crossing of session varaibles

Question

User351619809 posted

Hi Everyone,

I have this web application in asp.net 2010. Recently, users are having issues with crossing out the sessions so one user(user 1) is
logged in to the application and seeing the results in gridview by putting some parameters and the other user(user 2) who is logged in at the same time and seeing the
results in the gridview by inputting his parameters, his parameters are totally different than the parameters of user 1, User 1 sees the results in his gridview for the parameter that is entered by the second user parameter that is entered by the user 2. Somehow there sessions are crossed. Below is the e.g.

User 1 inputs date parameters   From date  02/11/2010  to Date  03/12/2011, activity Type : Test1

User 2 Inputs date parameters  From Date  06/12/2014  to date 05/11/2015, Activity Type : Test2

now user 2 is seeing the results that are returned by user 1.

Some one told me that this can happen when the sessions are not abondeded properly. I am abonding the seesions at log ogg , but not when the user presses the cross button at the to and doe not log off. Is there any way, I can eliminate this situation.

any help will be greatly appreciated.

Answer 1

User465171450 posted

Are you using any static variables or methods?

Answer 2

User475983607 posted

This is commonly due to static variables. 

Some one told me that this can happen when the sessions are not abondeded properly. I am abonding the seesions at log ogg , but not when the user presses the cross button at the to and doe not log off. Is there any way, I can eliminate this situation.

That's a far pretty far stretch due to how session works.

Answer 3

User-219423983 posted

Hi anjaliagarwal5@yahoo.com,

You could first check whether your function that shows the data to users is a static function, because a static member is callable on a class even when no instance of the class has been created. The static member is always accessed by the class name, not the instance name. Only one copy of a static member exists, regardless of how many instances of the class are created. For more things, you could take a look at the following link.

https://msdn.microsoft.com/en-us/library/79b3xss3.aspx

If the function is not a static function, you could take a look at the following article that discusses the issue about “Session Crossed or Mixed up” and it provides a solution.

http://lionsden.co.il/codeden/?p=446

Or you could check whether the response header is “Cache-Control: private”, if not, you could refer to the following link to set it back and then have a try.

https://www.iis.net/configreference/system.webserver/staticcontent/clientcache

I hope it’s useful to you.

Best Regard,

Weibo Zhang

Answer 4

User351619809 posted

I don't see any static variables in my application, but I am using Telerik controls. Could that be the reason?

Answer 5

User475983607 posted

but I am using Telerik controls. Could that be the reason?

Doubtful, but that's a question for Telerik support.

The usual culprit is a static field inside of a class.   It is possible to steal another user's session but that take a bit of purposeful coding.  Have you tried searching the entire solution (ctrl-shift-f) for the word static (C#) or shared (VB)?

Answer 6

User351619809 posted

one more thing, I noticed is it is happening when I exporting that gridview data to Excel.

Answer 7

User-219423983 posted

Hi anjaliagarwal5@yahoo.com,

Have you done a search on the whole solution as mgebhard suggested you above?  Does your project have the static function? If not, you could have a try to set some different variables instead of the Session to check whether the logic of getting data is right. Then you could show the Session Values to check whether the Session is different for different user. After that, you should take care of the point of setting the value to session and validate whether it sets the same value all the time. Or, you could provide the code about how to get the data for binding to GridView and how to set values to the Session variables.

I hope it’s useful to you.

Best Regards,

Weibo Zhang

Answer 8

User351619809 posted

I did the whole solution search and could not find any static variable, but I will try other options suggested above and will let you know what happens.