Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 437
  • Last Modified:

Session_OnEnd not being called

I have the following in my global.asa:

sub Session_OnEnd
     dim objAPM
     set objAPM = server.CreateObject("EIDBLLE.BLLE")
     objAPM.LogoffUser(session("UserToken"))
end sub

In short, all it does is log a user out of the database so that they can log in again immediately if needed.

My problem is that it is not executing when I close the browser.  If I edit and save the global.asa it executes (naturally, because the global.asa gets recompiled).

Is there something that I am missing?  Or, is there another way to achieve this.  I also looked into client side methods, but none of them work properly for our application.

Andy
0
baetha
Asked:
baetha
  • 8
  • 4
  • 3
  • +1
1 Solution
 
CRagsdellCommented:
Just shutting down the browser doesn't end the session.

Here is an explanation of Session_OnEnd from devguru.com:

The Session_OnEnd event occurs when the Session ends. Normally, a Session is ended by being timed-out, either by default or by using Session.TimeOut, or by being abandoned by using Session.Abandon. The Session_OnEnd event is simply a subroutine with a reserved name that is placed in the Global.asa file. The code in the event cannot affect the user because he has quit the site.

In the example, there is no output because the user is already gone. The first line must specify the script language.

Note, only the Application, Server, and Session built-in objects are available from within the OnEnd event handler.

Code:
-------------------Global.asa--------------------------
<script Language="VBScript" RUNAT=Server>
Sub Application_OnEnd()
End Sub
 
Sub Application_OnStart()
Application("NumSession") = 0
Application("NumVisited") = 0
End Sub
 
Sub Session_OnEnd()
Application("NumSession") = Application("NumSession") - 1
End Sub
 
Sub Session_OnStart()
Application("NumSession") = Application("NumSession") + 1
Application("NumVisited") = Application("NumVisited") + 1
End Sub
</script>
 
-------------------File1.asp----------------------------
Response.Write "You are " & Application("NumSession") & " of " & Application("NumVisited") & " users."

CR
0
 
CRagsdellCommented:
baetha,

I should have added that you can give the user a link to end the session, or add the usual Session.Abandon to any page and then reinstate the Session when needed. Store whatever session variable you need as strings on the page, and then pass them to the next page where you can re-establish the session variables.

CR
0
 
baethaAuthor Commented:
CRaqsdell,

I do have a "Logout" link that is always available.  I'm just trying to capture the case when someone closes the browser without selecting Logout first.  Using Session.Abandon throughout my app will not work either.  I have way to many pages, pop-ups, session variables and includes that would require such a major overhaul that it wouldn't be worth it.  There has to be some way of achieving what I am trying to do???

baetha
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
anderson22Commented:
baetha,

I had similar situation and here is a synopsis of what I did (worked out pretty good).  Catch the event when someone closes the browser and fire a small popup (you can even make this appear out of the viewing area).  This popup executes a one liner asp page that basically says Session.Abandon().

Here is some code:

Main Page(s)
------------------------
<html>
<script language="javascript">
function signoff()
{
  var mywin = window.open("URL","myWindow","options");

  //uncomment the following line to move the window off the screen
  //mywin.moveBy( -10000, 0 );
}
</script>
<body onunload="signoff()">
.
.
.



Popup
------------------------
<html>
<%
Session.Abandon()
%>
Ending your session
<script language="javascript">
window.close();
</script>
<html>
0
 
baethaAuthor Commented:
anderson22,

I have researched methods similar to this already.  I will try this out, but I'm curious...  Doesn't that mean that I would have to have the "onunload" call in every page of my application to effectively be able to catch the action?  Is there an easy way to include that call to all my ASP pages so that I don't have to add it manually to every page?  I have a lot of pages.

Andy
0
 
CRagsdellCommented:
You can use many Web development softwares to do a global find and replace. Look for <html> or <body> tags and replace with the tag AND the rest of the code needed to build and call the function.

CR
0
 
baethaAuthor Commented:
That's a given, but it's not the answer I was looking for...
0
 
anderson22Commented:
baetha,

essentially, you will have to do one of the following to include this:

either put the <body onunload=...> in every page

or put a reference to an included asp or javascript page that inserts the following:


<script language="javascript">
window.onunload = signoff
</script>

either way, you will have to put an include of some sort into every page (you could do a IIS page footer include)
0
 
whammyCommented:
The session will still timeout in the default 20 minutes, unless you have specified another value for Session.Timeout.
0
 
baethaAuthor Commented:
anderson22,

That does indead work, but it falls right back into the scenario where now even regular navigation (page to page) causes the session to be dropped and the user to be logged out.  In other words, it doesn't work because it kills the site navigation.  I have actully been down this path before, but with slightly different code.  Is there now a way to trap the navigation opposed to the close in order to handle it properly?

Andy
0
 
baethaAuthor Commented:
Actually this doesn't work.  Now my user never even gets logged into the database.  I'm not sure what is happening, but the database never receives an entry that the user ever logged in.  I think when the user logs in, a redirect occurs to move them into the application.  When that happens, the onunload fires, which of course kills their session, so even though they hit the first page, they have already been logged out.  Therefore the next click generates a session timeout/logged out page.

Here is the code that I added to a JS file that is part of a global include.

window.onunload = SignOff;

function SignOff() {
  var url = 'logout.asp?ForcedClose=true';
  var mywin = window.open(url,'myWindow','width=20,height=20,toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=1');
  //uncomment the following line to move the window off the screen
  //mywin.moveBy( -10000, 0 );
}
0
 
anderson22Commented:
I understand the problem.

There are several ways to proceed:

1) Something that would definitely work, yet seemingly ridiculous...  Put a boolean variable set to false in the page.  On every link, add an onclick event that sets this variable to true.  In the signoff function, only do the signoff if the variable is still false.

If you thought adding the signoff function was troublesome, this would be about ten times worse (every link has to be changed)

2) Closer...  Here is a link to a previous Experts-Exchange dialogue that discusses something similar.  Pay attention to the third comment and remember that we can make a window seem to not exist (except in the taskbar.
http://www.experts-exchange.com/Web/Web_Languages/JavaScript/Q_11058024.html

3) Home...  I didn't have the problem of navigation b/c I designed for intranet and the intranet was based in frameset.  The only time the page that contained the onunload event was changed was when the user either signed off or closed the browser.  You could implement a frame that was hidden to the user.  You have another that takes up 100% of the page and this is where your normal pages would appear.  This sounds most appealing and would allow you to remove the original javascript (signoff) from all the pages.

-rca
0
 
baethaAuthor Commented:
anderson22,

I actually got it by using the opener.closed call.  My only concern now is that for all navigation, a pop-up window flashes in the taskbar when it opens and closes.  I tried using showModelessDialog thinking that might resolve the issue, but no luck so far.  Any ideas for that problem (flashing in the taskbar)???

Thanks for all the help!  I really appreciate it!  I have been looking for a solution such as this for almost a month now.

Andy

My code:
-- global JS include --
window.onload = window_onload;
function SignOff() {
  var url = 'CheckClosed.asp';
  //var mywin = window.showModelessDialog(url);
  var mywin = window.open(url,'myWindow','width=20,height=20,toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=1');
  //uncomment the following line to move the window off the screen
  //mywin.moveBy( -10000, 0 );
}

-- CheckClosed.asp --
<script language=""javascript"">
  if (opener.closed) {
    document.location.href = 'logout.asp';
  }
  window.close();
</script>

-- Logout.asp --
(simply performs session.abandon to logout user)
0
 
baethaAuthor Commented:
andreson22,

I goofed when I approved your answer.  I tried to increase the point value to 1000.  Because of this it told me that the max is 500 and submitted my approval.  However, it truncated the points to 50, which is not at all what I intended to do.  You deserve the 500 points.  I submitted a request to EE to get this fixed.  Hopefully it will.

Sorry for the mix up.

baetha
0
 
anderson22Commented:
no problem, point value not really of interest to me

-rca
0
 
baethaAuthor Commented:
I got confirmation that the full 500 points was rewarded.  Here's the message I received: "10% of the question will show for the purpose of someone purchasing the PAQ, the Expert did receive the full amount."

Have you seen my follow up post to this one.  I created another one in order to be able to award more points.  It's kind of a different question anyway.

http://www.experts-exchange.com/Web/Web_Languages/Q_20549888.html

baetha
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 8
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now