473,598 Members | 3,097 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

delete session data for other users logged on

jjw
I have a website that requires users to login. We track them by using
sessions. We record the time and date that they login, their session
id, the last page they visited, etc in a database. As as admin, I
would like to be able to login and force a logout of other users logged
in. Is this possible? I have looked online but there doesn't seem to
be any information that addresses this.

Aug 29 '06 #1
5 3996
The only feasible way to do this would be to kick everyone out by restarting
the app and killing all the sessions. Something else to look into is
storing the login status in a database instead of using sessions.

Ray at work

"jjw" <bi*********@gm ail.comwrote in message
news:11******** **************@ 74g2000cwt.goog legroups.com...
>I have a website that requires users to login. We track them by using
sessions. We record the time and date that they login, their session
id, the last page they visited, etc in a database. As as admin, I
would like to be able to login and force a logout of other users logged
in. Is this possible? I have looked online but there doesn't seem to
be any information that addresses this.

Aug 29 '06 #2
jjw
ok, thanks a lot for your reply

jjw

Ray Costanzo [MVP] wrote:
The only feasible way to do this would be to kick everyone out by restarting
the app and killing all the sessions. Something else to look into is
storing the login status in a database instead of using sessions.

Ray at work

"jjw" <bi*********@gm ail.comwrote in message
news:11******** **************@ 74g2000cwt.goog legroups.com...
I have a website that requires users to login. We track them by using
sessions. We record the time and date that they login, their session
id, the last page they visited, etc in a database. As as admin, I
would like to be able to login and force a logout of other users logged
in. Is this possible? I have looked online but there doesn't seem to
be any information that addresses this.
Aug 29 '06 #3
Ray Costanzo [MVP] wrote on 29 aug 2006 in
microsoft.publi c.inetserver.as p.general:
The only feasible way to do this would be to kick everyone out by
restarting the app and killing all the sessions. Something else to
look into is storing the login status in a database instead of using
sessions.
Start each user page with:
if application("ki llAll") = "do" then session.abandon :response.end

kill.asp [only with password]:
application("ki llAll") = "do"

unkill.asp [when used after the session timeout time]:
application("ki llAll") = "notSo"

Would this work?

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Aug 29 '06 #4
jjw

Evertjan. wrote:
Ray Costanzo [MVP] wrote on 29 aug 2006 in
microsoft.publi c.inetserver.as p.general:
The only feasible way to do this would be to kick everyone out by
restarting the app and killing all the sessions. Something else to
look into is storing the login status in a database instead of using
sessions.

Start each user page with:
if application("ki llAll") = "do" then session.abandon :response.end

kill.asp [only with password]:
application("ki llAll") = "do"

unkill.asp [when used after the session timeout time]:
application("ki llAll") = "notSo"

Would this work?

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
thanks for your reply. that would work, and I kinda thought of
something like that, but your way implements it a bit better. anyway,
the only bad part is I'd have to add it to each and every page, but
that's probably what I'll be doing.

Aug 30 '06 #5
jjw wrote on 31 aug 2006 in microsoft.publi c.inetserver.as p.general:
>
Evertjan. wrote:
>Ray Costanzo [MVP] wrote on 29 aug 2006 in
microsoft.publ ic.inetserver.a sp.general:
The only feasible way to do this would be to kick everyone out by
restarting the app and killing all the sessions. Something else to
look into is storing the login status in a database instead of using
sessions.

Start each user page with:
if application("ki llAll") = "do" then session.abandon :response.end

kill.asp [only with password]:
application("k illAll") = "do"

unkill.asp [when used after the session timeout time]:
application("k illAll") = "notSo"

Would this work?

thanks for your reply. that would work, and I kinda thought of
something like that, but your way implements it a bit better. anyway,
the only bad part is I'd have to add it to each and every page, but
that's probably what I'll be doing.
There is a minor(!) problem with this:

If a user "refreshes" the session by calling a non-asp file,
like .jpg, .pdf, .html, repeatedly, I suppose that session could
be left intact when running unkill after 20 minutes.

If this flaw bothers you,
perhaps you would have to use an incrementing "killLevel" number:

Start each user page with:

if session("killal l") = "" then
session("killal l") = application("ki llAll")
end if
if application("ki llAll") session("killal l") then
session.abandon
response.end
end if

This will set to self-kill all sessions
that are "old" when you increase this killall level with:

kill.asp [only with password]:

application("ki llAll") = application("ki llAll") + 1

and in global.asa application onstart:

application("ki llall") = 0

[no unkill in this scheme]

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Aug 31 '06 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
1519
by: masoud bayan | last post by:
Hi, We have 3 different web applications on three different websites (and domains). Now we want to make it possible for users to login in each of these applications and can navigate to other applications without authenticating. So generally we need to have a shared session across applications (a single sign-on).
13
2101
by: Sanders Kaufman | last post by:
When you have a session going, I know that PHP stores a session token on the client, but does it keep the session *data* on the client, as well? Or is the session data being stored on the server, and just indexed to the session token data?
15
3274
by: =?Utf-8?B?QmVuamFtaW4gSmFuZWNrZQ==?= | last post by:
Hi, we're struggling with a strange session problem in an ASP.NET 2.0 application. The application is used by our customers to access customer-related information such as invoices over the internet. Customer have to log-in and are then identified by their customer number and some other information stored in the session. We use the asp.net session cookie system to keep track of the sessions. This works quite well. Unfortunately though,...
2
5089
by: RSH | last post by:
I have a situation where I have a page called "HiddenFrame.aspx" that contains a public property exposing the value of a textbox called "TextBox1" that is in a hiddenframe. Loaded in the main frame is a page called "Page1.aspx" in which from the code behind I need to set the value of "TextBox1" which will be persistent following the initial setting. How can I set the value of that textbox in the hiddenframe?
43
3399
by: davidkoree | last post by:
I mean not about cookie. Does it have something to do with operating system or browser plugin? I appreciate any help.
4
1430
by: moni | last post by:
Hi, I was hoping I could get a help on this one. I am creating a simple website, in which I have a login after which the user gets logged in using a session variable where I append the ID,eg http://localhost:3944/monisha/Experiments/Projects/Copy/ProfilePage.aspx?ID=1 But from this profile page, I have another search option to look for other ppl in the database which is getting dispalyed on a page I am
8
3366
by: pim | last post by:
Dear All, What I was wondering is how safe it is to store user_id or username or anything like that in session. I usualy store a bunch of info in a session so I do not need to search the database all the time. However, is it easy to change a value after being logged in? For example: - A user logs in - Now set is: $_SESSION = 34;
9
7792
by: Josh | last post by:
I run a Joomla website and am familiar with php in some but not all aspects. Currently I am trying to find some solutions related to session handling. Am I correct in saying that "login" is kept in sessions? I can see active sessions in my mysql database, but is that the only place this information is stored? Sessions and cookies I know are related also, but how specifically (session info stored in cookies?)? Right now, when users...
16
1827
by: Jonathan Wood | last post by:
Greetings, I was wondering if anyone here has a good understaning of the Session object. I know there are options like the Session.Abandon method and the regenerateExpiredSessionId setting, although I do not understand what they do. Can anyone tell me if it's possible for a recycled session to still contain the old data? I had a couple of reports that where users said they logged on and saw another user's data. On this site, there...
0
7985
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
7896
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
8389
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
1
8048
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
6713
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
5848
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
3939
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
2411
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
1
1503
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.