What's the best way to inform a user if their session has expired? It seems like upon logging into the system, when the first variables are created I could create a session variable that just stores a number, and then at the top of every page check to see if that variable is empty or not, but I'm not sure. What's the best way to do this? And if that is the best way, do I just compare it to a string of ""? or null?
View Replieshow to find the session expired or not without using any session varaibles?
View Replies View Relatedhow we know that the session is expired in asp
Can someone teach me that :
1) how to disable refresh/back button?
-I mean that when the user click the refresh/back button, and the session
will expire automatically.
2) How we know that the session is expired in asp pages?
-How to prove that the pages is expired?
I have a count down and a body onload linked to a function that closes the connection on my main page to ensure no user will not leave the page without logout.The problem is that my main page opens several others which I´d ike to close as well after logout.Can I rely on If sessionID="" to close those windows?
View Replies View RelatedIs there any way of detecting whether a session variable does not exist because it expired or because it simply did not exist in the first place?
View Replies View RelatedI have a application which is a global login for other applications. Basically application A checks all the user login information and then lists all the applications B-Z that the user has access to.
I have a global.asa file in application A and individual global.asa files in applications B-Z. Applications B-Z are under the Application A directory. Can I have global.asa files in each of the application folders? Does the pages look for the closest global.asa file?
I have to keep track of user login time and logout tme for each application. The problem I run into is how do I record the user logout time when the session expires?
in asp i want to check if user inactive for 10 minutes..than i want to kill his session and display a page showing message into this page ..."your session has expired" .
View Replies View Relatedhow you deal with script timeouts caused by huge file
uploads. Lets say I have a script timeout of 2 minutes and the user
uploads a file which takes more than this ...
Whats the best way to inform the user about this issue rather than
throwing the script timeout error.What approaches do you use for this....
I have page for user to update his/her details. What i want is after idle for more than 20 mins, the page will redirect to login page automatically. So that the user knows that his/her session already expired and need to login again.
But it doesn't working. This is because if he/she update the details (after idle more than 20 mins), and click the Submit button, it will go to login page and all the data will be lost. Code:
When is Session_OnEnd event working , ive tried Abandon , Timeout still its
not working. will a session end , while closing the browser window ??
I am trying to create a user login page that once a user has been logged in there name will appear on all pages in the top right hand corner. This is what i have so far the user logins in through my user page and then this page loads up Code:
View Replies View RelatedI want to have different user sessions timeout at different time intervals. How can we make this possible in ASP with and without using database tables.
View Replies View RelatedIn our project, we have a situation where the administrator needs to 'force log off' a particular user under certain conditions. In other words, the admin user needs to have the ability to kill any other user's session.
Is this possible? By using the session properties, we can kill the current session (the current user's session) but is it possible (for the admin user) to kill some other user's session?
i have created a script that queries a database for a username and password, and if they are valid sets a session variable to TRUE and redirects to another page. the table which contains the user information is called "Users" with the fields "UID", "PWD", "FIRSTNAME", "LASTNAME", and "EMAIL". my question is, how can i set a session variable to use the FIRSTNAME record for the particular user that logs on? my code is below. I've already got a session variable to display the UID record in the BookingSysV1UserName session variable.
View Replies View RelatedI am looking for a good sample or if anyone can provide me a code that would allow a user to upload documents, and be able to get only the ones he/she has uploaded only (by their loging session).
However, I would also need the code to have an administrator look at all the users uploads. I think I can manage to create the file for the administrator. But I have no idea how to start the uploading one.
I've got an application which uses the Dreamweaver login script - which basically stores a username into a session variable if you login successfully. Then the other pages check the session variable to see if you're logged in. The problem is: I'm finding that a lot of users cannot log in because they can't access the session variable, or something like that. I suspect that it's due to them disabling cookies on their browser.
Does anyone know of a way to get round this? I know that online banking uses cookies, and they seem to have no trouble with that. Is it because they use SSL, and therefore the browser lets them through? Moving to a SSL space is something I would consider. We can't be sure what other software is on the user's machine either, and I think I may have had trouble with ZoneAlarm in the past too. What's the best way of getting round all this?
Is this a good idea, or do people use different approaches ? Believe there's a 20 minute time period for em which doesn't sound like what l need.
View Replies View RelatedHow can I give a user-defined object session scope? From
http://www.microsoft.com/windows200...asp/iiwaobu.htm
I gather that it can be done, but there are no examples. Simply setting
Set Session("tag") = new MyClass
doesn't work.
I am developing an ASP application where the user may spend large amounts of time manipulating data on a worksheet. An amount of time that will certainly exceed the security mandated session timeout intervel of 15 minutes.
So the user pushes save after the session has timed out and is thrown to the user login window -- all according to standards. How can I either detect the timeout before the submit or preserve the user entered data despite the redirect?
I'm new to using session cookies and need just a bit of help. On the introduction page to my project, I'm setting:
<%@ Language=VBScript %>
<%
response.cookies("user")="authenticated"
%>
Then, on subsequent pages, I'm checking for the cookie, and redirecting if it's not there:
<%@ Language=VBScript %>
<%
If NOT request.cookies("user") = "authenticated" Then
response.redirect "http://somepage"
End If
%>
What I need to do is incorporate an ignore element (by user-agent or IP) into where it checks for the cookie. For instance, if a user has an IP of 127.0.0.1, it ignores whether they have the cookie or not and lets them view the page.
The reason I'm doing this is I have a search engine that's crawling the site and it doesn't always go through the front page - therefore, it's getting redirected on most of the pages it sees. So what I'd like to do is have the script see that user-agent or IP, then ignore the cookie requirement.
Is that possible?
I have my system set-up, where by when a user accesses the cms, a time stamp is added to the database. So we can keep check of when people accessed the system.
The added benefit of my addition, is that a session timeout is usable based on the inputted timestamp the user logged in. I added this functionaility because the system could be idle for some time and if so set the session to equal nothing or similar.
However what would be a nice feature of the cms is the display of the current user.
Below is code I have inputted to give some idea of what I am doing
Session("ADID") = objRS("adminID")
objConn.Execute("UPDATE tblAdmin SET adminLastLogged=now() WHERE adminID=" & Session("ADID"))
Session.Timeout = 30 ' 30 = Minutes
SO does anyone know how I can retireve the adminUsername based on the session used when loggin into the system.
Having some problems updating a recordset, despite the fact that I've used the bulk of the code sucessfully in other projects. I seem to be able to add records no problem, but when I try to update them I get Code:
View Replies View RelatedHow do you get a web app to not show the 'page has expired...' error and
refresh and requery when you hit the back button after submitting a form? I
just want the old data to still be displayed in the form so the user can go
back, make a few changes, and submit again.
I checked knowledge base for this and I do not have "Do not save encrypted
pages to disk" checked and the user is running IE 6.0.2900.2180.xpsp_sp2_rtm.040803-2158 I am running server2003 and
IE 6.0.3790.0 update version 3283 and I don't have the problem.
I put this code in my asp page, trying to prevent the back button issue.
Response.Expires = -1
Response.ExpiresAbsolute = Now() - 2
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "private"
But nothing happens, the back page is loaded again.What can i do to add expired time to my pages.
I want to show users a custom "Page Expired" page when users go back to
the previous page by clicking the "Back" button of the browser (or when
he right-clicks anywhere on the current page & selects "Back" from the
menu). How do I do this?
I have a form that users fill in and the results are put into a DB by an asp script, this script will then redirect the users to another page where a receipt number is generated and displayed. How can I make the form expire after the user sends the information and the receipt is issued.
View Replies View RelatedAt the moment I am getting the following Expired Warning if a user logins into a secure page and attempts to press the 'back' button:
Warning: Page has Expired The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you.
To resubmit your information and view this Web page, click the Refresh button. Is there someway to gracefully stop this from happening...in other words.to re-display the login page? Also, what is causiing this? Session Variables?
Regarding the Internet Explorer message below:
"Warning: Page has Expired The page you requested was created using
information you submitted in a form. This page is no longer available.
As a security precaution, Internet Explorer does not automatically
resubmit your information for you.
To resubmit your information and view this Web page, click the Refresh
button. "
I'm developing an e-commerce site from scratch.
I've noticed on other e-commerce websites that use other development
tools such as php or probably "websphere" (java) that when clicking
the back button this message appears during a checkout process. This
is good because it reduces customer error in many ways.
I'm using ASP and response.redirect mostly. But, I've noticed that
even setting a page timeout to zero won't stop the caching of the
page. My customer, who just submitted a form, can just click the back
button and the cached page just comes up.
How do I create the error above with ASP?
I have a web pagewhich queries a db and displays information on the
subsequent page. On the subsequent page if I click back to previous page
(this is a button with javascript code on it), it takes me to the previous
page but the page says - "warning page expired".
When I am in my company
work environment, I dont get this page, it properly displays the information
on the previous page but when I go to the client site, it gives me the
problem All of us are on the same IE version and service packs. Could this
be a programming issue or a security issue.
How do you get a web app to not show the 'page has expired...' error and
refresh and requery when you hit the back button after submitting a form I
just want the old data to still be displayed in the form.
I checked knowledge base for this and I do not have "Do not save encrypted
pages to disk" checked and am running IE
6.0.2900.2180.xpsp_sp2_rtm.040803-2158.
When i pulling weekly report from the system which using ASP as programming language and SQL Server 2000 as database, an error pop up showing that "Timeout Expired". The report supposes in Microsoft Office Spreadsheet. I tried to query the same stored procedure using Microsoft Query Analyzer and it works. I am not sure what's wrong.
View Replies View RelatedWe have a web application where we want a user to be able to change his/her password if the password has expired but we are unable to do this with ASP at the moment because we can't log the user into the database without a valid password.
We do not want to store any "admin" user info to connect to the database to change the users password for security issues.Does anyone have any ideas of how we could go about doing this?
for security purposes how can i set the requested page to expired or is set to inactive, after a period of time.
View Replies View Related