ASP Primer: Sending a Response

By Joe Burns

ASP Primer:

Sending a Response

by Curtis Dicken


Use these bookmarks to jump around the tutorial:

[Response.Write: Talking to the User

[Response.Redirect: Moving the User Around]

[Response.Cookies: Memorizing Stuff About the User]

[What's Next?]


Response.Cookies: Memorizing Stuff About the User


Everyone loves cookies, right?


In web development cookies can be a very handy tool. Here's how cookies work:


Cookies, as you probably already know, are small files that are stored on the user's computer. They are used by web developers to store all sorts of basic information such as names, dates, preferences, ID numbers, etc.


By storing some basic information on the user's computer in the form of a cookie, a developer can have his web pages reference his own special cookie to retrieve information that would be incorporated into the site. For example, you could store a user's name in a cookie and display it on your pages each time the user visits. You could also store the date of the last visit and let the user know how long it has been since they last visited.



Even though you can store almost any information you want in a cookie, there are some things you should NEVER put there. Anything that could be considered sensitive personal information should never be stored in a cookie. Things like credit card numbers, social security numbers, government identification numbers or any other information that could be used illegally should be avoided.

Since cookies are stored directly on a user's machine, you have absolutely no control over the information that you store there once the user has left your site. If they are not protected by a firewall or their computer is otherwise compromised, any sensitive information that you store there in the form of a cookie could easily be stolen.


Now that you know what a cookie is all about, here's how it works:


<% Option Explicit %>

<% Response.Cookies("MyCookie") = Date( ) %>

<% Response.Cookies("MyCookie").Expires =

            DateAdd("m",6,Date( )) %>


Now let's break it down.


First, you will notice Response.Cookies in the first line after Option Explicit. This tells the server that you are sending a cookie to the user's browser. Next, you will see "MyCookie" in parentheses. This gives your cookie a unique name. Always be sure to give your cookie as unique of a name as possible. If you don't pick a unique name it is possible for your cookie to be overwritten by another site's cookie of the same name if it happens to be on the same server as you. The last thing we do then is to set your the equal to a value which, in this case, is today's date. You can also store strings, integers or decimals here.


In the next line you will notice something a bit different. We have added .Expires to the Response.Cookies. This simply writes an expiration date directly into the cookie. By using an expiration date, the cookie is automatically deleted after x number of days, month or even years. If you don't give the cookie an expiration, the cookie is considered temporary and will only last as long as the user's session. Now, to set the expiration date we used one of those great little functions that I told you about earlier. We use the DateAdd( ) function to add six months to today's date and make that the expiration. How's that for easy?


What about storing more than one value in a cookie?


No problem. If you have more than one value to store in a cookie, your Response.Cookies will look like this:


<% Response.Cookies("MyCookie")("last_visit") =

            Date( ) %>


By adding ("last_visit") you have given the value you are storing its own unique name within the cookie. This way you can store as many different pieces of information in the cookie as you like because they all will have a unique name. Keep in mind, though, cookies are not intended to be a miniature database on a user's computer. The more information that you store in the cookie, the more information that has to be passed back and forth between the user and the server. This can significantly slow down your application's processing speed, not to mention the information stored in cookies is by no means safe and secure.


Now, there is one other item that I want to show you:


<% Response.Cookies("MyCookie").Domain =

            "MyDomain.com" %>


This sets a value for you cookies that uniquely identifies it with your domain name. It makes it much less likely for your cookie to accidentally be overwritten by another site on your server since it is uniquely identified with your domain.


I promised you a practical example in each installment of this series. Well, this particular practical example will be in two parts. The first part takes all of the examples above and combines them:


<% Option Explicit %>


<% Response.Cookies("MyCookie")("last_visit")

            = Date( ) %>

<% Response.Cookies("MyCookie").Expires =

            DateAdd("m",6,Date( )) %>

<% Response.Cookies("MyCookie").Domain =

            "MyDomain.com" %>


If you make changes to the cookie name and domain name above you will be able to plug this in to your home page or any other page. You will have then created a cookie that stores the last date that the user visited your site.


In the next installment of this series we will show you how to retrieve that date and welcome the user back with the time elapsed since their last visit.



If you ever sell your computer be sure to always erase all cookies on your machine. Often cookies will store unique site ID numbers that give you automatic access to online accounts. By erasing all cookies you will eliminate the chance that someone will be able to access online information that you don't want them to see. Odds are the person that buys your computer would never stumble across the same sites where you have an account or do anything harmful if they did, but you never know.

<< Previous | Next >>

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.
Thanks for your registration, follow us on our social networks to keep up-to-date