Session Timeout pt deux

  • Thread starter Thread starter SilentCry
  • Start date Start date
S

SilentCry

as a follow up to my original question from a couple weeks back, i did
figure this out. turned out to be pretty easy once i figured out i needed to
use the xmlhttp request object.

in the Page_Load code behind of main page..

Session.Add("SID", Session.SessionID);

int to = Session.Timeout;

// inserts client script below
Page.ClientScript.RegisterStartupScript(typeof(string), "Timeout",
script);

<script> function WarnUser()
{
alert("Your session will expire in 2 minute(s).\nClick OK to
continue your session.");
var xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
xmlhttp.open("POST", "SessionEnd.aspx", true);
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4)
{
// alert(xmlhttp.responseText);
if(xmlhttp.responseText == "")
{
window.location = "Error.aspx";
}
}
}
xmlhttp.send();
}
window.setInterval('WarnUser()', 1 * 60000);
</script>

code in SessionEnd.aspx (script only)..

<%@ Page Language="c#" AutoEventWireup="false" AspCompat="true" %>
<%
Response.ContentType = "text/plain";
Response.Write(Session["SID"] as string);
%>

doing it this way, i only redirect to a new page in the event the session
has timed out (Session["SID"] == null). otherwise i do nothing allowing the
page i was on to just redisplay through normal focus change keeping the data
filled in in place which is exactly what i wanted.
 
I have a couple notes...

1. Why do you need to put SessionID into Session? You only can get it using
Session object but why use Session["SID"] when you can use
Session.SessionID. Seems redundant.
2. I hope you aware that this line
var xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
will work only in IE. And fail in FireFox. You might have to come up with
better version that works in many browsers or if you using some Javascript
library like JQuery i would recomend do AJAX their way.



George.
 
George said:
I have a couple notes...

1. Why do you need to put SessionID into Session? You only can get it
using Session object but why use Session["SID"] when you can use
Session.SessionID. Seems redundant.
Click to expand...
here's my thinking.. i figured if i set some session variable (anything
really - didn't have to be the ID) while the original session was active,
that looking at this variable after the alert is dismissed would be the best
way to determine whether or not the original session was still around.
something during my debugging (Page.IsNewSession = true (ASP.NET)) made me
think that SessionID will always have a value even if the original had timed
out. correct me if i'm wrong on this.
2. I hope you aware that this line
var xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
will work only in IE. And fail in FireFox. You might have to come up with
better version that works in many browsers or if you using some Javascript
library like JQuery i would recomend do AJAX their way.
Click to expand...
i hear ya.. it just so happens that our app is for IE6 only so in this case,
it's not an issue. the higher-ups didn't feel the need to make it
cross-browser compatible probably for money/time saving reasons.
thanx for the comments.


SilentCry said:
as a follow up to my original question from a couple weeks back, i did
figure this out. turned out to be pretty easy once i figured out i needed
to
use the xmlhttp request object.

in the Page_Load code behind of main page..

Session.Add("SID", Session.SessionID);

int to = Session.Timeout;

// inserts client script below
Page.ClientScript.RegisterStartupScript(typeof(string), "Timeout",
script);

<script> function WarnUser()
{
alert("Your session will expire in 2 minute(s).\nClick OK to
continue your session.");
var xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
xmlhttp.open("POST", "SessionEnd.aspx", true);
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4)
{
// alert(xmlhttp.responseText);
if(xmlhttp.responseText == "")
{
window.location = "Error.aspx";
}
}
}
xmlhttp.send();
}
window.setInterval('WarnUser()', 1 * 60000);
</script>

code in SessionEnd.aspx (script only)..

<%@ Page Language="c#" AutoEventWireup="false" AspCompat="true" %>
<%
Response.ContentType = "text/plain";
Response.Write(Session["SID"] as string);
%>

doing it this way, i only redirect to a new page in the event the session
has timed out (Session["SID"] == null). otherwise i do nothing allowing
the
page i was on to just redisplay through normal focus change keeping the
data
filled in in place which is exactly what i wanted.
Click to expand...
Click to expand...
 
Back
Top