Geek Answers Handbook

What to enter a session variable

I recently stumbled upon an ASP 1.1 web application that put a whole bunch of things in a session variable - including all database data objects and even a database connection object. He ends up huge. When a web session expires (four hours after the user has finished using the application), sometimes their database transactions roll back. I assume this is because the database connection does not close properly when IIS kills the session.

Anyway, my question is what should be in the session variable? Obviously, some things should be there. The user selects which plan they want to edit on the main screen, so the plan identifier goes into the session variable. Is it better to try to reduce the load on the database by storing all the information about the user (and their manager, etc.), and the plan that they are editing in the session variable, or should I try to minimize the material in the session variable and request the database for everything Do I need in the Page_Load event?

+6
asp-classic
source share
9 answers

This is rather difficult to answer because it is so application specific, but here are some guidelines that I use:

  • Put as little as possible in the session.
  • A custom choice that should last only during this visit is a good choice.
  • Often, variables that should be available across multiple pages when a user visits your site (to avoid passing them from page to page) are also good to enable a session.

From what you said about your application, I would select your data from the database and try to find ways to minimize the impact of these queries, rather than loading the session.

+5
source share

Do not post the database connection information in the session.

As for caching, I would avoid using a session for caching, if possible - you will run into problems when someone else modifies the data that the user uses, and also you cannot share cached data between users. Use the ASP.NET cache or some other caching utility (such as Memcached or Velocity).

As for should go to the session, everything that relates to the browser windows all , the user can open your site (login, security settings, etc.), must be in the session. Things like what kind of object is being viewed / edited should really be GET / POST variables passing between screens so that the user can use several browser windows to work with your application (if you do not want it).

+5
source share

DO NOT put user interface objects in a session .

Other than that, I would say that this is changing. too much in a session can slow you down if you are not using a session in the process because you are going to serialize a lot + provider speed. The cache and session should be used carefully and carefully. Do not just set up a session because you can or are comfortable. Sit down and analyze if that makes sense.

+2
source share

Ideally, a session in ASP should store the least amount of data that you can get rid of. Saving a link to any object that stores system resources (in particular, connecting to a database) is a definable scalable killer. Also, storing unfixed data in a session variable is just a bad idea in most cases. Overall, it seems that the current implementation is abusively using session objects to try to simulate a stateful application in a supposedly stagnant environment.

Despite the fact that he is very slanderous, the ASP.NET control model automatically through hidden fields should really eliminate most of the need to store something in session variables.

My rule of thumb is that the more scalable (in terms of users / hits) an application should be, the less you can avoid using session state. However, there is a compromise. For web applications, where the user repeatedly accesses the same data and usually has a rather long session for each use of the site, some caching (if necessary, in session objects) can actually help scalability by reducing the load on the database server. The idea here is that it is much cheaper and less difficult to process the presentation level than the base database. Of course, with all things, this advice should be taken moderately and not applied in all situations, but for a fairly simple internal CRUD application, it should serve you well.

+1
source share

A very similar question was asked regarding early PHP sessions. Basically, sessions are a great place to store user data that you need to access multiple page loads. Sessions are NOT a great place to store links to a database connection; you are better off using some kind of software to pool pools or open / close your connection each time the page loads. As for caching data in a session, it depends on how the session data is stored, how much your security is needed and whether the data depends on the user. It would be better to use something else to cache data.

0
source share

Saving navigation tips in sessions is more difficult. The same user can open several windows, and then the changes will be distributed in a confusing way. Database connections do not have to be saved. ASP.NET supports connection pooling for you, no need to resort to your own witchcraft. If you need to cache things for short periods of time, and the size of the data set is relatively small, view ViewState as a possible option (by loading a larger amount per page size).

0
source share

A: Data that refers to only one user. IE: username, user id. The most object representing the user. Sometimes URL-related data (such as where to get someone) or a stack of error messages are useful for entering the session.

If you want to share the file between different users, use the application store or cache. They are far superior.

0
source share

Stephen,
Do you work for a company that starts with "I" that has a website that starts with "BC"? It sounds the same as what I did when I first started developing in .net (and was young and stupid) - I overwhelmed everything I could think of in a session and application. Needless to say, this was a double plus. In general, avoid the session as much as possible. Of course, objects that are not related to serialization (connections to the database, etc.) should not be stored there, but even large, serializable objects should not be there either. You just don't want the overhead.

0
source share

I will always store very little information in a session. Sessions use server memory resources, which is expensive. Saving too many values ​​in a session increases the load on the server, and as a result, site performance will decrease. When you use load balancing servers, using a session can run into problems. Therefore, I use minimal sessions or not, use cookies, if the information is not very important, use hidden fields and database sessions more.

0
source share

More articles:


All Articles