【发布时间】:2012-11-04 21:02:22
【问题描述】:
我有一个网站,我想使用 cookie 为所有用户(甚至是匿名用户)存储用户记录。然后我可以跟踪他们的行为并向他们展示相关内容,即使他们回来了。
我目前调用用户的方式是使用以下代码。当我测试它时效果很好,但我可以在日志/数据库中看到它有时会被垃圾邮件发送(同一个访问者会获得数百个匿名用户)。这段代码可能会出现严重错误,所以我很快就得到了很多用户。
谁能看到问题/解决方法?
public SystemUser SystemUser
{
get
{
if(!HttpContext.Current.Request.Browser.Cookies)
{
logger.Info("Users browser did not allow cookies (crawler?)");
return CreateEmptyUser();
}
var user = HttpContext.Current.Session[Constants.Sessions.LoginUser] as SystemUser;
if(user == null)
{
logger.Info("User was null - first page visit");
var httpCookie = HttpContext.Current.Request.Cookies[Constants.Cookies.AnonymousUser];
if (httpCookie == null || httpCookie.Value == string.Empty)
{
// totally new user - new anonymous user
var userFromId = SetupAnonymousUser();
logger.Info("We have a totally new visitor coming to our site. Userid: " + userFromId.UserId);
}
else
{
logger.Info("User has been here before, as the anonymous user cookie wasn't null");
// anonymousUser - has been there before
var anonymousUser = httpCookie.Value;
int userid;
int.TryParse(anonymousUser, out userid);
if(userid > 0)
{
logger.Info("Getting user from id: " + userid);
var userFromId = UserManager.GetUser(userid);
if(userFromId != null)
{
HttpContext.Current.Session[Constants.Sessions.LoginUser] = userFromId;
}
else
{
logger.Error("User has been here before, but couldnt find in database. Anonymous cookie deleted maybe?");
SetupAnonymousUser();
}
}
logger.Info("User has been there before: " + userid);
}
}
var initializedUser = HttpContext.Current.Session[Constants.Sessions.LoginUser] as SystemUser;
if(initializedUser != null)
{
return initializedUser;
}
else
{
logger.Info("Creating an empty user as initialized user was null");
return CreateEmptyUser();
}
}
set { HttpContext.Current.Session[Constants.Sessions.LoginUser] = value; }
}
还有我们的 SetupAnonymousUser():
private static SystemUser SetupAnonymousUser()
{
int userid = CreateAnonymousUser();
var newCookie = new HttpCookie(Constants.Cookies.AnonymousUser)
{
Value = userid.ToString(),
Expires = DateTime.Now.AddDays(365)
};
var userFromId = UserManager.GetUser(userid);
HttpContext.Current.Session[Constants.Sessions.LoginUser] = userFromId;
HttpContext.Current.Response.Cookies.Add(newCookie);
return userFromId;
}
编辑:
这是一些出错情况的日志:
2012-11-04 13:58:40,298 [7] INFO GKBusiness.Context.SystemContext [(null)] - User was null - first page visit
2012-11-04 13:58:40,313 [7] INFO GKBusiness.Context.SystemContext [(null)] - Anonymous user created - with user id GKBusiness.Data.SystemUser
2012-11-04 13:58:40,313 [7] INFO GKBusiness.Context.SystemContext [(null)] - We have a totally new visitor coming to our site. Userid: 4466
2012-11-04 13:58:40,391 [7] INFO GKBusiness.Context.SystemContext [(null)] - User was null - first page visit
2012-11-04 13:58:40,391 [7] INFO GKBusiness.Context.SystemContext [(null)] - Anonymous user created - with user id GKBusiness.Data.SystemUser
2012-11-04 13:58:40,391 [7] INFO GKBusiness.Context.SystemContext [(null)] - We have a totally new visitor coming to our site. Userid: 4467
【问题讨论】:
标签: c# asp.net debugging session cookies