Like most of our topics, I'm covering this one due to user demand for it. If you've been to any one of a few dozen ASP-based sites recently, you've probably seen an example of the script we've going to cover in this article.  It's the little line at the top of these pages saying something like "There are 28 users currently on this site!" It's sort of cute and it gives you an idea of how many people are using the site.  I've even seen one go so far as to show you a list of where people are on the site.  While it's not something that we've chosen to implement, there seems to be enough interest that we thought we should address it.  Normally I'd cover a topic like this in a sample, but since the bulk of this code needs to go into your global.asa file, I thought I should probably give a more in depth explanation.

What are we counting?

It seems to be a silly question.  After all, we just said we were going to count active users.  Well what exactly is an active user? A connection using HTTP (the protocol of the web) isn't like other connections.  FTP, Telnet, E-mail, and most other types of connections are started when a user first visits and ended when the user leaves.  HTTP doesn't work this way.  The connection is made, the request for the page is sent, and the connection is dropped.  This makes getting the number of people currently "on" a site rather difficult.  You don't have a connection to everyone so you can't simply count them.  You also have no way of telling if they're going to come back and request another page or not until they do or until you decide you've waited long enough that they aren't going to!

Here comes ASP with a solution!

The Session object.  All the Session Object does is provide us with a temporary storage area on the server for each user.  It keeps track of which user belongs to which storage area by using cookies.  These cookies never have their expiration property set and as a result, expire as soon as you close your browser.  Unfortunately, because the Session object relies on cookies, if a visitor's browser doesn't support them or has them turned off, each request is looked upon as a new session and can cause problems for a site which uses a lot of Session objects or does a lot of processing in Session_OnStart.  It also causes a script like this to count every hit as a session! This is the main reason we don't like this script too much and haven't used it. The good news is, that for the most part, the fear associated with cookies has been somewhat lessened through user education and the number of users who go out of their way to turn cookies off has decreased significantly.

ASA, I thought they were ASPs!

This brings our discussion to a very special file in your web project: global.asa.  Global.asa is the file that defines a web application.  It contains special scripts called event handlers.  There are four such scripts possible with the current version of ASP.  These are Application_OnStart, Session_OnStart, Session_OnEnd, and Application_OnEnd.  The Application_OnStart script is called when you first start the web application by requesting the first .asp file from it.  The Application_OnEnd occurs when you shut down the web server (but may not be called if the server freezes up or loses power).  As you might expect by now, Session_OnStart occurs when a user requests their first ASP page.  But when does Session_OnEnd run?  The OnEnd event runs when the session ends which can occur in a couple different ways.  The first one is you can call the Abandon method of the Session object which will kill the session immediately.  The second is yo