Re: Need Help with cookies

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

To any who are interested, the answer is that one has to re-set the
expiration of the cookie when modifying it's value.
This works:

HttpContext cont;
HttpCookie cookie = cont.Request.Cookies["LoginStatus"];
cookie.Value = "New Value";
cookie.Expires = DateTime.Now.AddYear(1);
cont.Response.Cookies.Add( Cookie );

If you don't change cookie.Expires, it expires at the end of the session.

This leads to another question I had, which is about the expiration date.
In the above example, the cookie should have an expiration date of one year
from now. When I read the cookie & look at the expiration date, it is
1/1/0001. Is this the default for a Session Cookie, or for a cookie which
doesn't expire? How do I get/set or view the real expiration date?

Thanks


"Phillip N Rounds" <prounds@xxxxxxxxxxxxxxxxxx> wrote in message
news:%233xt5caBGHA.2300@xxxxxxxxxxxxxxxxxxxxxxx
> I'm having trouble with using cookies to monitor the stages of login.
> I have a two stage Registration page ( register.aspx ) and my target page
> ( MyPage.aspx )
> I'm using a cookie named LoginStatus to tract the stage of the login
> process.
> LoginStatus = "1" denotes that the first part of the login process has
> been performed.
> LoginStatus = "2" denotes that the login process has been completed.
>
>
> The entire process works as ( I ) expected when I never close the browser.
> Once I close the browser, the cookie I have been using is lost. I think
> the problem is trying to alter an existing cookie, but that doesn't make
> sense to me. Where's the flaw?
>
> Thanks
>
> Phil Rounds
>
>
> Pseudo Code is as follows:
>
> MyPage.aspx
>
> private void Page_Load( object sender, EventArgs e)
> {
> System.Web.HttpContext cont = System.Web.HttpContext.Current;
> // Check to see if there is even an instance of the cookie LoginStatus
> if ( cont.Request.Cookies["LoginStatus"] == null )
> Page.Response.Redirect("Register.aspx"); // Cookie doesn't even
> exist, so go to the Register Page
> if ( cont.Request.Cookies["LoginStatus"].Value != "2")
> Page.Response.Redirect("Register.aspx") // Login has started, but not
> completed
>
> do the rest of the stuff
> }
>
>
> Register.aspx
>
> private void Page_Load( object sender, EventArgs e)
> {
> System.Web.HttpContext cont = System.Web.HttpContext.Current;
> // Check to see if there is even an instance of the cookie LoginStatus
> if ( cont.Request.Cookies["LoginStatus"] == null )
> { HttpCookie cook = new HttpCookie("LoginStatus", "0") ; //
> Create the cookie
> BeginLoginProcess(); // Do the first part of the login
> pocess
> }
> else
> {
> if ( cont.Request.Cookies["LoginStatus"].Value = "1")
> { CompleteLogin(); // This is a return to
> Register.aspx, so complete the login process
> Page.Response.Redirect("MyPage.aspx"); // Go to
> MyPage, which is where you want to be
> return; }
>
> if ( cont.Request.Cookies["LoginStatus"].Value = "2")
> Page.Response.Redirect("MyPage.aspx") ; // You're already logged
> in, so you shouldn't be here
> }
> }
>
> BeginLoginProcess()
> {
> Do a whole bunch of stuff. If everything is ok,
> System.Web.HttpContext cont = System.Web.HttpContext.Current;
> if ( cont.Request.Cookies["LoginStatus"] != null ) // It
> can't possibly be null from the above, but what the hey
> {
> HttpCookie cook = cont.Request.Cookies["LoginStatus"];
> cook.Value = "1" ; // We've completed
> part 1 of the login process
> cont.Response.Cookies.Add( cook );
> return ;
> }
> }
>
> CompleteLogin()
> {
> Do someother stuff
> System.Web.HttpContext cont = System.Web.HttpContext.Current;
> if ( cont.Request.Cookies["LoginStatus"] != null ) // It
> can't possibly be null from the above, but what the hey
> {
> HttpCookie cook = cont.Request.Cookies["LoginStatus"];
> cook.Value = "2" ; // We've completed
> part 1 of the login process
> cont.Response.Cookies.Add( cook );
> return ;
> }
> }
>
>
>
>


.

Relevant Pages

  • Re: how to delete a cookie?
    ... an expiration date set to 'now' or before. ... The GMT date string representation of epoch appears to be the most reliable ... session cookie, deleted not before the browser session ends (i.e., when all ... browser windows are closed). ...
    (comp.lang.javascript)
  • Re: Need Help with cookies
    ... need to learn to "persist" the cookie. ... > // Check to see if there is even an instance of the cookie LoginStatus ... so complete the login process ... > can't possibly be null from the above, but what the hey ...
    (microsoft.public.dotnet.framework.aspnet)
  • Cookie not persisted w/o call to GetRedirectUrl()
    ... one as I am using multiple roles and I want to redirect the user after ... FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, ... HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ... Set the expiration for the cookie that contains the ticket ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Cookie not persisted w/o call to GetRedirectUrl()
    ... >one as I am using multiple roles and I want to redirect the user after ... > HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ... > 2) Tell the ticket that is persistent ... > 3) Set the expiration for the cookie that contains the ticket ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: forms authentication question
    ... sliding timeout or absolute timeout, but my problem is that the ... sliding expiration does not get updated all the time. ... So, if I set the sliding expiration to 20 minutes, the cookie will be updated after 10 minutes, and if the user did something in the first 10 minutes, but then didn't do anything for the next 15 minutes, forms authentication cookie will be timed-out. ... Storing custom session key in the cookie gives me an ability to renew the cookie as long as the session key has not expired. ...
    (microsoft.public.dotnet.framework.aspnet.security)