Solved

Is this possible.? 2 part question.

Posted on 2002-03-12
13
138 Views
Last Modified: 2013-12-24
I would like to know of what is the possibility that once the sesion is over that a page would come up giving my user the opportunity to do one of two things
1.  exit the application

or

2. log back in.

this I would like if it could happen automatically.  I was thinking of trying it using a meta refresh but that would not be a true end of session it would just be like a page timer.  

I would like this to happen when there is a specific time span of imobility or actions during the session.

ie my session is set to #createtimespan(0,0,45,0).
so my user once that 45min session is over then they would have a page come up letting them know that the session is about to expire and they would in return have the choice of either closing out of the session or logging back in.

now within my loggin app I would like it after a successful login for it to take my user back to where their session had ended with out losing any work that was done?

any help is greatly appreciated. :)
0
Comment
Question by:jriver12
  • 6
  • 4
  • 2
  • +1
13 Comments
 
LVL 19

Expert Comment

by:cheekycj
ID: 6856933
this would not be possible b/c you need some thing triggered from the client side.

A meta refresh will keep resetting the session so it won't time out.. if the user has timed out and they click on any link or hit reload you should just redirect to the login page.

But pass the current requested URL as a parameter in your redirect so you can send them to their original request after they login.

CJ
0
 
LVL 6

Expert Comment

by:reitzen
ID: 6858282
I believe this can be done.  I get an alert message from my online bank after 'X' minutes of inactivity that my session is going to expire and I am prompted to continue or quit.

Your question is one that deserves an answer, which I don't have.  I do have a couple of ideas, though, however elementary or misdirected they might be.

The server knows when to expire a session variable based on the settings in your APPLICATION.CFM and CF Server settings.  There has to be some kind of timestamp that gets refreshed each time a user/session id is submitted to the server.  Find this timestamp and you'll find your solution.  This solution may not be available via CF, so maybe Java, C, or ? would allow you to find a solution.

If this cannot be done, then a work-around could be to create your own timestamp refresh using Client variables or a database table. Where you update the user/session id timestamp each time a user requests a page.  Meanwhile, you need to have another CF page (scheduled to run every 60 seconds +/-) to compare all current user/session ids with this timestamp.  I believe I've seen a custom tag in the Developers Exchange that grabs all of the current user/session ids (I could be wrong as 'Old-Timers' disease is setting fast!).

I know I haven't given you much specific direction but maybe my vague ideas will help you find what you are looking for.
0
 
LVL 1

Expert Comment

by:dawesi
ID: 6858708
Simply put some code either in the Application.cfm or at the top of the templates that require login that check for the session variable.

An example:

<CFIF NOT IsDefined('session.loggedin')>
   <CFLOCATION URL="login.cfm?referer=#thispage#">
</CFIF>

On login.cfm you have the normal login page as well as a link that has HREF="javascript:self.close();"
0
 

Author Comment

by:jriver12
ID: 6858731
reitzen,

thanks for the insight and I will look into those possibilities,  but for future ref.

please let me decide if your comment is my answer,for now the question is locked and not that many experts jump into locked questions.

thanks again for the insight.
0
 
LVL 1

Expert Comment

by:dawesi
ID: 6858802
OK.. Try this...

<SCRIPT>
     var aTimer;
               
     function aReload() {
          var login = confirm('Do you want to close your browser?')
          if (!login) {
               location.href='login.cfm';
               }
          else {
               self.close();
               }
          }
               
          function startReload() {
               aTimer = setTimeout("aReload()", 5000);
               }
               
          function stopReload() {
               clearTimeout(aTimer);
               }
</SCRIPT>

<BODY onLoad="startReload();">
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6861195
Dawesi: Please STOP posting answers (it locks up a question).. you are suggesting solutions and they are NOT 110% the absolute answer.  It is an EE norm to post comments and allow the question asker to decide which expert helped the most.  Please read the bottom of this page for guidelines.

Also when you lock down a question it recieve less participation from other experts and that prevents the question asker from getting the most participation.

CJ
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 19

Expert Comment

by:cheekycj
ID: 6861204
jriver12: You may have to keep track of session timeouts separately than what defaults in CF and that might solve your problem.

Maybe placing a timestamp in a cookie.

Using meta refresh.. but updating the cookie only when user interaction is involved.. meta refresh can detect if the cookie's timestamp has expired or not.

CJ
0
 

Author Comment

by:jriver12
ID: 6861418
dawesi,

please stop locking this question.

I have tried all of your suggestions and they are not quite what I am trying to accomplish.

your js is a nice idea but it just resets itself after a period of time.

thanks

cheekycj
your Idea sounds interesting but I don't feel that I have enough knowledge to even attempt "Using meta refresh.. but updating the cookie only when user interaction is involved.. meta refresh can
detect if the cookie's timestamp has expired or not"

can you maybe explain how that is done in a lil more detail.??

0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6861450
sure...

Now when a user logs in.. set a cookie using CFCOOKIE tag:
** Either a session only cookie with a timestamp value of of 30 mins from current time (or whatever your session timeout is)
** OR set the expiration time of the cookie to 30 minutes (or whatever your session timeout is) from current time.

All pages will update this cookie (whether it be its value or expiration time) when the user accesses a page UNLESS there is a refresh=1 parameter.

Your meta refresh tag will put this refresh=1 parameter in the URL to indicate that the page was reloaded by the meta refresh not by a user click.

If the cookie has expired/doesn't exist the user's session has truly timed out.

CJ
0
 

Author Comment

by:jriver12
ID: 6864281
cj,

I think I understand the cookie portion

<cfcookie name="CheckRefresh" value="#Session.SesionID" expires="#CreateTimeSpan(0,0,30,0)#">

but the portion of the meta refresh, would I be using standard <meta http-equiv="Refresh" content="30">
or do I now have to create a URL variable that would be passed throughout all of my pages?.
0
 
LVL 19

Accepted Solution

by:
cheekycj earned 150 total points
ID: 6864766
something like this on every page (you should use a file include)

<CFIF CGI.QUERY_STRING EQ "">
     <cfset VARIABLES.queryString = "?refresh=1">
<CFELSE>
     <cfset VARIABLES.queryString = "?refresh=1&#CGI.QUERY_STRING#">
</CFIF>
<META HTTP-EQUIV=Refresh CONTENT="10; URL=#CGI.SCRIPT_NAME##VARIABLES.queryString#">

<cflock timeout="30" throwontimeout="No" type="READONLY" scope="SESSION">
     <cfif IsDefined("URL.refresh") AND URL.refresh EQ 1>
          <CFIF IsDefined("COOKIE.CheckRefresh") AND NOT IsDefined("SESSION.SessionID") AND COOKIE.CheckRefresh NEQ SESSION.SessionID>
              <cflocation url="yourLoginPage.cfm">
          </CFIF>
     <cfelse>
          <cfcookie name="CheckRefresh" value="#Session.SessionID" expires="#CreateTimeSpan(0,0,30,0)#">
     </cfif>
</cflock>

HTH,
CJ

0
 

Author Comment

by:jriver12
ID: 6865628
thanks again cj
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6865895
no prob. Thanx for the "A"

CJ
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

This is a guide to setting up a new WHM/cPanel Server to be used for web hosting accounts. It is intended for web hosting company administrators and dedicated server owners. For under $99 per month (considering normal rate of Big Data Cetnters like …
A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now