I want to redirect back to the home page when there is no activity.
However, i dont have a user login or the need to have one. However, i want to be able to redirect back to the home page when theres no activity.
I set this in the web.conf
<system.web>
<sessionState mode="InProc" timeout="2">
then, i set this in the homepage
Session["UserId"] = 1;
I also tried this but the function doesnt even fire.
protected void Page_Init(object sender, EventArgs e)
{
CheckSession();
}
private void CheckSession()
{
if (Session["UserId"] == null)
{
Response.Redirect("KioskHome.aspx");
}
}
Could i use the global.asax file?
void Session_Start(object sender, EventArgs e)
{
// Code that runs when a new session is started
}
void Session_End(object sender, EventArgs e)
{
}
What is the simple solution? Thank you
If I understand your question, you want to redirect the user's browser if the user hasn't performed any action in some period of time.
In that case - server-side behaviour won't help you. The connection has already closed. The global.asax Session_end will fire when the session is ending, and there won't be a client connected at that time.
Perhaps you should read more about the ASP.NET Page Lifecycle.
What you may want, however, is some form of client-side behavior such as Javascript, which after a specific timeout, can redirect the user.
Note that there's a number of issues with this, including that a user may use multiple tabs, so knowing accurately when the session has timed out is difficult.
Related
So I read up a lot about how to properly use Response.Redirect without causing some errors.
Response.Redirect(url, false);
Context.ApplicationInstance.CompleteRequest();
Situation: A user logs in the site and visits a page that lists forms. The user sits on that page for an hour doing nothing (which would log them out). The user clicks a button to edit a title (which requires a postback). This results in the user object being null since it logged him out of the session.
What I have done: In the page load, check if the user object is null and if it is, redirect to the login page. That is what should happen right?
Problem: The button event is STILL firing. Is it because I have the following line of code?
Context.ApplicationInstance.CompleteRequest();
How can I stop the event from being firing when I simply want to redirect to the login page?
I know I can provide true in the redirect code, but that will cause an error too right?
Response.Redirect(url, true);
What I currently do (which is not the best way I know): In the button event, I again check to see if the user object is null. If it is not null, proceed with the code to edit the title (recording who edited it). This is a bad way of handling this.
What I have seen: Wrap all events with Response.IsRequestBeingRedirected. But if I have several pages and lots of button events, this can get a bit annoying. Is this the only way to handle this situation?
Example:
protected void Page_Load(object sender, EventArgs e)
{
Account account = Session["Account"] as Account;
if (account == null)
{
Response.Redirect("WebForm1.aspx?NewSession=true", false);
Context.ApplicationInstance.CompleteRequest();
return;
}
}
protected void Button1_Click(object sender, EventArgs e)
{
Account account = Session["Account"] as Account;
Label1.Text = account.userID.ToString();
}
Again, if I am already on the page, and the session expired, and I click Button1, the Button1_Click method is still being called. What I provided will give me a "NullReferenceException". Page_Load IS being called, and it is making the redirect. However, Button1_Click is still being called even with the return statement in Page_Load.
Thanks!
You are correct about Response.Redirect(url, true). It is kind of expensive because it throws ThreadAbortException causing the current thread to terminate which is not what you want most of the times.
There is even a KB exists on this topic KB312629.
And yes, with your code it is not possible to prevent events from firing for the current IHttpHandler (which Page class implements) using built-in classes/methods.
So I would suggest to create base page class and add a bool field indicating about request completion request plus method that will call ApplicationInstance.CompleteRequest and will set the flag to true. Also you'll need to override RaisePostBackevent method to take control over controls (not Page) events invocation on page.
public abstract class BasePage : Page
{
private bool shouldNotRaiseEvents;
protected void CompleteRequest()
{
shouldNotRaiseEvents = true;
Context.ApplicationInstance.CompleteRequest();
}
protected override void RaisePostBackEvent(IPostBackEventHandler sourceControl, string eventArgument)
{
if (shouldNotRaiseEvents)
{
return;
}
base.RaisePostBackEvent(sourceControl, eventArgument);
}
}
Your updated code would be:
Response.Redirect(url, false);
CompleteRequest();
Also please note that if you have something inside LoadComplete, PreRender, SaveViewState, Render, Unload event handlers and you don't want this code to execute after redirect call you'll need to override that methods also.
I have a log in page and a content page (i.e. Home page).
If the user has not logged in, s/he will be redirected to the login page. At the login page, after the user has successfully logged in, the credential will be stored in a Session variable.
My question is, what would be the difference if I check the login status during the PreInit and Page_Load? i.e.
What is the difference between this:
protected void Page_PreInit(object sender, EventArgs e)
{
//If the user is not logged in, redirect the user to login page
if (Session["isLogin"] == null || Session["isLogin"] == 0)
{
Response.Redirect("~/Login");
}
}
and this:
protected void Page_Load(object sender, EventArgs e)
{
//If the user is not logged in, redirect the user to login page
if (Session["isLogin"] == null || Session["isLogin"] == 0)
{
Response.Redirect("~/Login");
}
}
Which of these is the more recommended way of implementing it? Pros and Cons?
For your purpose it's better to use the Page_PreInit event because you'll avoid to load unnecessary controls and viewstate that you're not going to use if the redirection is called.
You can find a good description of page events, what is loaded in the page and what you can control on each stage here
I have the below code
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
//do something
}
else
{
// do something else
}
}
protected void Button1_Click(object sender, EventArgs e)
{
//do something
}
}
The point is that a post back happens if I press F5/refresh button or a button click. How will I prevent the code from doing any action if F5/refresh button is clicked?
I have checked Detect F5 being pressed and Refresh but the solution of mine will be different as I need to do this in C# code.
Thanks
You are trying to capture something on the client - so it must be client side script (as discussed in the link).
It's not a postback in ASP.Net terms - your page is simply being requested again (GET). You cannot stop this - its just like going to some other page on your web site and clicking back through some navigation.
If you are saying you want to prevent some type of server side code you have from being run (more than x times) then you can think about sessions or cookies and read them in before you run whatever process. A simplistic sample:
visit page 1 - set session or cookie that identifies page 1 process was run
visit page 2 - set session or cookie that identifies page 2 process was run
return to page 1 - check for existence of session or cookie variable, and if exists, don't run page 1 process.
Another option, if viable is to use ASP.Net caching.
protected void Page_Load(object sender, EventArgs e){
Session.Abandon();
FormsAuthentication.SignOut();
Page.Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Redirect("~/Admin/adminLogin.aspx");
}
I m not using any master page.so i have make one logout page and write code in it as above.
But after logout it still goes back to previous page.
You can put this code in the page load
protected void Page_Load(object sender, EventArgs e)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
Response.Redirect("Login.aspx");
}
}
I'm not sure this is the answer you are looking for exactly. What I do is I put the authentication code in a custom HTTPModule, that way it is executed before all page requests and you simply check status and do your redirection from there.
Then you simply put an exception for your login pages and resource locations. This has the advantage of being able to secure all files on the server with the right settings.
I'm experimenting with some AJAX now. I have a custom control which appears on my masterpage in which there is an update panel and a timer. The timer fires and the panel updates and everything is dandy. Except that there are some operations that I don't want it to perform on every refresh. It seems like the entire page lifecycle happens with each refresh. There are variables I want to set, and keep their value on the refresh. Is there a way to make it perform ONLY what's in the timer_tick call?
You could take a look at Request["__EVENTTARGET"] in the page load event to see what control caused the postback. If it's the timer control, jump out of the function.
Assuming your timer is called "refreshtimer":
protected void Page_Load(object sender, EventArgs e)
{
if (Request["__EVENTTARGET"] == "refreshtimer")
{
return;
}
// etc
Not sure what what an AJAX.Net post back looks like to, But I usually protect my other controls and content by checking for post back;
protected void Page_Load(object sender, EventArgs e)
{
// if its a post back then my controls should already be setup...
if (!Page.IsPostBack)
{
InitControlData();
}
}
and then it should fall thru to your event handling?
protected void timer_tick(object sender, EventArgs e)
{
// Do my Ajaxy work~
}
UpdatePanels always force the entire page to refresh. If you want only a certain portion of the page to be processed (and it's a fixed size) then you could try using an iframe.
Alternatively, if you want to save the variables you can either put them in ViewState or SessionState so that they are persisted between postbacks
This is not possible with UpdatePanels... the entire page will go through the entire lifecycle. As others mentioned, you can limit the processing that happens by using IsPostBack or ScriptManager's IsInAsyncPostBack, but ultimately this is not going to be a great solution for complex pages.
However, you can use Page Methods to execute just one static method in your page, but you'll have to make the Javascript call yourself and update the UI. Here are some examples:
http://www.singingeels.com/Articles/Using_Page_Methods_in_ASPNET_AJAX.aspx
http://encosia.com/2009/07/21/simplify-calling-asp-net-ajax-services-from-jquery/
http://weblogs.asp.net/craigshoemaker/archive/2008/09/29/using-jquery-to-call-asp-net-ajax-page-methods.aspx