Understanding Session Variables

This section explains the concept of a session and session variables, and how they are used in RPGsp.

What Is a Session?

A user's session with your web application begins when they first launch the application in a web browser. Users are assigned a unique session ID that identifies them to your application.

The session ends when the browser window is closed, or when the user has not requested a page in a very long time.

Retrieving the Session ID

You can retrieve the current user's session ID by using the RPGsp function RPGspSessionID. The session ID is a 16 character string that is unique to each user. In the following example, the current user's session ID is retrieved into RPG field sID:

What Are Session Variables?

Session variables are special variables that exist only while the user's session with your application is active. Session variables are specific to each visitor to your site. They are used to store user-specific information that needs to be accessed by multiple pages in a web application.

In browser applications, each request for a page is completely independent of earlier requests.  If you want subsequent pages to remember things like a user id that was entered on the sign-on page, you can store it in a session variable to be retrieved later.  The concept of session variables is similar to the LDA in traditional RPG development.  Once the user has logged off, all session variables are gone.

Session variables are commonly used to store information such as user preferences and privileges. Another advantage of using session variables is that the values are not shown in the query string. For this reason, session variables are commonly used to store sensitive information such as the current user id and password.

When the session ends, either from the user closing the browser or due to a time-out, the session variables are cleared.

Saving and Accessing Session Variables

You can save a value to a session variable using the RPGsp function RPGspSave. This function allows you to store either a literal value or the value of an RPG field in a session variable. The variable will exist as long as the user's session is active.

In the following example, the value of RPG field CurUser is stored in a session variable named USER:

 

You can retrieve the value of a session variable using the RPGsp function RPGspIn. If you need to retrieve the value into a numeric RPG or database field, you can use RPGspInVal.

In the following example, the value of a session variable named USER is retrieved into RPG field CurUser:

 

RPGsp provides two storage methods for saving and accessing session variables:

Method 1 (Session Cookies)

This is the default method that RPGsp will use for storing and retrieving session variables. The values are actually stored in special session cookies on the client. This method is faster than database storage, but has a limitation of 20 different session variable names and values. If your application uses more than 20 session variables, you should use the database storage method.

Please Note: If you create more than 20 session variables using this method, you will begin to overwrite your previously defined session variables.

Method 2 (Database Storage)

This method uses a database file on the iSeries for storing and retrieving session variables. With this method, there is no limitation on the number of session variables that you can use in your applications. To enable database storage for session variables:

The call to RPGspInitL should be made before any calls to RPGspIn or RPGspSave. The call only needs to be made once per page, and is coded like this:

Please note: If you choose to use database storage for session variables, make sure to call RPGspInitL in each page of your application. Session variables need to be stored in and retrieved from the same location by all pages in order to function properly.

 


Profound Logic Software, Inc.
www.ProfoundLogic.com
(937) 439-7925