Implement User Sessions In .net C#?
Nov 13, 2010
I am developing an application for Online Examination. Once a user logs into the system, he is allowed to start a Test; on clicking start test button the user is redirected to the questions page. Now when the user clicks and confirms ending of the test by a button click then he is redirected to the results page.Now what I want here is that when the results page is being displayed the user should automatically be logged out of the system and should not be able to go back to the previous pages by pressing the browser's back button.
The problem which I am facing right now is that when the results page is displayed anyone can press the back button and continue the test and manipulate the result. How can I stop this.
View 4 Replies
Similar Messages:
Jan 27, 2011
I've never actually implemented a registration/login system before, so I'm trying my hand at making my own in C#/ASP.NET (not using ASP.NET's built-in membership provider). What I'm a little unclear on is how to utilize Session/cookies to keep a user logged in during and between sessions.
protected void Login_User(object sender, EventArgs e)
{
string username = usernameField.Text;
string password = passwordField.Text;
User user = UserRepository.FindUser(username);
if (user != null)
{
if (user.Password.Equals(Hash(password)))
{
// How do I properly login the user and keep track of his session?
}
else
Response.Write("Wrong password!");
}
else
Response.Write("User does not exist!");
}
View 3 Replies
Oct 21, 2014
I have a Asp.net web application that is running on 4.51 , When the User login Successfully i return an Object that has info for that user and store this in a Static object. Now my problem is the i
User 1 Login (Welcome James)
and
User 2 Login (WelCome Daniel)
and User 1 refreshes the Page (Welcome Daniel)
My user sessions override each other. i did mess around with the IIS Session before , i just noticed this now.
View 1 Replies
Jun 19, 2010
I'm trying a lot a things in these days around the Login control. What I want: to keep the user logged ind also when she close the browser. When se returnes to the page, she should be moved to the DestinationPageUrl of the login control.
My Login control:
[Code]....
My Codebehind file for the login control:
[Code]....
My web.cofig settings:
[Code]....
As you can se, I have learned (from google and here in forums.asp.net) that I need to do a FormsAuthentication.SetAuthCookie but I have one problem....... If I do nothing in the page_load the control doesn't keep me logged in through sessions.Is there anyone who can help me, and either explain og link me to a page, where I can see, how I can get the UserName and Password from the FormsAuthentication.SetAuthCookie I maid. I also need to know if when I get UserName and Password from cookies andthen redirect to the /Content/Default.aspx page in page_load the system knows (formsauthentication) the user is logged in?
View 3 Replies
Nov 25, 2010
We're currently deploying code to live pretty reguarly at the moment, but the down side is destroying user session data.
Is there a way of being able to recycle IIS without loosing session data, or is persisiting session state in SQL server or alike the only way?
View 2 Replies
Mar 21, 2010
I am trying to create a system in which there will be a single user accessing his acount from two endpoints simultanously.
I think this is possible.
1) How to restrict the user to have only one session at a time?
2) How to change it to have limited number of sessions per user at a time?
View 5 Replies
Aug 4, 2010
We have take over a classic asp site. Everything works fine, but we are making improvements to some reports and adding new reports, so we are doing this in .NET, with that said, after reviewing the secuirty code, there are 2 sessions that are set and used thru-out the site as part of some of the individual page queries.
I know that the sessions are being populated, because the reports that use those values return records.. now with a new report we are working on, i need to pass those values into my query. But when i try using the session names the page is coming up saying the following:Object reference not set to an instance of an object.
Is there anyway to add something to my page code to see what sessions are actually being created and their values.. maybe im using the wrong variable names.. but the security code is pretty straight forward.. at login, if successful, 2 values are returned and stored in 2 sessions.. i need to use those with my new page.. so trying to figure out why the existing pages work fine with that and my new page does not..
Basically, i'd like to write to the screen the session variables that are being created on the login page.
View 11 Replies
Jun 17, 2010
I am wondering if it is possible to clear a session variable if the user navigates away from my site.
My example is I have a session storing the logged in user. This is checked for user access to each page.
If the user goes to another site (e.g. google) I want them to relog into the site.
This is to prevent others getting access to a users account if they use the same pc minutes.
I do have a logout that performs this and I know that it is impossible to make users use it! :)
View 2 Replies
Apr 9, 2010
Is there anyway to actually remove all the sessions once the user leaves the site/application or when he/she closes the browser?
View 11 Replies
Apr 2, 2014
Iam having registration page where user enter his credentials based on his email i want to send the confirmation link to his mailÂ
View 1 Replies
May 7, 2015
how can i make a simple user comments form using xml. comments entered by the user should be saved in xml.
format of the form:
name: email:comments:
View 1 Replies
Mar 25, 2010
My prior asp.net apps used windows authentication on an intranet. Now I'm developing an app for the internet and am stumbling over how to properly manage user sessions and state.
I first developed my web site functionality; created the SQL DB and got all of the pages to properly handle the data. Then, I installed the SQL Membership database and was able to get the CreateUser, Login, Logout pages to work. On the Verify process for the Userid, I added a step that will take the membership UserId value and create a Company record in my tables and link my CompanyId key with the UserId.
At Login time, I create a CompanyId session variable; each page uses it to retrieve records for the user. When Session Timeout occurs and the user click a link to another page, the app redirects properly to a Login page. However, if the time expires and then the user interacts on that same page, 'Object not set to an instance of the object' - the CompanyId session variable has expired.
What is the proper way to handle this? I'd like the page to automatically redirect to a TimedOut page (this would happen automatically without the user doing anything).
I considered writing a Function where I pass the Session variable I want and the Function sees if it exists; if it doesn't it would do a Response.Redirect to the TimedOut page...I can't get the Redirect to work in a Class Function ('reference to a non-shared member...').
I assumed that I should set CompanyId as a Session Variable so each page knows the user to get data for. Another approach is to use the membership User and if it is still valid, do a DB lookup to get the CompanyId. I did not choose this because I felt that it would increase DB traffic and web traffic.
Here are several relevant settings from my web.config:
<sessionState cookieless="UseDeviceProfile" />
<authentication mode="Forms">
<forms loginUrl="~/UserTasks/Login.aspx" />
It feels like there should be a straightforward answer to this but I am missing it.
View 7 Replies
May 7, 2015
What if, I'm not using the LOGIN CONTROL but rather creating a Custom Control for Login. Is it possible to have user roles and a site map that redirects to its own destination when the user login?
View 1 Replies
Nov 9, 2010
i am developing a site in asp.net mvc 2.0.Now i have to implement customised user registrationpage by adding extra fields.i am using following code to create the user,
Membership.CreateUser(userName, password);
Roles.AddUserToRole(userName, "User");
UserProfile.NewUser.Initialize(userName, true);
UserProfile.NewUser.FirstName = firstName;
UserProfile.NewUser.LastName = lastName;
UserProfile.NewUser.Save();
View 1 Replies
Sep 25, 2010
I have aspx page with a user control. I want to implement caching for the entire page except the user control.
View 2 Replies
Jan 26, 2011
i implement user login in my website itself and i dont use membership of asp.net
any user in my website have the apportunity to website for 5 times .after 5 times if still user is not logged in website ,user can after 15 minutes to be able to try again.
how can i do this walk on my website?
is below code security?
[Code]....
View 1 Replies
May 4, 2010
i would like to implement one route for my Adminitration user - roles management (http://<domain>/Administration/ManageUserRoles/<userName>/<roleName>), where Administration is the Controller and ManageUserRoles is the action and another for managing everywhere in the site where there is an id / name combination ((http://<domain>/<controller>/<Action>/<id>/<name>)).
From what i have tried so far, the Administration route catches all the routing that has the format http://<controller>/<action>/<param1>/<param2> and as a result the id / name url parameters are displayed as query url parameters.
View 5 Replies
Aug 11, 2010
I want to build a User Control with a Datalist and implement paging in it.
View 9 Replies
Mar 13, 2011
I have some problem about observer pattern. My example is webboard system.
My solution wanna be refresh page after another user submit discussion.
I try to use observer but i don't know how to refresh another user's web page.
View 1 Replies
May 7, 2015
How can implement a Email Inquiry Form in MasterPage using Asp.net ...
View 1 Replies
Aug 6, 2010
I am not sure how the user defined class objects are garbage collected. Do I need to implement IDisposable interface on every class and call the dispose() method on it to free the memory?
View 7 Replies
Jan 26, 2010
I have a web user control that contains 2 text boxes. i would like to be able to have their values persisted using the personalizable attribute, but dont want to use my user control as a web part. Can i implement the personalizable attribute on a text box in a user control without using web parts?
View 3 Replies
Jul 23, 2012
I want to maintain user session in my project...the problem i am facing is when any user login is nt maintained.
View 1 Replies
Dec 26, 2010
how to implement the authentication and membership for a hobby project I'm working on. Tought I'd ask for opinions here. I started using the asp.net membership/authentication/profile providers. First off I want user's to "activate" their accounts, so upon registration I figured I'll set "IsApproved" to false, generate and email an activation code which I store in a user profile. User's won't have usernames, just log in by email address. While it's easy to pass an email address as username, I'm worried about user's having to change their email addresses (used for logging in) later.
View 3 Replies
Sep 16, 2010
Just wondering how to implement a user's list into website ? im using ASP.NET C#. I want to be able to:
add/delete usersadd/remove roles
View 2 Replies