session in javascript in asp.net

Question

4.50/5 (4 votes)

See more:

i want to assign a value to a session from javascript function

<%Session["Test"] = "Welcome Mamu";%>

the above code will work properly. but i want to assign a value from a variable like

var strTest=document.getElementById('DropDownList1').value;
<%Session["Test"] = "'+ strTest +'";%>

this is woking but the value saved in the session is '+ strTest +' not the value of strTest

is anybody know the solution plz reply me soon

Posted 17-Apr-11 22:15pm

sabithaOrell

Updated 17-Apr-11 22:33pm

Prerak Patel

v2

Add a Solution

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Manfred Rudolf Bihy · Answer 1 · 2011-04-17T22:33:00

Of course the valuue stored in the seesion is '+ strTest +' because that is what you assigned to Session["Test"].
What you're trying to achieve will not work this way since the code inside the <% %> is executed on the serverside during rendering of the page and the var strTest = ... bits are javascript are code that is run on the client side (browser). If you want to set the session variable you'll either have to submit the data including that of DropDownList1 or do an AJAX call to your website if the value of the DropDownList1 changes.

Best Regards,

-MRB

CodeHawkz · Answer 2 · 2011-04-17T23:49:00

Solution 2

I think you misunderstood his question. He wants to access the Session variable through JavaScript which is impossible. This is purely due to that session is encrypted, mainly to guard it off from hackers. Just think, if it was accessible from JavaScript, how many websites will be hacked in a blink :)

But depending on what you want, you might be able to workaround it. A simple method I would think of is, use AJAX to call a server-side method to fetch the value you want from the session. But please, keep it in mind that this is NOT RECOMMENDED. A method that you can call, anyone else can call :) Unless, you authenticate the access.

My advice to you is to use a hidden field in your page to carry the values that you want to process using javascript.

Hope this helps.

Regards, Pasan.

Posted 17-Apr-11 23:49pm

CodeHawkz

Comments

dhage.prashant01 18-Apr-11 5:59am

Good1

Manfred Rudolf Bihy 18-Apr-11 6:56am

Your comment to my solution has miraculously vanished, but your solution propagates exactly what I told OP. So I don't really see any difference in what you are expressing.

Ankur^\m/ 18-Apr-11 7:03am

Good answer, 5 to you!

Prasanta_Prince 18-Apr-11 9:12am

Good answer.

BobJanova 18-Apr-11 11:00am

Hidden fields are also accessible to everyone, and a bit harder to secure than an AJAX call.

CodeHawkz 19-Apr-11 2:29am

@Manfred: I deleted it myself and posted this as an answer instead. Sorry about that :)

@BobJanova: The point is, in the hidden field, you can store the only data that you want to manipulate. For instance, what he wanted to put in the combo box. Where as, if you expose the session through ajax calls, there will be other information such as session id, flags set to check user levels, authentications, shopping cart info, etc. (in short valuable and restricted information).

So for a hacker, getting hands on the session means laying your website on a table for him to dine the way he wants. Simple example, you store the username of the currently logged user in the session. All he has to do is update the value to another username or simply iterate through all the values that is stored in the session. The possibilities are immense :) But yes, it will be dependent on what functionality he decides to expose :) But the hidden field approach is easier, simpler and safer. That's what I tried to say.

Btw, thanks everyone for the votes :)

BobJanova · Answer 3 · 2011-04-18T05:05:00

You fundamentally misunderstand what the session is. The session is stored on the server and is used to persist data between page requests from the same user. It is not available on the client side (i.e. in the browser) because the browser is showing one page.

It does not make sense to set session variables in response to client actions, as client actions are occuring within the context of one page and do not need to be persisted between requests.

If you want to take a record of a user's choice, you should submit that choice, either by AJAX or a form submission (depending on the circumstances; AJAX for single values, form submissions for a whole set at once). The server page that responds to that submission might choose to store some information in the session, but it might not.

session in javascript in asp.net

3 solutions

Solution 1

Solution 2

Solution 3

Add your solution here

Preview 0