Preventing Concurrent Logins
I would like to prevent a user from logging in with their user/password combination on a different computer or even a different browser window, if they are already logged in. I have a login page, from which I use a DB check to verify user/password info. Also, I have a bit loggedIN field in the DB, which I use to see if they are currently logged in; if so, I prevent them from logging in a second time.
Unless they click the "Log Out" button, then the DB value does not get changed. Any suggestions as to how I can log them out, even if they simply close the browser window or jump to a different page?
View Replies
ADVERTISEMENT
I have an issue with handling concurrent users in asp page.
The server is win 2003.
Asp page calls a dll developed in vc++ for displaying reports from oracle database.
Application works fine for less than 10 users .but it fails with object cannot be intialized for more users.
I tested the same application in my m/c for load testing it supports 50 users without problem.
Iam wondering any settings at IIS or OS needs to be checked for supporting more users.
View Replies
View Related
I have 4 ASP pages where an user can update some fields and submit the page, so that the fields are updated in the Database(Sqlserver), I need to handle one situation.
1) At a time I need to allow only one user to update the details in a page.
2) I need to stop other users who are trying to access the same page concurrently(probably with a message or Redirecting to other page where he can see the details in a report format).
3) Session timeout in my application is 60, So if the first user leaves the page open for a long time , I think it would be a problem....the other session has to wait for a long time.
I have no choice in decreasing the session timeout interval.
Please suggest , How can I handle this in ASP.
View Replies
View Related
help me regarding the concurrent user for crystal report. im using asp classic. how can i prevent the concurrent error? and also stop the server from sending me an error report directly to my mail? the error is asp 0194.
this is related to concurrent users of crystal report upon reaching the limit. i would like to stop the sending or stop the error if ever so that i will not be recieving the error message.
View Replies
View Related
I'm trying to make my login page also insert into a seperate table a list of users when they login. The current code returns no errors but does not write to the table. It is still checking the user and password correctly but that's it. Any ideas? I'm sure it's something stupid but I can't see it. Also is there anyway to encrypt the login too? Code:
View Replies
View Related
I need to know how to validate a user and password that is in the MS SQL Logins. (Not a table)
View Replies
View Related
I have a problem with restricting multiple users to get access to my site with the same username and password.
I allready set up a table getting the UserID of the user and putting it in the table, therefore restricting access for future logins as long as the users Session is still valid.
Now to my problem. When the user logs out everything is great, but when he just closes IE the session is still valid and the field in the DB will not be deleted. I have put a SQL in the Sessoin_OnEnd in the global.asa file, but since this site is a micro site in another folder than the root, the global.asa can effect the main site aswell. And it will take at least 15 minutes before he can login again (and I do not want to set session.timeout any lower).
View Replies
View Related
I want to prevent multiple logins in my web application. For eg:If a user "userA" logs into the application,some other user with same userid "userA" should not be allowed to login as long as previously logged in "userA" is active.
Is there any solution? One method I thought was when user logs into application,
I set a flag in table.If user logs out of application from the logout button explicitly provided in application, I reset the flag for that userid.But if user closes the application from browser(close) , I am unable to find a way to reset a flag.
View Replies
View Related
I need to display the # of online users on my system, as well as the 10 users that last logged in at that moment....How would I do this? Im sorry if question is vague but I've never done this before and I've no idea how to do it. Will I be needing an application variable? Do I have to use it on a global.asa file?
View Replies
View Related
Im trying to detect multiple logins...
Im using a application object in my global.asa, for some reason it doesnt seem to work. here is my code
<script language="vbscript" runat="server">
Sub Session_OnStart
Session("LoggedIn")=0
End Sub
sub Application_OnStart()
Application("Logged")=1
End sub
</script>
In my pages if i print the Application("Logged") value, it does not show....
View Replies
View Related
I would like to create an auto-lock out module where users are unable to continue login attempt after 3-5 unsuccessful logins. In addition, the user account are automatically suspended after stipulated unsuccessful logins. Is there any sample coding in ASP or Javascript for me to refer to??
View Replies
View Related
I just wanted to share it with you guys and ask your opinions. Code:
View Replies
View Related
I'm using if for when the user deletes a record from the database. People using the website try and delete more than one record at a t time by placing commas between the IDnumber ie. 1,2,5,9 etc.
This creates an error. So instead of this error appearing, how can I get a small alert box telling hte user he/or she has entered the wrong data type?
The code for the form is :-
View Replies
View Related
Is there a script that change email adrdresses to prevent SPAM.
ex: ticul@myprovider.com
I want it to appear like this on my webpage ticul@xxxxxxx.com or something that look like this
View Replies
View Related
In ASP classic pages,I want to know if it's possible to prevent
session variables from becoming zero length strings? I have tried
setting the Session.Timeout to a large value, but alwas, after 20
minutes, my session variable times out. I also tried setting the
session timeout in IIS manager to a high value, but this did no good
either.I just want to allow one particular session variable to last a long
time.
View Replies
View Related
I have a permission tracking app that I am working on, and I have made the insert page for it. I am having issues on how to prevent duplicates from getting entered.
Currently the interface for the app has a mixture of select boxes, list boxes and checkboxes. The form submits the page to processAIMR.asp and then does the inserting. I am using a loop to insert a new record for each checkbox checked or listbox entry selected. Code:
View Replies
View Related
Does anyone know how to prevent the browser from automatically adding the password to a form after a user name is entered? I need to be able to over ride the brower setting so turning off the option in IE is not really a solution.
View Replies
View Related
I have a form that sends info to a preview page, then to a thank you page. The thank you page gets the data passed from the rpeview page and sends an email.
How can I prevent the user from refreshing the page, so it doesn't send the email again.
View Replies
View Related
For instance here's a simple select statement Code:
("SELECT a, b,c d, e, f FROM Table WHERE a = "&CInt(j)&" and c= 0")
j is a dimmed variable which is a and it's numeric. Is the above protected against any non numeric instances? Like j=2,345..i've tested this and it works i'm just trying to see if i've covered all my tracks.
View Replies
View Related
How do people go about preventing the user from submitting a form for a 2nd time? For example, the user submits a form, clicks on the back button, and the submits the form again. I have used various techniques in the past (depending on circumstances) but I'd be interested in the techniques you guys currently use.
View Replies
View Related
Is there a way in ASP to prevent including the same file more than once?
Example:
dbutil.asp needs constants.asp, so I include constants.asp inside dbutil.asp.
transact.asp also needs constants.asp, so I include constants.asp inside transact.asp.
transact.asp doesn't need stuff in dbutil.asp, and dbutil.asp doesn't need stuff in transact.asp.
Then later I might have a main.asp that needs both dbutil.asp and transact.asp. So I include them both. However, the constants.asp will be found to be included twice!
What can I do to creatively prevent multiple inclusion of the same file in ASP? I know how to do it in C and C++, but I can't apply that to ASP, it seems.
View Replies
View Related
I have created an Intranet in my office using ASP (of course). Within it is a booking system, allowing booking of conference rooms, digital camera and other equipment. It works perfectly...almost, as there is no way to prevent double bookings.
I really don't know where to begin with this one. All bookings go to an Access DB, into a single table. The bookings have a start time and an end time (24hr).
I would like it so that when the user submits the form, if there is a clash in times instead of saying, thanks for your booking, to redirect them back to the booking page saying there is already a booking for this time and that I am very sorry!
I guess I have to check some value in access and return the info back to the webpage before it chooses where to redirect the user.
View Replies
View Related
I am developing a Simple ASP Website with a login page. I want to
know how can I change Session ID after login and also Close the current
Session after User closes the Window or gets logged out of the Website. So
that every time user logs in into the website, Session ID will be unique.
View Replies
View Related
My client received an email from a user who mentioned that by accident they had been typing (over the querystring I guess), and the url had become:
default.asp?pageid='asd
They then received a SQL Server error message.
My client contacted their webhost, who came back to them promptly and talked of 'SQL Injection', they said that we would need to secure the code as well as the permissions on the database(which I believe they have done)..
This is something I had over looked, and started to write a fix for a couple of nights ago...but I dont think its 100%....
Basically I now do this at the top of my default.asp page ...
View Replies
View Related
How do test my web application for concurrent users (how much concurent user connect at a time and how traffice will be affected and what will the response time?) and how it is done, how long it will takes, does it interfere with current site, etc.?
Reagarding the number of users the site will accomodate is it based on where it's hosted
Application written in ASP/Sql Server. Code:
View Replies
View Related
I've seen plenty of articles and utilities for preventing form injections for ASP.NET, but not too much for classic ASP. Are there any good input validation scripts that you use to avoid form injection attacks? I'm looking for good routines I can reuse on all of my form processing pages.
View Replies
View Related
We have 2 domains for internal purposes: one for users (have to login
and domain has SSL) and another for sponsors (have to login and domain
does NOT have SSL).
Now when a user logs in and there are pages that have info from the
sponsors domain, users are asked to login again with a warning message
saying if they want to see secure and nonsecure information. How can
I bypass the second login? Is there something I can do in active
directory, IIS, or ASP to not have the second login appear?
View Replies
View Related
How can I prevent this from happening? For example when the asp
application works in a public terminal where we don't want successive
users to know the login password and user name of the previous ones?
View Replies
View Related
SSL cert on our site is for www.mydomain.com.
When you enter our site with just mydomain.com (without the www) and then proceed to a section of the site that is https, the user receives a cert warning since mydomain.com doesn't match up with www.mydomain.com.
What is the easiest way to globally and seamlessly redirect users from mydomain.com to www.mydomain.com to prevent this? The site has about 3000 pages so changing every page with request_querystring isn't really an option.
It would be great if it would work off of child pages too, i.e., mydomain.com/somepage.asp would also redirect to www.mydomain.com/somepage.asp.
View Replies
View Related