You may have come across a situation where you have two ASP websites, possibly on different servers, and you wish to pass a visitor from site 1 to site 2 whilst retaining all the session variables. XSess passes the entire session from one ASP webserver to another securely. |
| XSess consists of a function, and a few supporting functions, contained in an include file. Include the script xsess.asp in any script from which you intend to transfer the visitor. Also place this script on the destination site. To transfer the visitor whilst retaining the session variables, call the function as follows: Call XSess("http://www.site2.com/asp/xsess.asp", "/page.asp")
Where "http://www.site2.com/asp/xsess.asp" is the path to this script on the destination webserver, and "http://www.site2.com/page.asp" is the path to actual target URL on the destination.
Technical Information1. The XSess function will encrypt all the session variables and redirect to the remote script with this encrypted data in the querystring.
2. The remote script will decrypt the variables, set the session and redirect again to the target URL. NB: Session arrays or objects are not supported Download Source CodeTo download the source code, right-click the following link and select 'Save Target as...'' Download source code and rename the file as xsess.asp.
Main FunctionsThis is the code for the XSess function which transfers the visitor to the destination website: FUNCTION XSess(xsesspath, destpath)
'pass this session to xsesspath
Dim q
q = "xsessdestpath=" & hsh(destpath) & "&"
For Each s In Session.Contents
If Not IsArray(Session(s)) Then
q = q & hsh(s) & "=" & hsh(Session(s)) & "&"
End If
Next
'redirect to xsesspath
Response.Redirect (xsesspath & "?" & q)
END FUNCTION |
This is the code for the XSess2 function, which receives the visitor on the destination website: 'has data been sent?
'if so update session and redirect
If Trim(request("xsessdestpath"))<>"" Then XSess2()
FUNCTION XSess2()
Dim dest, a
'decrypt the query and set the session
for each a in Request.Querystring
If (a<>"xsessdestpath") Then
Session(dhsh(a)) = dhsh(Request.Querystring(a))
Else
dest = dhsh(Request.Querystring(a))
End IF
next
'redirect to destination
Response.Redirect dest
END FUNCTION
|
Supporting FunctionsThese generic functions support the XSess functions: FUNCTION hsh(h)
hsh = Server.Urlencode(EncryptIt(h, key1))
END FUNCTION
FUNCTION dhsh(h)
dhsh = DecryptIt(h, key1)
END FUNCTION
Function EncryptIt(it, key)
Dim keylen, size, encryptstr, keymod, i
keylen = Len(key)
size = Len(it)
encryptstr = ""
On Error Resume Next
For i = 1 To size Step 1
keymod = (i Mod keylen) + 1
encryptstr = encryptstr & Chr(Asc(Mid(it, i, 1)) + Asc(Mid(key, keymod, 1)))
Next
EncryptIt = encryptstr
End Function
Function DecryptIt(it, key)
Dim keylen, size, decryptstr, keymod, i
keylen = Len(key)
size = Len(it)
decryptstr = ""
On Error Resume Next
For i = 1 To size step 1
keymod = (i MOD keylen) + 1
decryptstr = decryptstr & Chr(Asc(Mid(it, i, 1)) - Asc(Mid(key, keymod, 1)))
Next
DecryptIt = decryptstr
End Function
|
|
discuss this topic to forum