The JonShaft Cookie Tutorial
This Cookie tutorial is designed for anyone interested in learning how to control a cookie with ASP.
AI
AI Summary: This codebase represents a historical implementation of the logic described in the metadata. Our preservation engine analyzes the structure to provide context for modern developers.
Source Code
<p><strong><font color="#000000" face="Verdana"><small><small>Important Update:</small></small></font></strong><br>
<font face="Verdana"><small><small>ASP Trencher, Bryant L. from Baarns
Consulting, sent me an e-mail recently telling me that IIS4.0 machines
using ASP2.0 do not need the leading "." for defining the domain
variable for the cookie, and it works with IE and Netscape! I tested this
out on a local machine of my own and sure enough, it worked perfectly. I
haven't updated the cookie-code you'll see below to reflect that because not
everyone is using that exact configuration, but as ASP and IIS improve so will
these little headaches. Thanks, Bryant.<br>
</small></small></font><font color="#000000" face="Verdana"><br>
</font><font face="Verdana"><strong><font color="#000000">How it Works:</font><br>
<font color="#008000">Green = Server-side ASP code</font><font color="#000000"><br>
</font><font color="#800080">Purple= HTML Code</font><font color="#000000"><br>
Black= Visible HTML Text<br>
</font><font color="#ff0000">Red= My Comments</font></strong></font></p>
<table border="1" cellPadding="4" cellSpacing="0" width="100%">
<tbody>
<tr>
<td vAlign="top" width="58%">
<p><font face="Courier New" color="forestgreen" size="+0"><small><%
If Request.Cookies("JonShaft").HasKeys Then %></small></font><font face="Courier New"><small><font color="limegreen" face><br>
</font></small></font></p>
<p><font face="Courier New"><small><font color="#800080"><HTML><br>
<HEAD><br>
<TITLE></font>A Jon Shaft Cookie. It's cheesy!<font color="#800080"></TITLE></font><br>
<font color="#800080"></HEAD><br>
</font></small></font></p>
<p><font color="#008000" face="Courier New"><small><br>
</small></font> </p>
</td>
<td vAlign="top" width="42%"><small><font color="#ff0000" face="Arial">'
This is my " if then" where I find out if the user
already has the JonShaft Cookie on their system. The HasKeys
attribute is real handy for checking cookies which have multiple values
associated with them- those values are referred to as Keys by ASP.
This cookie says, if they've got the cookie, execute the next statement.</font></small>
<p> </p>
</td>
</tr>
<tr>
<td vAlign="top" width="58%">
<p><font face="Courier New"><small>Welcome Back, <font color="#008000"><%Response.Write
(Request.Cookies("JonShaft")("FirstName"))%></font><font color="#800080">&#32</font></small><br>
<small><font color="#008000"><%Response.Write(Request.Cookies("JonShaft")("LastName"))%></font><font color="#000000">!</font></small></font></p>
<p><font face="Courier New"><small><font color="#ff0000"><em><small><img src="http://www.aspalliance.com/glenncook/images/cookieboy.jpg" width="128" height="119"></small></em></font></small></font></p>
</td>
<td vAlign="top" width="42%"><font color="#ff0000" face="Arial"><small>'This
line basically says, "OK, they've got the cookie, let's Request the
cookie's keys/info and write them to the page." The Response
Object allows me to spit information to the user, the Request Object
allows me to extract it from the user. Basically what we've done
is said, "Check for cookie(Request), extract cookie(Request), write
cookie to page(Response)"</small><big><br>
</big><small>**The &#32 tells HTML to enter a space**</small></font><font color="#008000"><br>
</font>
<p> </p>
</td>
</tr>
<tr>
<td vAlign="top" width="58%"> </td>
<td vAlign="top" width="42%">
<p> </p>
</td>
</tr>
<tr>
<td vAlign="top" width="58%"><font color="#008000" face="Courier New"><small><%<br>
Else If "BadMutha" = Request("ActionType") Then</small><br>
<small>TheFirstName=Request("FirstName")</small><br>
<small>TheLastName=Request("LastName")</small></font></td>
<td vAlign="top" width="42%"><font color="#ff0000" face="Arial"><small><small><font size="+0" color="#ff0000" face="Arial">'The
"Else in the first line says,"Ok, the "If-Then"
wasn't true....But there's more ahead!"<br>
</font></small><font size="+0">'</font>This section is for the form
input and it creates the cookie. You see, this single page of code
serves three functions: It's for people who've been here before, people
who haven't, and it makes a cookie for the people based on their form
input. You'll notice that just after the FORM METHOD html I have
some ASP code which actually asks for it's own name so it can post to
itself!</small><big><br>
</big><small>The "If-Then" statement checks to see if the user
sent a form with the name "ActionType" which has the value
equal to "BadMutha"!</small><big><br>
</big><small>It also makes two variables based on the user input to
stick into the JonShaft cookie. I call the variables TheFirstName
and TheLastName appropriately.</small></font>
<p> </p>
<p> </p>
</td>
</tr>
<tr>
<td vAlign="top" width="58%"><font face="Courier New"><font color="#008000"><small>Response.Cookies("JonShaft")("FirstName")
= TheFirstName</small><br>
<small>Response.Cookies("JonShaft")("LastName") =
TheLastName</small><br>
<small>Response.Cookies("JonShaft").Expires = #September 3,</small>
<small>2001#<br>
Response.Cookies("JonShaft").Domain= &_ ".www.activeserverpages.com"</small><br>
<small>Response.Cookies("JonShaft").Path = "/glenncook"<br>
Response.Write "Thanks for your submission, "<br>
Response.Write(Request("FirstName"))%></small></font><small><font color="#000000">!</font></small></font></td>
<td vAlign="top" width="42%"><small><font color="#ff0000" face="Arial">'The
Response Object is your cookie writing friend! This code actually writes
the cookie to the client's system. You'll notice that I make the
The FirstName key equal to the "TheFirstName" variable which I
extracted from the Request("FirstName") Querystring from the
input form.(Whoooo! That was a mouthful!)</font></small>
<p><small><font color="#ff0000" face="Arial">Then I tell the cookie when
to expire, the domain that it should be sent to, and the path within the
domain. But the secret recipe is that little period in the
domain=".www.activeserverpages.com" Actually without
that little period, no cookie! Charles Carol helped me on this
little issue which drove me nuts. MAKE SURE THE DOT IS THERE!
Also make sure the path is EXACTLY as I wrote it.</font></small></p>
<p> </p>
</td>
</tr>
<tr>
<td vAlign="top" width="58%"><font color="#008000" face="Courier New"><small><%Else%></small></font></td>
<td vAlign="top" width="42%"><small><font color="#ff0000" face="Arial">'The
"Else" code here basically says," Ok, they don't have the
cookie and they didn't send any form information, send them the
following code!</font></small>
<p> </p>
</td>
</tr>
<tr>
<td vAlign="top" width="58%"><font face="Courier New"><small><font color="#800080"><FORM
METHOD=POST ACTION="</font><font color="#008000"><%=Request.ServerVariables("SCRIPT_NAME")%></font><font color="#800080">"></font><br>
<font color="#800080"><input type="hidden" name="ActionType"
value="BadMutha"></font><br>
<br>
You must be new around here. Gimme your name?!<font color="#800080"><p></font><br>
FIRST NAME:<font color="#800080"><input type="text"
name="FirstName" size="15"><br></font><br>
LAST NAME:<font color="#800080">&#32<input type="text"
name="LastName" size="15"><p><br>
</font><br>
<font color="#800080"><input type="reset" value="Clear
Form"><br>
<input TYPE="submit" VALUE="Submit Info!"></font><br>
<font color="#008040"><%End If%></font><br>
<font color="#008000"><%End If%></font><br>
<font color="#800080"></BODY><br>
</HTML><br>
</font></small></font></td>
<td vAlign="top" width="42%"><small><font color="#ff0000" face="Arial">'This
section is your HTML input form for the new visitor! You'll notice
that I stuck a hidden input box in there. Well basically
that's so I can get "Bad Mutha" as the Action Type but is very
effective for passing stuff that the user doesn't need to see.</font></small>
<p><small><font color="#ff0000" face="Arial">I also extract the name of
this asp page -which I mentioned above- using the
Request.ServerVariables object. Remember: If you need some
information in ASP pages, just "Request" it.</font></small></p>
<p><small><font color="#ff0000" face="Arial">Finally, don't forget to
End your If!</font></small></p>
</td>
</tr>
<tr>
<td vAlign="top" width="58%"><font color="#ff0000" face="Verdana"><strong>Some
tips and suggestions!</strong></font>
<ul>
<li><font color="#ff0000" face="Verdana"><small>One of the most useful
things I've seen cookies used for is with Human Resource type
applications where the basic user information is stored as a cookie.
That way everytime they go to access a form to make changes they
don't have to re-type the form input information. Remember, DO
NOT store sensitive information in a cookie.</small></font></li>
</ul>
<ul>
<li><font color="#ff0000" face="Verdana"><small>If you are rewriting
any cookie information back to an existing cookie you need to update
all of the cooky's information (e.g. "path",
"domain", "expiration date" etc.)</small></font></li>
</ul>
<p> </p>
</td>
<td vAlign="top" width="42%">
<ul>
<li><small><font color="#ff0000" face="Verdana">Although a cookie
might be useful for "extra" authentication, it should
never be used for secure authentication purposes. Check out <a href="http://www.activeserverpages.com/flicks/">Kevin
Flicks</a> site for some great info on authentication methods and
security considerations.</font></small></li>
</ul>
<ul>
<li><font color="#ff0000" face="Verdana"><small>IMPORTANT!</small><br>
<small>Internet Explorer likes the domain info like ".www.domain.com"
where Netscape likes it like ".domain.com". (My
cookie is written for Explorer.)</small></font></li>
</ul>
<ul>
<li><font color="#ff0000" face="Verdana"><small>Cookies are finicky.
Any little mistake will have you pulling your hair out for hours.</small></font></li>
</ul>
<p> </p>
</td>
</tr>
</tbody>
</table>
<p></p>
Original Comments (3)
Recovered from Wayback Machine