What whould be the best way to prevent multiple users on a page?
For example if a user is at the page "Home.aspx", no other users should be allowed to go there.
I'm using asp.net on the server and the js-frameword jQuery on the client side.
+2
A:
Not sure why you would want to do this because it flies in the face of web usability. You could do a locking mechanism on each page in server side code (write user name, page and time to a DB), which is freed up when they go to another page. You would then check on a the page load event to find out if anyone currently has that page locked. However, and this is a big however - have you considered what happens if somebody just shuts their browser down or walks off and leaves it on a page. You would need to seriously consider a timeout to free up locks too. That would need to be a back ground service, either in global.asax as global code or a separate process.
Paul Hadfield
2010-08-28 08:52:14
A:
You might want to phrase your question a bit better since i can't for the life of me figure out why anyone would want to do that. How many pages have you got?
Or do you mean that you want a custom view for each user when they access a page?
Doozer1979
2010-08-28 08:52:28
Lack of justification in a question does not necessarily mean that question is badly phrased.
Franci Penov
2010-08-28 09:03:03
This should be a comment, not an answer.
Guffa
2010-08-28 09:38:30
Why is my motive with this important? But I can tell you that it is a edit page that a user sits on for a long time and if another user in the same account starts to edit it at the same time, som wierd thing will take place (in the users view, as multiple users are working on the same project).
Andreas
2010-08-28 17:07:42
A:
Maybe use static variables to hold the ip of the first user to access the page and then check whether other requests come from the same ip, otherwise display a "no access" page.
make sure you use lock it:
Object thisLock = new Object();
lock (thisLock)
{
// access static variables
}
You should also use "Session_End" method in global.asax to remove the ip address in case the user leaves your website without pressing the logout button
Mouhannad
2010-08-28 08:53:43
This assumes all requests are processed by one process on the same server. This is quite often an invalid assumption on production servers.
Franci Penov
2010-08-28 08:57:18
you are right, but i think in this instance i can assume that he doesn't have a server with multiple processors. if he indeed has then i would suggest to store the ip in a textfile on the server side - i personally wouldn't use a db for such a task (again, im assuming he doesn't use a db)!!
Mouhannad
2010-08-28 09:18:37
+7
A:
The easy part is only allowing one user to access a page. You can for example store a session id in an application variable to keep track of who's on the page.
The hard part is to know when the user leaves the page. The HTTP protocol only handles requests, so the server only knows when a user enters the page. There is no concept of "being on" a page in the protocol.
You can use the onunload event in client code to catch when a user goes somewhere else, however this will not always work. If the user loses the internet connection, there is no way to communicate back to the server that the user leaves the page. If the browser or computer crashes, there will naturally be no onunload event.
You can keep requesting data from the server, by for example reloading an image on the page. That way the server can know if the user is still on the page at certain intervals. However, if the user loses the internet connection, the server will think that the user has left, while the user thinks that he/she is still on the page.
Another problem is browser history and cache. A user might leave the page, then go back to the page again. You have to make sure that the page is not cached, or the browser will just use the cached page and the server has no idea that the user thinks that he/she is on the page again.
Guffa
2010-08-28 09:10:38
This was the way I was thinking about. The only thing I'm worried about is if the script stops working.. But if its a simple script with setTimeOut there should be no worries.
Andreas
2010-08-28 17:07:07
@Andreas: Even a simple script will fail to contact the server now and then, so you need a plan for handling that situation too.
Guffa
2010-08-28 18:17:32
Good point, better make the check against server a couple of more times than needed to make sure that it's able to contact the server in time.
Andreas
2010-08-29 13:31:08
+2
A:
Agreed with Guffa, you cannot be sure that the browser is already on the page or not, you can only check if the browser is already connected to that page or not.
You can do a sort of "ping", but its more a trick than a 100% working solution and it requires javascript enabled.
I didn't do it but I should look at XMLHTTPRequest and onreadystatechange to handle this :
1) On page load, the browser (client) initiate a XMLHTTPRequest with the web site (server) then wait for callback with the onreadystatechange event.
2) The web site receive the request and "mark" the page as "in use" with the current DateTime.Now.
3) Then the web site sends the response.
4) The onreadystatechange event get the response and the event code re-request the server to re-initiate the 2 after 1 min.
5) If another client request the page, the server check the DateTime mark : if the mark is greater than 1min ago, it means the client didnt respond to the request and may not be on the page again.
JoeBilly
2010-08-28 10:26:48