F
fizbang
We had a problem where people were getting each other's session
variables. I'd set session("id")=502 for user A and then when user B
would log on, set their's to session("id")=503. Each time the user
would click, the session variables would get swapped. I know this is
impossible. The fix was to copy everything to a new directory and
create a new application pool on the web server. We still don't know
what precisely went wrong.
My co-worker found a link we had pointing to the ap is something like
https://www.test.edu/test/(cry5bg45likr14q4rmrvwv55)/test1.aspx
Notice that it already has a cookieless session state variable in it.
So this was on a webpage that we had no control over in a link like <a
href="https://www.test.edu/test/(cry5bg45likr14q4rmrvwv55)/test1.aspx">ap</a>.
Not even on our site.
Could this be the cause of everyone getting the same session? And so
the variables were swapped?
variables. I'd set session("id")=502 for user A and then when user B
would log on, set their's to session("id")=503. Each time the user
would click, the session variables would get swapped. I know this is
impossible. The fix was to copy everything to a new directory and
create a new application pool on the web server. We still don't know
what precisely went wrong.
My co-worker found a link we had pointing to the ap is something like
https://www.test.edu/test/(cry5bg45likr14q4rmrvwv55)/test1.aspx
Notice that it already has a cookieless session state variable in it.
So this was on a webpage that we had no control over in a link like <a
href="https://www.test.edu/test/(cry5bg45likr14q4rmrvwv55)/test1.aspx">ap</a>.
Not even on our site.
Could this be the cause of everyone getting the same session? And so
the variables were swapped?