Sesssion timeout end

[rupertsantos]

if someone closes his browser, the session onend event does not fire and the session does not end. Is there anyway for the session onend event to fire without changing the timeout property of session. I want a record to be deleted from a database when someone exits the application. It only deletes when someone exits using the link i placed in the site. However, it does not end if someone exits by manually closing the browser or moves to another unrelated site.


Thanks

[JeffB]

As you stated, an ASP Session does not end and thus fire the Session_On_end event until the specified timeout is reached.

Why are you wanting to delete the record immediately when the user is finished with the application? Is waiting for the Session to timeout not acceptable? Let us know more about the application so maybe we can help you with a work-around.

JeffB

[rupertsantos]

we have a website where out clients have access to. But they are limited in simultaneous users by licenses. Each time a member of a client logs in , our database adds a record and when someone logs out through our link, the record gets deleted immediatlely, unless they just moved to another website or closed their browser, then the record would only get deleted after 20 mins. Let us say for example the client has 3 licenses and all of them are being used and then a member exits the website by closing their browser, another member will not be able to log in until after 20 mins. I do not want to decrease the session.timeout because it will cause problems with the application.

[JeffB]

Well, it sounds like you need to implement your own session timeout system in your application.

One way that comes to mind would be to create an array at the application level that would contain the last date/time that each of the current users (the ones that have active sessions) viewed a page. When a new user attempts to login and the maximum number of users are already logged in, you could check the times for the currently logged in users and logout (delete your database record) for any that have exceeded the timeout...say 3 mins. Then login this new user as usual.

You could also store this information in the database, but I think it would generate too much overhead. Each page needs to have a section of code to update the last time a page is viewed, so this could be a lot of database updates. I think simply storing it in a variable at the application level would be much more efficient.

Hope this helps.

JeffB

[rupertsantos]

Thanks for the reply Jeff..

Do you mean for ex.

3 users are loggedin , one of which has already exited.
When another person logs in, the application will look to see who has not refresed its page for ex in 3 mins and will delete that record. But what if there is actually a member in the website, and that he is just not refreshing the page in 4 mins? or is this unreasonable already? sorry for my questions.. i am pretty new to this. another thing. do i have to put that application array in each page of the website?

Thanks

[JeffB]

The time limit depends on the level of detail of your pages. If your pages have a large amount of information, then a longer time limit is justified. However, if your pages are short and sweet then a 2 or 3 minute time limit will be plenty.

Here is a sample application that I threw together to demonstrate my suggestion. Because I do not know exactly how you are currently logging in and out your users, you will probably need to modify the code accordingly.

Here is the global.asa file:

Code:

<SCRIPT LANGUAGE=VBScript RUNAT=Server>

'Runs once when the first page of your application is run for the first time by any user
Sub Application_OnStart
	'The first dimension is the client number,
	'The second dimension is the user number,
	'The last dimension is two columns...one for the UserID and the other for the last time
	'they accessed a page
	dim CurrentUsers(20,10,2)
	
        'Store the array in the Application so we can
        'retrieve it from within the pages
	Application("CurrentUsers")=CurrentUsers
end sub

'Runs the first time a user runs any page in your application
Sub Session_OnStart
End Sub

'Runs when a user's session times out or quits your application
Sub Session_OnEnd
End Sub

'Runs once when the web server shuts down
Sub Application_OnEnd
	set Application("CurrentUsers")=nothing
End Sub

</SCRIPT>

And here is the code that should be in each of your pages that require the user to be logged in. I added some response.writes so you could tell what was happening at runtime. The UserID is being generated randomly in my code, you will want to use the UserID's you are assigning to your users. I also hard coded the SiteID and SiteMaxUsers to simulate the licence limits you are imposing.

Code:

<%
Application.Lock 
Randomize(timer)
UserID=int(rnd()*1000)+1
'Set up the defaults for this client
'This is probably already done in your database
SiteID=1
SiteMaxUsers=3
LogoutTimeLimit=3 'in minutes

'Initialize our login flag
LoginOK=false

'Get a copy of the Application array
CurrentUsers=Application("CurrentUsers")

'Iterate through the array until a valid slot is available
'If none found,  no login allowed
for i = 1 to SiteMaxUsers
	'Check the currently logged in users last view date for old dates
	Response.Write i & ": " & CurrentUsers(SiteID,i,2) & "<br>"
	LoggedInUserID=CurrentUsers(SiteID,i,1)
	UserLastUsageTime=CurrentUsers(SiteID,i,2)
	if DateDiff("n",UserLastUsageTime,Now)>LogoutTimeLimit or LoggedInUserID=UserID then
		'Put code here to logoff the user found at CurrentUsers(SiteID,i,1)
		LoginOK=true
		exit for
	end if
next

'If a slot is available,  login the user
if LoginOK=true then
	Response.Write "Login Approved"
	'Put code here to login this user
	
	'Fill the available slot we found with this users info.
	CurrentUsers(SiteID,i,1)=UserID
	CurrentUsers(SiteID,i,2)=Now
	Application("CurrentUsers")=CurrentUsers
else
	Response.Write "Login failed"
end if
Application.UnLock 
%>

You can simply use SSI(Server Side Includes) so you don't have to put the code in each page.

Let me know if you need anymore help.

JeffB

[rupertsantos]

Thank you very much for your response and suggestion.. I will definitely try it out.

Thanks again for your time also. I will post you on what happens.

[SmagO]

Hi,
so were u succesful in the end? If so...please help me out...I have the same problem u had