Increase the expiry time on your cookie when you set it.

eg:

Response.Cookies("username")="John Doe"
Response.Cookies("username").Expires = Now() + 1

This will mean the cookie will expire one day after it is set.

Hello. Thanks a ton for taking the time to respond. I think we're on to something here. Do you know where or how I would incorporate this into the code? Thanks again,

Jason

Hey there. Bear in mind I'm an asp novice. But, well, I took common.asp, which is included in every page on the intranet, and I put this:

'If users code is empty then user is a Guest
ELSE
Response.cookies("Login")("userCode") = ""
Response.Cookies("Login")("userCode").Expires = Now() + 1
END IF

But it still redirects you to noentry.asp. I also have this on common.asp:
' set session timeout to 60 minutes
Session.Timeout = 60

But it's still redirecting the end-user to noentry.asp after a few minutes. So I'm still thinking it's probably in checklogin.asp, which is also included at the top of every page, somewhere in here, because that's the only place I redirect anyone to noentry.asp:
'Create a new recordsheet
Set rs_check = Server.CreateObject ("ADODB.RecordSet")

'Open the record sheet and execute SQL
rs_check.open strSQL,adoCon

If rs_check.EOF _
Or rs_check.BOF Then
Response.Redirect "noentry.asp"
Else
End If
%>

So I'm still working on it. I definitely appreciate you trying to help, and any additional suggestinos you might have if you come across this again. Thanks!

Jason

But it still redirects you to noentry.asp. I also have this on common.asp:
' set session timeout to 60 minutes
Session.Timeout = 60

Are you actually using session variables?

If you are, then you really should try and use cookies to persist a user's session.

If you're not using session variables then you should disable them in your asp page completely by putting this at the top of your asp pages...

<%@Page EnableSessionState="False" %>

Yes. Unfortunately, I'm using session variables. I've read like the 4guysfromrolla website, and I know it's bad to use session variables, but I'm too must of a novice ASP to know any better.

I mean, the way the site works, is that you start out at extranet/login.asp. That's where checklogin.asp and common.asp are, also. Once you put your username and password from the MS Access database in, it redirects you to the page of whatever company you're from. So if you're from USS, it redirects you to extranet/uss/uss.asp.

And at every page, the checklogin.asp and common.asp pages are included. If it would help, I can copy these pages in here, but that would be a lot of work for you to check all that out.

Anyway, thanks for taking the time to read this, and I appreciate you trying to help. Have a great day,

Jason

When you say they are "redirected to noentry.asp" what triggers that?

What triggers that is being idle too long on the intranet, without clicking any links. Common.asp and checklong.asp are the only files included in every asp page.

I could copy and paste the code in here if it'd help you. Once again, thank you for taking the time to look at my post, and reply.

Jason

I'm glad to help any way I can. I've fought and been fighting the same stuff so anything I've gleened I'm happy to pass on.

When you say that their being asked to login again is caused by being idle for too long, does that mean that when they try to go to a new page, it checks a session variable, and finding it expired sends them to login?

If that is the case, my suggestion would be to use cookies instead as a way to check for a valid user. The reason is that leaving sessions open for a long time can get to be messy, and cookies (to my experience) are actually a bit smaller in terms of overhead.

To do that, when they first login, set a cookie

response.cookie("validLogin") = "login"
response.cookie("validLogin").Expires = DATE + 1

The above should make a cookie that expires one day from creation. If you want a longer life for it, just increase the 1 to however many days you want.

Then when the "new page" checks to see if they are a valid user, have it check the cookie

if request.cookie("validLogin") = "login" then
'You are a valid user...Yay
else
'Oops, you aren't logged in, go do that
response.redirect "login.asp"
end if

Casey