member API doesn't respect blnDatabaseHeldSession
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=24560
Printed Date: 06 April 2026 at 1:50pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: member API doesn't respect blnDatabaseHeldSession
Posted By: cludwig
Subject: member API doesn't respect blnDatabaseHeldSession
Date Posted: 01 October 2007 at 9:41pm
|
functions_member_API.asp doesn't respect setting blnDatabaseHeldSession to true in /includes/setup_options_inc.asp ( used to force the code to store session data in the DB instead of in Session() variables ). Our production system consists of several machines in a cluster ("web garden"?), and as such Session variables don't work. To enforce this (ensuring that well meaning but poorly informed developers don't use Session) IIS on all of our servers is set to not enable Session State. When functions_member_API.asp attempts to set Session() variables with username, password, and email address, it fails on a server configured thusly throwing a 500 error ("Microsoft VBScript runtime (0x800A01F4) Variable is undefined: 'Session'). Seems that if there's going to be the option ("blnDatabaseHeldSession") that it ought to be respected everywhere -- if not then I would expect odd behaviour in clustered environments. Any suggestions for workarounds (other than the obvious "Enable Session State in IIS,") -- which I feel certain will allow the site to work most of the time but will cause some weirdness when servers are changed mid-session? If the four session variables ( Session("USER"), Session("PASSWORD"), Session("EMAIL"), and Session("ForumUSER")) were only used in the one file, then I wouldn't bother asking, and would just change them to local variables. Unfortunately, some of them also seem to be referenced in functions_login.asp and log_off_user.asp. I guess the thing to do would be to have those variables also call functions_session_data.asp functions just like any other Session() variables elsewhere. Hopefully that's a robust report? PS - New user and so far very happy...  |
Replies:
Posted By: WebWiz-Bruce
Date Posted: 02 October 2007 at 8:26am
|
To keep the Member API as simple as possible to setup it requires that the data from your own login system be passed across in ASP session variables ( Session("USER"), Session("PASSWORD"), Session("EMAIL")). The last one Session("ForumUSER") is used to keep track that the user hasn't logged in as a different user halfway through the forums session. Once the data from the ASP session has been passed across to Web Wiz Forums it then uses it's own session system, which is kept in a database if enabled. The only time the ASP session variables passed across from your own login system are referenced is to keep the forum and your own login system in sync which prevents some strange login, logoff issues if it is not. If you are not using ASP session variables at all then the Member API will simply not run, and instead you will probally need to get a developer to look for some custom solution to integrate your login system with the forum. Maybe look at updating the forums database directly from your own member system. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |