When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
Related Web Technologies
User Tips!
Coding Tips

Sample Chapters
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Stump the SQL Guru!
XML Info
Author an Article
Print this page.
Published: Monday, May 10, 1999

Cookie Monster: Using Cookies in ASP
By Ian Stallings

First let's start by clearing up exactly what cookies are and what they do. Cookies are small text files placed on the client machine by the host to store information.

- continued -

There are a wide variety of things you can do with cookies. On one of the stock market related websites I work with, we use cookies to store personalized info based on the users preferences. Basically what the cookie does is it specifies who the user is, what stocks they have in their portfolio, and a variety of other data. This information isn't stored directly in the cookie, but instead the cookie points to the appropriate place in the database to retrieve the data.

So anyways, on to the code. The first thing we need to think of is exactly what data will need to be stored in the cookie. In this case we will use info submitted by the user via this form:

  <form action="cookie.asp" method="post">
       <input type="text" name="name" size="20">
       <input type="submit" value="submit">

Now let's get to the fun part, setting the cookie info. You can use the following code to set the cookie value on the clients machine:

Response.buffer = True
' first we put the data from the form into a variable
name = Request.Form("name")

'then we can set the cookie value using this:
Response.Cookies("name") = name
Ok, so now the cookie is set and we need to retrieve the info. You can use this to retrive the cookie data:

' first we retrive the data and set it to a variable
name = Request.Cookies("name")

' then we post it to the website
Response.Write (name)
And it's that easy. But wait, there is more. There are a few properties that you can set using cookies.

The first property is the Domain property. This is the domain that the cookie originated from. The cookie can only be read by the domain it originated from. It is set by default to the domain in which it was created, but you can alter it for your needs. You can set it using this:

Response.Cookies("name").Domain = "www.cookiemonster.com"

The next important property is the Expires property. This specifies the date the cookie should expire. If it is set to a past date then it will expire when the browser is closed.

When setting the date it can be set a couple of ways. You can use the current date and add or subtract days like so:

Response.Cookies("name").Expires = Date + 365

Or you can set it to a specific date like this:

Response.Cookies("name").Expires = #January 01, 1999#

The Path property is the next important property when using cookies. This specifies in more detail the exact path on the domain that can use the cookie. For example, this would set the path that can retrieve the cookie info:

Response.Cookies("name").Path = "/this/is/the/path"

The last property of the cookies object is the Secure property. If set, the cookie will only be set if the browser is using secure sockets or https:// to connect. You can set it like so:

Response.Cookies("name").Secure = True

* as a note, this doesn't mean the cookie is secure. It's just like every other cookie, just a text file.

Using a dictionary cookie
What is a dictionary cookie? Basically it's just a cookie that can hold several values. For instance lets say you wanted to gather the users first and last name and store them in one cookie.

You could use this:

Response.Cookies("name")("first") = "John"
Response.Cookies("name")("last") = "Smith"

This gives you the option of storing all your neccesary info in one cookie. There are limits on how much data you can put on a clients browser. Most browsers allow you to place 20 cookies per domain at a maximum of 4k each. For more info about what cookies can and can't do, visit www.cookiecentral.com.

So that basically wraps it up. Good luck in your cookie escapades and if you have any comments or questions feel free to contact me.

Ian Stallings is a 26 year old Software Engineer from the Washington DC area. He has experience in Internet/Intranet development using ASP, VB, Java, SQL Server, and IIS. Prior to devoting his career to application development he worked as a systems administrator at a small ISP.

When not developing applications or tinkering with computers, he masquerades as a normal human being

ASP.NET [1.x] [2.0] | ASPFAQs.com | Advertise | Feedback | Author an Article