Today's Cookie Recipe

Today we want to look at maintaining "state" throughout a users visit to our web site. One of the first things to attract so many people to the internet was the fact that you could surf in virtual anonymity. The reason for this is simple. When a user requests a web page, the user's computer opens a connection to the server where the web page is located. The server says "Oh, this person wants this page. I'll send it to them." After the page is sent, the server hangs up the phone and the communication is done. This made it hard for developers to figure out how to view a person's navigation to decide which pages were being hit the most and so on. Then came the famous cookie recipe. This provided us a way to track users and make a web site more personalized based on past visits and preferences. In ASP, along with using the usual cookie, you can also use a session cookie. This session cookie is only good as long as the browser is open. Therefore, as soon as the browser is close, the session is destroyed. You will have to decide which way you want to go when building your applications. If you want your user to be able to decide whether or not they want to see your homepage everytime they visit, you would use a regular cookie. However, if you are storing their username and password to keep the person logged in while they visit certain pages on your site, you might want to consider a session variable.

To create a simple cookie you would use the response object:

<%
'first test to see if the cookie exists
If Request.Cookies("mycookie")=""
Then
Response.Cookies("mycookie")("lastvisit") = Date
Response.Cookies("mycookie").Expires = Date+365
End If
%>

To retrieve the cookie upon their next visit you would include this code:

<%
lastvisit = Request.Cookies("mycookie")("lastvisit")
%>

Then put it in your page:

<html>
<head><title>Cookie</title></head>
<body>
You were last here on <%=lastvisit%>. Welcome back!
</body></html>

By using keys in your cookies you can store a lot of information. So if your visitor wanted to customize the look of your page, you could have them fill in a form, and on the page that your form submitted to, have it set a cookie with the values from the forms in the keys of the cookie. You must always declare when the cookie will expire though, or it will automatically expire as soon as the browser is closed.

The second kind of cookie is a session variable which we mentioned before. Our password protection tutorial touched on this, so feel free to review that and see how we used it to keep someone logged in as they moved from page to page. This makes it convenient because otherwise, they would have to log on to each page which would be a nightmare for a visitor and make them leave very quickly. You can store a lot of information in a session variable. I recently built a shopping cart system that stored the users order in a session variable. Here's how it worked.

<%
order = "Item name: " & myitemname & vbcrlf & "Item Price: " & itemprice & vbcrlf
session("order") = order
%>

See how easy that was? Simply build a variable and give it it's values. Then assign a session("whatEverNameYouWant") equal to the variable. Then on each page where you need to carry the order to, simply refer to this session like this:

<%
order = request(session("order")
%>
<html>
<head><title>Order Page</title></head>
<body>
You have placed an order for the following: <br>
<%=order%>
</body></html>

One last word about session variables. The default timeout for a session variable on IIS5 in the Win2000 server is set to 20 minutes. So if your customer starts to order a product, goes out for lunch, and tries to complete the order when they get back, he may have to start all over. If you think that your application could use a session variable but the timeout propery worries you, you may want to consider storing their information in a database to keep it available whenever the person wants to view it.

Drop us a line if you are interested in a certain topic for a tutorial and we'll see what we can do. Remember to post any questions or problems on our messageboard. See ya next time!