| Author |
 Topic Search  Topic Options
|
WebWiz-Bruce 
Admin Group
Web Wiz Developer
Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844
|
 Post Options
 Thanks(0)
 Quote  Reply
 Posted: 14 December 2023 at 3:01pm |
Thanks Roberto.
I believe the idea was not to have an extra database lookup for performance reasons, and while a bot may visit the forum multiple time in the same second from the same IP it is very unlikely that a real person could open the forum in multiple web browsers in the same second.
Cookies are shared between browser tabs so opening a second tab in the same browser the user would be linked to the same session.
|
|
|
 |
Roberto Randall
Senior Member
Joined: 21 August 2009
Location: San Pedro Alc.
Status: Offline
Points: 277
|
Post Options
Thanks(0)
Quote Reply
Posted: 14 December 2023 at 3:12pm |
|
You're right. It's just something to keep in mind in case in the future...
|
|
https://www.lanocion.es - https://www.lanocion.games - https://www.lanocion.chat
|
|
WebWiz-Bruce
Admin Group
Web Wiz Developer
Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844
|
Post Options
Thanks(0)
Quote Reply
Posted: 14 December 2023 at 3:32pm |
|
|
|
|
|
Roberto Randall
Senior Member
Joined: 21 August 2009
Location: San Pedro Alc.
Status: Offline
Points: 277
|
Post Options
Thanks(0)
Quote Reply
Posted: 14 December 2023 at 6:26pm |
One last question. By tracking the IPs that appear in the log as a duplicate session, I have seen that there are IPs from Google and others from Microsoft that appear identified as Android or Windows.
Would anything happen if the error line was deleted and the forum was allowed to continue? That is, delete the error line when recording the session:
'If an error has occurred write an error to the page
If Err.Number <> 0 Then Call errorMsg("An error has occurred while writing to the database.", "save_new_session_data" & strSessionErrorText, "functions_session_data.asp")
Edited by Roberto Randall - 14 December 2023 at 6:37pm
|
|
https://www.lanocion.es - https://www.lanocion.games - https://www.lanocion.chat
|
|
Roberto Randall
Senior Member
Joined: 21 August 2009
Location: San Pedro Alc.
Status: Offline
Points: 277
|
Post Options
Thanks(0)
Quote Reply
Posted: 15 December 2023 at 6:51am |
|
I think I created a function (modified createForumSessionID() function) to create a session id without duplicating it. I left it on all night and when I woke up I accessed the log and no error for a duplicate session appears. I'm going to spend more time testing and if it works I'll copy the code I created or send it to you by email (whatever you want).
|
|
https://www.lanocion.es - https://www.lanocion.games - https://www.lanocion.chat
|
|
WebWiz-Bruce
Admin Group
Web Wiz Developer
Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844
|
Post Options
Thanks(0)
Quote Reply
Posted: 15 December 2023 at 8:47am |
|
The two IP address from Google and Microsoft are for their Cloud Services and would likely be people running bots on their Cloud Service. These maybe research bots, content scrappers, or more often that not these days malicious bots looking for things like SQL Injection vulnerabilities.
|
|
|
|
WebWiz-Bruce
Admin Group
Web Wiz Developer
Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844
|
Post Options
Thanks(0)
Quote Reply
Posted: 15 December 2023 at 8:56am |
I am just look through the code for the createForumSessionID() function and it uses an application variable that is incremented by one for each new session ID created.
'Application session number to ensure that the sessions ID is unquie Application("SessionNum") = Application("SessionNum") + 1
|
Are you running the latest version that has this code in the createForumSessionID() ?
|
|
|
|
Roberto Randall
Senior Member
Joined: 21 August 2009
Location: San Pedro Alc.
Status: Offline
Points: 277
|
Post Options
Thanks(0)
Quote Reply
Posted: 15 December 2023 at 2:04pm |
Yes, I have the latest version and it duplicates the session. With this change I have made there have been no duplicate sessions:
Private Function createForumSessionID()
Dim dblNowDate
Dim strClientIP
Dim TypeLib
Dim strSessionIDFunc
'Generate unique session ID
Set TypeLib = CreateObject("Scriptlet.TypeLib")
strSessionIDFunc = LCase(Mid(Replace(CStr(TypeLib.Guid), "-", ""), 2, 20))
Set TypeLib = Nothing
'Get the time as a double number
dblNowDate = CDbl(Now())
dblNowDate = Mid(dblNowDate, InStr(1, dblNowDate, ".")+1, Len(dblNowDate))
'Application session number to ensure that the sessions ID is unquie
Application("SessionNum") = Application("SessionNum") + 1
'Calculate a code for the user
createForumSessionID= Application("SessionNum") & "-" & strSessionIDFunc & dblNowDate
End Function
|
|
https://www.lanocion.es - https://www.lanocion.games - https://www.lanocion.chat
|
|
