URGENT: Time Session for my Internet Banking Project
I am doing a asp.net project on I-Banking and I need the codes for time session.. when I am logged in, if i am away from keyboard for 10 mins(the afk means, my mouse cursor doesn't move), it will pop up a time session, which will ask me if i want to continue logged in. if i choose yes i will still be logged in and the timer will start again if i afk again... if i choose No, i will be logged out.. if I am still afk and nvr choose an answer.. it will automatically log out in 1mins time.. i need the codes and explanation.. i don't mind either .net and javascript codes.. I need it urgently!!! my deadline is 2 days time..
Below is a link of a screenshot of what i wanted..
http://img301.imageshack.us/img301/5272/sessionin7.jpg
Below are the codes that i use, it only just come out the pop up ONCE.. and I think even i move my mouse it stilll will pop up.. and it doesn't have the 1min auto logout if i am still afk and didn't give an answer.. please help me edit or give me a new sets of codes...
var elapsedTime = 0; // set to the Session.Timeout value to notify users // one minute after their Session times out. var maxTime = (<%=Session.Timeout%> + 1) * 10; var oneSecond;oneSecond = window.setTimeout(
"timeoutCheck();",10); function timeoutCheck() {elapsedTime = elapsedTime + 1;
if (elapsedTime > maxTime) { var answer = confirm ("Please click on OK to continue logged in or click CANCEL to be logged out.") if (!answer)window.location =
"Default2.aspx";}
else {oneSecond = window.setTimeout(
"timeoutCheck();",10);}
}
Tsuki O Miru Tabi Omoidaze
Answers
- Hey, Sorry for being late. Ok, I'll describe more details about that issue. Confirm function in javascript just holds on all the methods and everything in the scripts. so, if the confirm message is shown, any other script is paused. that's why you cannot add any code after it. In this case you have to depend more on the HTML. you can write all you html code in the page in a div and give that div and id, example:
<div id="mainDiv"> <!-- Write controls here--> </div> write another div that represents the confirmation message with the following code:
<div id="confirmationDiv" style="display: none"> Please click on OK to continue logged in or click CANCEL to be logged out. <br /> <input id="btnYes" type="button" value="Yes" onclick="continueLoggedIn()" /> <input id="btnNo" type="button" value="No" onclick="showLoggedIn()" /> </div> now let's go to the script section. Write the following script:
var elapsedTime = 0; // set to the Session.Timeout value to notify users // one minute after their Session times out. var elapsedTime = 0; //just i got the real session timeout and get the seconds of it. you can add a fixed number or add any amount of time to the time out (timeout + x) var maxTime = (Number('<%=Session.Timeout%>')) * 60; var oneSecond; oneSecond = window.setTimeout("timeoutCheck();", 1000); //to call the function every 1 second function timeoutCheck() { elapsedTime = elapsedTime + 1; if (elapsedTime > maxTime) { //show the confirmation message showConfirmation(); //wait 10 seconds and then logout and goto login page window.setTimeout("logout()", 10000); } else//that else is missing { //call the method again if the time is not elapsed, that will fix that the message appears only ONCE. oneSecond = window.setTimeout("timeoutCheck();", 1000); } } //bracket missing //to log out function logout() { window.location = "login.aspx"; } //to show the confirmation message function showConfirmation() { //show the confirmation message document.getElementById("confirmationDiv").style.display = ""; //Hide the main div of the page document.getElementById("mainDiv").style.display = "none"; } //to continue logged in the page function continueLoggedIn() { elapsedTime = 0; //reset the elapsed time oneSecond = window.setTimeout("timeoutCheck();", 1000); //hide the confirmation div document.getElementById("confirmationDiv").style.display = "none"; //show the main div of the page that has all other controlss document.getElementById("mainDiv").style.display = ""; } //To go to the loging page function showLoggedIn() { window.location = "login.aspx"; } That's the workaround the messages of the javascript like alert and confirm. Also, it's not recommeneded from the user experience to show messages from alert, confirm ,...etc. This way is preferable. Also you can show these messages in a more fancy way like using Ajax Control Toolkit and it's very easy to work with. Check that page for Ajax Control Toolkit. Also you can wath the confirmation sample Here.
wish you the best of luck in your project. If you need help don't hesitate to ask.
Khaled Moawad --- http://kholyos.blogspot.com- Proposed As Answer byKhaled Moawad Wednesday, January 28, 2009 2:45 PM
- Marked As Answer byLingzhi SunMSFT, ModeratorMonday, February 02, 2009 1:11 AM
All Replies
- Your implementation for Session time out is based on Session Timeout which is a fixed number doesn't detect that user is inactive. Also, that implementation should be on the server side because the client cannot check for session state without refreshing the page (which is page is reloaded from the server). All you can do at client side is to display a message for the user for an amount of time and relogin the user based on his answer.
at the code behind, add the following method (written in C#):
private bool isSessionExpired() { if (Context.Session != null && Session.IsNewSession) { string cookieHeader = Request.Headers["Cookie"]; if (cookieHeader != null && cookieHeader.IndexOf("ASP.NET_SessionId") > -1) { return true; } } return false; } Also at Page_Load add the following:
if (!IsPostBack)
{
Session["ExpirationCheck"] = true;
}
that is because session will not expire without putting something in the session.Also at the web.config, you should add session state tag under <system.web> tag, example:
<sessionState mode="InProc" timeout="1" />
in the client side, all you are doing is to display a message for the user each amount of time if the user didn't refresh the page or doing any server side calls for that time. to do that, add your written script but i have some fixes for your script, check the following (I've added the changes in the code and add the comments):
var elapsedTime = 0; // set to the Session.Timeout value to notify users // one minute after their Session times out. //just i got the real session timeout and get the seconds of it. you can add a fixed number or add any amount of time to the time out (timeout + x) var maxTime = (Number('<%=Session.Timeout%>')) * 60; var oneSecond; oneSecond = window.setTimeout("timeoutCheck();", 1000); //to call the function every 1 second function timeoutCheck() { elapsedTime = elapsedTime + 1; if (elapsedTime > maxTime) { var answer = confirm("Please click on OK to continue logged in or click CANCEL to be logged out."); if (!answer) { window.location = "looping.aspx"; } else { elapsedTime = 0; //reset the elapsed time because the user is active, so recheck after the timeout again //also for security it's better to refresh the page here oneSecond = window.setTimeout("timeoutCheck();", 1000); } } else//that else is missing { //call the method again if the time is not elapsed, that will fix that the message appears only ONCE. oneSecond = window.setTimeout("timeoutCheck();", 1000); } }//bracket missing Enjoy! and good luck.
Khaled Moawad --- http://kholyos.blogspot.com Hi thx u very much for the reply..
I placed yur codes at the respective places u told me to do.. yes when i click yes, i afk for another 1min the pop up shows again. i continue to afk, when there is a pop up but it stills doesn't auto log out for me. what i want is when the pop up asking me for yes or no, but if i nvr reply.. it will auto logout for me after 1 min, which also means it go to my login.aspx.. I tried editing the codes by adding a function right after the pop up to do a time session for the pop up but it still doesn't work.. Hey Mr Khaled Moawad , I will appreciate if u can reedit my javascript codes again.. thank you once again!
I assume that this codes must be placed at all of my .aspx except my login page...
Private
Function isSessionExpired() As Boolean If Context.Session IsNot Nothing AndAlso Session.IsNewSession Then Dim cookieHeader As String = Request.Headers("Cookie") If cookieHeader IsNot Nothing AndAlso cookieHeader.IndexOf("ASP.NET_SessionId") > -1 Then Return True End If End If Return False End Functionthen i assume that all my .aspx load i have to put this codes..
Dim
DB As New DBControllerDB.isSessionExpired()
If Not IsPostBack Then
Session("ExpirationCheck") = True
End If
Tsuki O Miru Tabi Omoidaze- Hey, Sorry for being late. Ok, I'll describe more details about that issue. Confirm function in javascript just holds on all the methods and everything in the scripts. so, if the confirm message is shown, any other script is paused. that's why you cannot add any code after it. In this case you have to depend more on the HTML. you can write all you html code in the page in a div and give that div and id, example:
<div id="mainDiv"> <!-- Write controls here--> </div> write another div that represents the confirmation message with the following code:
<div id="confirmationDiv" style="display: none"> Please click on OK to continue logged in or click CANCEL to be logged out. <br /> <input id="btnYes" type="button" value="Yes" onclick="continueLoggedIn()" /> <input id="btnNo" type="button" value="No" onclick="showLoggedIn()" /> </div> now let's go to the script section. Write the following script:
var elapsedTime = 0; // set to the Session.Timeout value to notify users // one minute after their Session times out. var elapsedTime = 0; //just i got the real session timeout and get the seconds of it. you can add a fixed number or add any amount of time to the time out (timeout + x) var maxTime = (Number('<%=Session.Timeout%>')) * 60; var oneSecond; oneSecond = window.setTimeout("timeoutCheck();", 1000); //to call the function every 1 second function timeoutCheck() { elapsedTime = elapsedTime + 1; if (elapsedTime > maxTime) { //show the confirmation message showConfirmation(); //wait 10 seconds and then logout and goto login page window.setTimeout("logout()", 10000); } else//that else is missing { //call the method again if the time is not elapsed, that will fix that the message appears only ONCE. oneSecond = window.setTimeout("timeoutCheck();", 1000); } } //bracket missing //to log out function logout() { window.location = "login.aspx"; } //to show the confirmation message function showConfirmation() { //show the confirmation message document.getElementById("confirmationDiv").style.display = ""; //Hide the main div of the page document.getElementById("mainDiv").style.display = "none"; } //to continue logged in the page function continueLoggedIn() { elapsedTime = 0; //reset the elapsed time oneSecond = window.setTimeout("timeoutCheck();", 1000); //hide the confirmation div document.getElementById("confirmationDiv").style.display = "none"; //show the main div of the page that has all other controlss document.getElementById("mainDiv").style.display = ""; } //To go to the loging page function showLoggedIn() { window.location = "login.aspx"; } That's the workaround the messages of the javascript like alert and confirm. Also, it's not recommeneded from the user experience to show messages from alert, confirm ,...etc. This way is preferable. Also you can show these messages in a more fancy way like using Ajax Control Toolkit and it's very easy to work with. Check that page for Ajax Control Toolkit. Also you can wath the confirmation sample Here.
wish you the best of luck in your project. If you need help don't hesitate to ask.
Khaled Moawad --- http://kholyos.blogspot.com- Proposed As Answer byKhaled Moawad Wednesday, January 28, 2009 2:45 PM
- Marked As Answer byLingzhi SunMSFT, ModeratorMonday, February 02, 2009 1:11 AM
- Did you make it work ? I am trying to do the same thing.
Let me know please
