保存在处理会话不能在aspx文件进行访问 [英] Session saved in handler cannot be accessed in aspx file

问题描述

我在我的web应用程序即第一页上实施验证码。在登录页面上。验证码值在需要的Login.aspx页面被访问验证的一般处理程序中设置。

I am implementing captcha on the first page of my web application ie. on the login page. The captcha value is set in the generic handler which needs to be accessed in login.aspx page for verification.

验证码是工作完全正常，直到我添加了一个code每次都重设用户来登录页面会话ID。我有这个在我的网页加载甚至login.aspx的：

The captcha was working perfectly fine until I added a code to reset session ID every time user comes to the login page. I have this in my page load even of login.aspx:

private void Page_Load(object sender, System.EventArgs e)
{
  if(!IsPostBack)
  {
     Session.Abandon();
     Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
  }
}

我试着用这个code也获得新的sessionId：

I tried with this code also to get new sessionId:

private void Page_Load(object sender, System.EventArgs e)
{
  if(!IsPostBack)
  {
      SessionIDManager manager = new SessionIDManager();
      string newID = manager.CreateSessionID(Context);
      bool redirected = false;
      bool isAdded = false;
      manager.SaveSessionID(Context, newID, out redirected, out isAdded);
  }
}

由于我重置的SessionID我无法获取在login.aspx的保存处理程序会话参数。不知道为什么，因为我在重置页面加载会话，然后控制进入到会话参数设置处理程序，然后在登录点击我想验证处理程序设置与类型化的价值Session参数。但不知何故，我没有得到访问会话参数。我收到错误对象引用不设置到对象的实例。

As I am resetting the sessionId I am unable to fetch session parameter saved in Handler in login.aspx. NO Idea why, as I am resetting session in page load and then control goes to the handler where session parameter is set, then on login click I would like to verify the Session parameter set in Handler with the typed-in value. But somehow I am not getting to access the session parameter. I am getting error "Object reference not set to an instance of an object".

我需要重置我的SessionID为公司的审计公司已要求我这样做。我如何能做到这两件事有何建议？复位的SessionID，并使用验证码

I need to reset my SessionId as the auditing company has asked me to do so. Any suggestion on how I can achieve both things: Resetting SessionID and using Captcha?

推荐答案

确保当你第一次加载页面，而不是回传被点击登录按钮时，会重置code仅调用。在的Page_Load 应该是这个样子：

Make sure that the session reset code is only called when you first load the page and not on the postback when the login button is clicked. The Page_Load should look something like this:

private void Page_Load(object sender, System.EventArgs e)
{
  if(!IsPostBack)
  {
    Session.Abandon();
    Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
  }
}

这篇关于保存在处理会话不能在aspx文件进行访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！