.aspx --%>
 2 <%-- Allows client to select programming languages and access --%>
 3 <%-- book recommendations. --%>
 4 <%@ Page Language="C#" AutoEventWireup="true"
 5 CodeFile="Options.aspx.cs" Inherits="Options" %>
 6
 7  "-//W3C//DTD XHTML 1.1//EN"
 8 "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 9
10 
"http://www.w3.org/1999/xhtml" > 11 "server"> 12 Cookies 13 14 15 "form1" runat="server"> 16

17 "promptLabel" runat="server" Font-Bold="True" 18 Font-Size="Large" Text="Select a programming language:"> 19 20 21 "languageList" runat="server"> 22 Visual Basic 2005 23 Visual C# 2005 24 C 25 C++ 26 Java 27 28 29 "submitButton" runat="server" Text="Submit" /> 30 31 "responseLabel" runat="server" Font-Bold="True" 32 Font-Size="Large" Text="Welcome to cookies!" 33 Visible="False"> 34

35 36 "languageLink" runat="server" 37 Visible="False" NavigateUrl="~/Options.aspx"> 38 Click here to choose another language 39

40 41 "recommendationsLink" runat="server" 42 Visible="False" NavigateUrl="~/Recommendations.aspx"> 43 Click here to get book recommendations 44

45 46 47

(a)

(b)

(c)

(d)

Figure 21.24. Code-behind file that writes a cookie to the client.

(This item is displayed on pages 1097 - 1099 in the print version)

 1 // Fig. 21.24: Options.aspx.cs
 2 // Processes user's selection of a programming language
 3 // by displaying links and writing a cookie to the user's machine.
 4 using System;
 5 using System.Data;
 6 using System.Configuration;
 7 using System.Web;
 8 using System.Web.Security;
 9 using System.Web.UI;
10 using System.Web.UI.WebControls;
11 using System.Web.UI.WebControls.WebParts;
12 using System.Web.UI.HtmlControls;
13 public partial class Options : System.Web.UI.Page
14 {
15 // stores values to represent books as cookies 16 private System.Collections.Hashtable books = 17 new System.Collections.Hashtable(); 18 19 // initializes the Hashtable of values to be stored as cookies 20 protected void Page_Init( object sender, EventArgs e ) 21 { 22 books.Add( "Visual Basic 2005", "0-13-186900-0" ); 23 books.Add( "Visual C# 2005", "0-13-152523-9" ); 24 books.Add( "C", "0-13-142644-3" ); 25 books.Add( "C++", "0-13-185757-6" ); 26 books.Add( "Java", "0-13-148398-6" ); 27 } // end method Page_Init 28 29 // if postback, hide form and display links to make additional 30 // selections or view recommendations 31 protected void Page_Load( object sender, EventArgs e ) 32 { 33 if ( IsPostBack ) 34 { 35 // user has submitted information, so display message 36 // and appropriate hyperlinks 37 responseLabel.Visible = true; 38 languageLink.Visible = true; 39 recommendationsLink.Visible = true; 40 41 // hide other controls used to make language selection 42 promptLabel.Visible = false; 43 languageList.Visible = false; 44 submitButton.Visible = false; 45 46 // if the user made a selection, display it in responseLabel 47 if ( languageList.SelectedItem != null ) 48 responseLabel.Text += " You selected " + 49 languageList.SelectedItem.Text.ToString(); 50 else 51 responseLabel.Text += " You did not select a language."; 52 } // end if 53 } // end method Page_Load 54 55 // write a cookie to record the user's selection 56 protected void submitButton_Click( object sender, EventArgs e ) 57 { 58 // if the user made a selection 59 if ( languageList.SelectedItem != null ) 60 { 61 string language = languageList.SelectedItem.ToString(); 62 63 // get ISBN number of book for the given language 64 string ISBN = books[ language ].ToString(); 65 66 // create cookie using language-ISBN name-value pair 67 HttpCookie cookie = new HttpCookie( language, ISBN ); 68 69 // add cookie to response to place it on the user's machine 70 Response.Cookies.Add( cookie ); 71 } // end if 72 } // end method submitButton_Click 73 } // end class Options

Figure 21.25. ASPX file that displays book recommendations based on cookies.

(This item is displayed on pages 1099 - 1100 in the print version)

 1 <%-- Fig. 21.25: Recommendations.aspx --%>
 2 <%-- Displays book recommendations using cookies. --%>
 3 <%@ Page Language="C#" AutoEventWireup="true"
 4 CodeFile="Recommendations.aspx.cs" Inherits="Recommendations" %>
 5
 6  "-//W3C//DTD XHTML 1.1//EN"
 7 "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
8 9
"http://www.w3.org/1999/xhtml" > 10 "server"> 11 Book Recommendations 12 13 14 "form1" runat="server"> 15

16 "recommendationsLabel" 17 runat="server" Text="Recommendations" 18 Font-Bold="True" Font-Size="X-Large"> 19

20 21 "booksListBox" runat="server" Height="125px" 22 Width="450px">

23 24 "languageLink" runat="server" 25 NavigateUrl="~/Options.aspx"> 26 Click here to choose another language 27 28

29 30 31

Figure 21.26. Reading cookies from a client to determine book recommendations.

(This item is displayed on page 1101 in the print version)

 1 // Fig. 21.26: Recommendations.aspx.cs
 2 // Creates book recommendations based on cookies.
 3 using System;
 4 using System.Data;
 5 using System.Configuration;
 6 using System.Collections;
 7 using System.Web;
 8 using System.Web.Security;
 9 using System.Web.UI;
10 using System.Web.UI.WebControls;
11 using System.Web.UI.WebControls.WebParts;
12 using System.Web.UI.HtmlControls;
13
14 public partial class Recommendations : System.Web.UI.Page
15 {
16 // read cookies and populate ListBox with any book recommendations
17 protected void Page_Init( object sender, EventArgs e )
18 {
19 // retrieve client's cookies 
20 HttpCookieCollection cookies = Request.Cookies;
21
22 // if there are cookies, list the appropriate books and ISBN numbers
23 if ( cookies.Count != 0 )
24 {
25 for ( int i = 0; i < cookies.Count; i++ )
26 booksListBox.Items.Add( cookies[ i ].Name + 
27  " How to Program. ISBN#: " + cookies[ i ].Value );
28 } // end if
29 else
30 {
31 // if there are no cookies, then no language was chosen, so
32 // display appropriate message and clear and hide booksListBox
33 recommendationsLabel.Text = "No Recommendations";
34 booksListBox.Items.Clear();
35 booksListBox.Visible = false;
36
37 // modify languageLink because no language was selected
38 languageLink.Text = "Click here to choose a language";
39 } // end else
40 } // end method Page_Init
41 } // end class Recommendations

The ASPX file in Fig. 21.23 contains five radio buttons (lines 2127) with the values Visual Basic 2005, Visual C# 2005, C, C++, and Java. Recall that you can set the values of radio buttons via the ListItem Collection Editor, which is opened either by clicking the RadioButtonList's Items property in the Properties window or by clicking the Edit Items... link in the RadioButtonList Tasks smart tag menu. The user selects a programming language by clicking one of the radio buttons. The page contains a Submit button, which when clicked, creates a cookie containing a record of the selected language. Once created, this cookie is added to the HTTP response header, and a postback occurs. Each time the user chooses a language and clicks Submit, a cookie is written to the client.

When the postback occurs, certain controls are hidden and others are displayed. The Label, RadioButtonList and Button used to select a language are hidden. Toward the bottom of the page, a Label and two HyperLinks are displayed. One link requests this page (lines 3638), and the other requests Recommendations.aspx (lines 4143). Notice that clicking the first hyperlink (the one that requests the current page) does not cause a postback to occur. The file Options.aspx is specified in the NavigateUrl property of the hyperlink. When the hyperlink is clicked, this page is requested as a completely new request. Recall that earlier in the chapter, we set NavigateUrl to a remote Web site (http://www.deitel.com). To set this property to a page within the same ASP.NET application, click the ellipsis button next to the NavigateUrl property in the Properties window to open the Select URL dialog. Use this dialog to select a page within your project as the destination for the HyperLink.

Adding and Linking to a New Web Form

Setting the NavigateUrl property to a page in the current application requires that the destination page exist already. Thus, to set the NavigateUrl property of the second link (the one that requests the page with book recommendations) to Recommendations.aspx, you must first create this file by right clicking the project location in the Solution Explorer and selecting Add New Item... from the menu that appears. In the Add New Item dialog, select Web Form from the Templates pane and change the name of the file to Recommendations.aspx. Finally, check the box labeled Place code in separate file to indicate that the IDE should create a code-behind file for this ASPX file. Click Add to create the file. (We discuss the contents of this ASPX file and code-behind file shortly.) Once the Recommendations.aspx file exists, you can select it as the NavigateUrl value for a HyperLink in the Select URL dialog.

Writing Cookies in a Code-Behind File

Figure 21.24 presents the code-behind file for Options.aspx (Fig. 21.23). This file contains the code that writes a cookie to the client machine when the user selects a programming language. The code-behind file also modifies the appearance of the page in response to a postback.

Lines 1617 create books as a Hashtable (namespace System.Collections)a data structure that stores keyvalue pairs. A program uses the key to store and retrieve the associated value in the Hashtable. In this example, the keys are strings containing the programming languages' names, and the values are strings containing the ISBN numbers for the recommended books. Class Hashtable provides method Add, which takes as arguments a key and a value. A value that is added via method Add is placed in the Hashtable at a location determined by the key. The value for a specific Hashtable enTRy can be determined by indexing the Hashtable with that value's key. The expression

 HashtableName[ keyName ]

 

returns the value in the keyvalue pair in which keyName is the key. For example, the expression books[ language ] in line 64 returns the value that corresponds to the key contained in language. Class Hashtable is discussed in detail in Chapter 25, Data Structures.

Clicking the Submit button creates a cookie if a language is selected and causes a postback to occur. In the submitButton_Click event handler (lines 5672), a new cookie object (of type HttpCookie) is created to store the language and its corresponding ISBN number (line 67). This cookie is then Added to the Cookies collection sent as part of the HTTP response header (line 70). The postback causes the condition in the if statement of Page_Load (line 33) to evaluate to true, and lines 3751 execute. Lines 3739 reveal the initially hidden controls responseLabel, languageLink and recommendationsLink. Lines 4244 hide the controls used to obtain the user's language selection. Line 47 determines whether the user selected a language. If so, that language is displayed in responseLabel (lines 4849). Otherwise, text indicating that a language was not selected is displayed in responseLabel (line 51).

Displaying Book Recommendations Based on Cookie Values

After the postback of Options.aspx, the user may request a book recommendation. The book recommendation hyperlink forwards the user to Recommendations.aspx (Fig. 21.25) to display the recommendations based on the user's language selections.

Recommendations.aspx contains a Label (lines 1619), a ListBox (lines 2122) and a HyperLink (lines 2427). The Label displays the text Recommendations if the user has selected one or more languages; otherwise, it displays No Recommendations. The ListBox displays the recommendations created by the code-behind file, which is shown in Fig. 21.26. The HyperLink allows the user to return to Options.aspx to select additional languages.

Code-Behind File That Creates Book Recommendations From Cookies

In the code-behind file Recommendations.aspx.cs (Fig. 21.26), method Page_Init (lines 1740) retrieves the cookies from the client, using the Request object's Cookies property (line 20). This returns a collection of type HttpCookieCollection, containing cookies that have previously been written to the client. Cookies can be read by an application only if they were created in the domain in which the application is runninga Web server can never access cookies created outside the domain associated with that server. For example, a cookie created by a Web server in the deitel.com domain cannot be read by a Web server in any other domain.

Line 23 determines whether at least one cookie exists. Lines 2527 add the information in the cookie(s) to the booksListBox. The for statement retrieves the name and value of each cookie using i, the statement's control variable, to determine the current value in the cookie collection. The Name and Value properties of class HttpCookie, which contain the language and corresponding ISBN, respectively, are concatenated with " Howto Program. ISBN# " and added to the ListBox. Lines 3338 execute if no language was selected. We summarize some commonly used HttpCookie properties in Fig. 21.27.

Figure 21.27. HttpCookie properties.

Properties

Description

Domain

Returns a string containing the cookie's domain (i.e., the domain of the Web server running the application that wrote the cookie). This determines which Web servers can receive the cookie. By default, cookies are sent to the Web server that originally sent the cookie to the client. Changing the Domain property causes the cookie to be returned to a Web server other than the one that originally wrote it.

Expires

Returns a DateTime object indicating when the browser can delete the cookie.

Name

Returns a string containing the cookie's name.

Path

Returns a string containing the path to a directory on the server (i.e., the Domain) to which the cookie applies. Cookies can be "targeted" to specific directories on the Web server. By default, a cookie is returned only to applications operating in the same directory as the application that sent the cookie or a subdirectory of that directory. Changing the Path property causes the cookie to be returned to a directory other than the one from which it was originally written.

Secure

Returns a bool value indicating whether the cookie should be transmitted through a secure protocol. The value true causes a secure protocol to be used.

Value

Returns a string containing the cookie's value.

 

21.6.2. Session Tracking with HttpSessionState

C# provides session-tracking capabilities in the Framework Class Library's HttpSessionState class. To demonstrate basic session-tracking techniques, we modified Fig. 21.26 so that it uses HttpSessionState objects. Figure 21.28 presents the ASPX file, and Fig. 21.29 presents the code-behind file. The ASPX file is similar to that presented in Fig. 21.23, except Fig. 21.28 contains two additional Labels (lines 3536 and lines 3839), which we discuss shortly.

Figure 21.28. ASPX file that presents a list of programming languages.

(This item is displayed on pages 1103 - 1105 in the print version)

 1 <%-- Fig. 21.28: Options.aspx --%>
 2 <%-- Allows client to select programming languages and access --%>
 3 <%-- book recommendations. --%>
 4 <%@ Page Language="C#" AutoEventWireup="true"
 5 CodeFile="Options.aspx.cs" Inherits="Options" %>
 6
 7  "-//W3C//DTD XHTML 1.1//EN"
 8 "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 9
10 
"http://www.w3.org/1999/xhtml" > 11 "server"> 12 Sessions 13 14 15 "form1" runat="server"> 16

17 "promptLabel" runat="server" Font-Bold="True" 18 Font-Size="Large" Text="Select a programming language:"> 19 20 21 "languageList" runat="server"> 22 Visual Basic 2005 23 Visual C# 2005 24 C 25 C++ 26 Java 27 28 29 "submitButton" runat="server" Text="Submit" /> 30 31 "responseLabel" runat="server" Font-Bold="True" 32 Font-Size="Large" Text="Welcome to sessions!" 33 Visible="False">

34 35 "idLabel" runat="server" Visible="False"> 36

37 38 "timeoutLabel" runat="server" Visible="False"> 39 <br />
40 41 "languageLink" runat="server" 42 Visible="False" NavigateUrl="~/Options.aspx"> 43 Click here to choose another language 44

45 46 "recommendationsLink" runat="server" 47 Visible="False" NavigateUrl="~/Recommendations.aspx"> 48 Click here to get book recommendations 49

50 51 52

(a)

(b)

(c)

(d)

Every Web Form includes an HttpSessionState object, which is accessible through property Session of class Page. Throughout this section, we use property Session to manipulate our page's HttpSessionState object. When the Web page is requested, an HttpSessionState object is created and assigned to the Page's Session property. As a result, we often refer to property Session as the Session object.

Adding Session Items

When the user presses Submit on the Web Form, submitButton_Click is invoked in the code-behind file (Fig. 21.29). Method submitButton_Click responds by adding a keyvalue pair to our Session object, specifying the language chosen and the ISBN number for a book on that language. These keyvalue pairs are often referred to as session items. Next, a postback occurs. Each time the user clicks Submit, submitButton_Click adds a new session item to the HttpSessionState object. Because much of this example is identical to the last example, we concentrate on the new features.

Figure 21.29. Creates a session item for each programming language selected by the user on the ASPX page.

 1 // Fig. 21.29: Options.aspx.cs
 2 // Processes user's selection of a programming language
 3 // by displaying links and writing a cookie to the user's machine.
 4 using System;
 5 using System.Data;
 6 using System.Configuration;
 7 using System.Web;
 8 using System.Web.Security;
 9 using System.Web.UI;
10 using System.Web.UI.WebControls;
11 using System.Web.UI.WebControls.WebParts;
12 using System.Web.UI.HtmlControls;
13 public partial class Options : System.Web.UI.Page
14 {
15 // stores values to represent books as cookies 16 private System.Collections.Hashtable books = 17 new System.Collections.Hashtable(); 18 19 //initializes the Hashtable of values to be stored as cookies 20 protected void Page_Init( object sender, EventArgs e ) 21 { 22 books.Add( "Visual Basic 2005", "0-13-186900-0" ); 23 books.Add( "Visual C# 2005", "0-13-152523-9" ); 24 books.Add( "C", "0-13-142644-3" ); 25 books.Add( "C++", "0-13-185757-6" ); 26 books.Add( "Java", "0-13-148398-6" ); 27 } // end method Page_Init 28 29 // if postback, hide form and display links to make additional 30 // selections or view recommendations 31 protected void Page_Load( object sender, EventArgs e ) 32 { 33 if ( IsPostBack ) 34 { 35 // user has submitted information, so display appropriate labels 36 // and hyperlinks 37 responseLabel.Visible = true; 38 idLabel.Visible = true; 39 timeoutLabel.Visible = true; 40 languageLink.Visible = true; 41 recommendationsLink.Visible = true; 42 43 // hide other controls used to make language selection 44 promptLabel.Visible = false; 45 languageList.Visible = false; 46 submitButton.Visible = false; 47 48 // if the user made a selection, display it in responseLabel 49 if ( languageList.SelectedItem != null ) 50 responseLabel.Text += " You selected " + 51 languageList.SelectedItem.Text.ToString(); 52 else 53 responseLabel.Text += " You did not select a language."; 54 55 // display session ID 56 idLabel.Text = "Your unique session ID is: " + Session.SessionID; 57 58 // display the timeout 59 timeoutLabel.Text = "Timeout: " + Session.Timeout + " minutes."; 60 } // end if 61 } // end method Page_Load 62 63 // write a cookie to record the user's selection 64 protected void submitButton_Click( object sender, EventArgs e ) 65 { 66 // if the user made a selection 67 if ( languageList.SelectedItem != null ) 68 { 69 string language = languageList.SelectedItem.ToString(); 70 71 // get ISBN number of book for the given language 72 string ISBN = books[ language ].ToString(); 73 74 Session.Add( language, ISBN ); // add name/value pair to Session 75 } // end if 76 } // end method submitButton_Click 77 } // end class Options

Like a cookie, an HttpSessionState object can store namevalue pairs. These session items are placed in an HttpSessionState object by calling method Add. Line 74 calls Add to place the language and its corresponding recommended book's ISBN number in the HttpSessionState object. If the application calls method Add to add an attribute that has the same name as an attribute previously stored in a session, the object associated with that attribute is replaced.

Software Engineering Observation 21 1 (This item is displayed on page 1105 in the print version)

A Web Form should not use instance variables to maintain client state information, because each new request or postback, is handled by a new instance of the page. Web Forms should maintain client state information in HttpSessionState objects, because such objects are specific to each client.

 

Software Engineering Observation 21 2

One of the primary benefits of using HttpSessionState objects (rather than cookies) is that HttpSessionState objects can store any type of object (not just Strings) as attribute values. This provides you with increased flexibility in determining the type of state information to maintain for clients.

 

The application handles the postback event (lines 3360) in method Page_Load. Here, we retrieve information about the current client's session from the Session object's properties and display this information in the Web page. The ASP.NET application contains information about the HttpSessionState object for the current client. Property SessionID (line 56) contains the unique session IDa sequence of random letters and numbers. The first time a client connects to the Web server, a unique session ID is created for that client. When the client makes additional requests, the client's session ID is compared with the session IDs stored in the Web server's memory to retrieve the HttpSessionState object for that client. Property Timeout (line 59) specifies the maximum amount of time that an HttpSessionState object can be inactive before it is discarded. Figure 21.30 lists some common HttpSessionState properties.

Figure 21.30. HttpSessionState properties.

Properties

Description

Count

Specifies the number of keyvalue pairs in the Session object.

IsNewSession

Indicates whether this is a new session (i.e., whether the session was created during loading of this page).

IsReadOnly

Indicates whether the Session object is read-only.

Keys

Returns a collection containing the Session object's keys.

SessionID

Returns the session's unique ID.

Timeout

Specifies the maximum number of minutes during which a session can be inactive (i.e., no requests are made) before the session expires. By default, this property is set to 20 minutes.

 

Displaying Recommendations Based on Session Values

As in the cookies example, this application provides a link to Recommendations.aspx (Fig. 21.31), which displays a list of book recommendations based on the user's language selections. Lines 2122 define a ListBox Web control that is used to present the recommendations to the user.

Figure 21.31. Session-based book recommendations displayed in a ListBox.

 1 <%-- Fig. 21.31: Recommendations.aspx --%>
 2 <%-- Displays book recommendations using sessions. --%>
 3 <%@ Page Language="C#" AutoEventWireup="true"
 4 CodeFile="Recommendations.aspx.cs" Inherits="Recommendations" %>
 5
 6  "-//W3C//DTD XHTML 1.1//EN"
 7 "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 8
 9 
"http://www.w3.org/1999/xhtml" > 10 "server"> 11 Book Recommendations 12 13 14 "form1" runat="server"> 15

16 "recommendationsLabel" 17 runat="server" Text="Recommendations" 18 Font-Bold="True" Font-Size="X-Large"> 19

20 21 "booksListBox" runat="server" Height="125px" 22 Width="450px">

23 24 "languageLink" runat="server" 25 NavigateUrl="~/Options.aspx"> 26 Click here to choose another language 27 28

29 30 31

Code-Behind File That Creates Book Recommendations from a Session

Figure 21.32 presents the code-behind file for Recommendations.aspx. Event handler Page_Init (lines 1747) retrieves the session information. If a user has not selected a language on Options.aspx, our Session object's Count property will be 0. This property provides the number of session items contained in a Session object. If Session object's Count property is 0 (i.e., no language was selected), then we display the text No Recommendations and update the Text of the HyperLink back to Options.aspx.

Figure 21.32. Session data used to provide book recommendations to the user.

 1 // Fig. 21.32: Recommendations.aspx.cs
 2 // Creates book recommendations based on a session object.
 3 using System;
 4 using System.Data;
 5 using System.Configuration;
 6 using System.Collections;
 7 using System.Web;
 8 using System.Web.Security;
 9 using System.Web.UI;
10 using System.Web.UI.WebControls;
11 using System.Web.UI.WebControls.WebParts;
12 using System.Web.UI.HtmlControls; 13 14 public partial class Recommendations : System.Web.UI.Page 15 { 16 // read cookies and populate ListBox with any book recommendations 17 protected void Page_Init( object sender, EventArgs e ) 18 { 19 // stores a key name found in the Session object 20 string keyName; 21 22 // determine whether Session contains any information 23 if ( Session.Count != 0 ) 24 { 25 for ( int i = 0; i < Session.Count; i++ ) 26 { 27 keyName = Session.Keys[ i ]; // store current key name 28 29 // use current key to display one 30 // of session's name-value pairs 31 booksListBox.Items.Add( keyName + 32 " How to Program. ISBN#: " + 33 Session[ keyName ].ToString() ); 34 } // end for 35 } // end if 36 else 37 { 38 // if there are no session items, no language was chosen, so 39 // display appropriate message and clear and hide booksListBox 40 recommendationsLabel.Text = "No Recommendations"; 41 booksListBox.Items.Clear(); 42 booksListBox.Visible = false; 43 44 // modify languageLink because no language was selected 45 languageLink.Text = "Click here to choose a language"; 46 } // end else 47 } // end method Page_Init 48 } // end class Recommendations

If the user has chosen a language, the for statement (lines 2534) iterates through our Session object's session items, temporarily storing each key name (line 27). The value in a keyvalue pair is retrieved from the Session object by indexing the Session object with the key name, using the same process by which we retrieved a value from our Hashtable in the preceding section.

Line 27 accesses the Keys property of class HttpSessionState, which returns a collection containing all the keys in the session. Line 27 indexes this collection to retrieve the current key. Lines 3133 concatenate keyName's value to the string " Howto Program. ISBN#: " and the value from the Session object for which keyName is the key. This string is the recommendation that appears in the ListBox.

Preface

Index

    Introduction to Computers, the Internet and Visual C#

    Introduction to the Visual C# 2005 Express Edition IDE

    Introduction to C# Applications

    Introduction to Classes and Objects

    Control Statements: Part 1

    Control Statements: Part 2

    Methods: A Deeper Look

    Arrays

    Classes and Objects: A Deeper Look

    Object-Oriented Programming: Inheritance

    Polymorphism, Interfaces & Operator Overloading

    Exception Handling

    Graphical User Interface Concepts: Part 1

    Graphical User Interface Concepts: Part 2

    Multithreading

    Strings, Characters and Regular Expressions

    Graphics and Multimedia

    Files and Streams

    Extensible Markup Language (XML)

    Database, SQL and ADO.NET

    ASP.NET 2.0, Web Forms and Web Controls

    Web Services

    Networking: Streams-Based Sockets and Datagrams

    Searching and Sorting

    Data Structures

    Generics

    Collections

    Appendix A. Operator Precedence Chart

    Appendix B. Number Systems

    Appendix C. Using the Visual Studio 2005 Debugger

    Appendix D. ASCII Character Set

    Appendix E. Unicode®

    Appendix F. Introduction to XHTML: Part 1

    Appendix G. Introduction to XHTML: Part 2

    Appendix H. HTML/XHTML Special Characters

    Appendix I. HTML/XHTML Colors

    Appendix J. ATM Case Study Code

    Appendix K. UML 2: Additional Diagram Types

    Appendix L. Simple Types

    Index



    Visual C# How to Program
    Visual C# 2005 How to Program (2nd Edition)
    ISBN: 0131525239
    EAN: 2147483647
    Year: 2004
    Pages: 600

    Flylib.com © 2008-2020.
    If you may any questions please contact us: flylib@qtcs.net