Here is the process on the site before I ask the question:
User logs in
session is created based on username and userid
user edits a record in the db
a hidden field with the userid session is inserted in the db to show
who edited the record
I had a user ( mike, id -1 ) edit a record today but the userid that
got inserted was 2 ( scott ). mike doenst know scotts credentials and
scott has never used the PC that mike is using, matter of fact scott
hasnt even logged into the site today.
can someone help me figure out what might have happened so i can
correct it? 7 2011
On May 29, 4:31*pm, Mangler <webmas...@repa irresource.comw rote:
Here is the process on the site before I ask the question:
User logs in
session is created based on username and userid
user edits a record in the db
a hidden field with the userid session is inserted in the db to show
who edited the record
I had a user ( mike, id -1 ) edit a record today but the userid that
got inserted was 2 ( scott ). *mike doenst know scotts credentials and
scott has never used the PC that mike is using, matter of fact scott
hasnt even logged into the site today.
can someone help me figure out what might have happened so i can
correct it?
i apologize in advance, not sure why it got posted so many freaking
times.
Mangler wrote on 29 mei 2008 in microsoft.publi c.inetserver.as p.general:
Here is the process on the site before I ask the question:
User logs in
session is created based on username and userid
user edits a record in the db
a hidden field with the userid session is inserted in the db to show
who edited the record
A session is not something that can be inserted, it is not a value.
a session variable value could be put in the database, but why put that in
a [clientside] hidden formfield? [these fields are not exactly hidden to
the user if he wants to see or manpulate it.]
If a user logs in succesfully, you can set a session variable to his
usernumber, and use that to put into the database. The user does not have
to know that number, and the number does not have to be outside the server
anyway, as the user is identified by the asp session.id.
[unless the user has even ram cookies switched off,
but then there is no session in the ASP sense.]
I had a user ( mike, id -1 ) edit a record today but the userid that
got inserted was 2 ( scott ). mike doenst know scotts credentials and
scott has never used the PC that mike is using, matter of fact scott
hasnt even logged into the site today.
can someone help me figure out what might have happened so i can
correct it?
Either you made a programming error,
[like counting from zero, and later from one],
or someone is making use of your unsafe programming.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
"Mangler" <we*******@repa irresource.comw rote in message
news:1b******** *************** ***********@34g 2000hsf.googleg roups.com...
Here is the process on the site before I ask the question:
User logs in
session is created based on username and userid
user edits a record in the db
a hidden field with the userid session is inserted in the db to show
who edited the record
I had a user ( mike, id -1 ) edit a record today but the userid that
got inserted was 2 ( scott ). mike doenst know scotts credentials and
scott has never used the PC that mike is using, matter of fact scott
hasnt even logged into the site today.
can someone help me figure out what might have happened so i can
correct it?
If you are using hidden fields and it sounds like you are, could it be that
one user is receiving a cached version of another users form? IOW is there
a proxy server that is common to both users?
On May 29, 5:54*pm, "Anthony Jones" <A...@yadayaday ada.comwrote:
"Mangler" <webmas...@repa irresource.comw rote in message
news:1b******** *************** ***********@34g 2000hsf.googleg roups.com...
Here is the process on the site before I ask the question:
User logs in
session is created based on username and userid
user edits a record in the db
a hidden field with the userid session is inserted in the db to show
who edited the record
I had a user ( mike, id -1 ) edit a record today but the userid that
got inserted was 2 ( scott ). *mike doenst know scotts credentials and
scott has never used the PC that mike is using, matter of fact scott
hasnt even logged into the site today.
can someone help me figure out what might have happened so i can
correct it?
If you are using hidden fields and it sounds like you are, could it be that
one user is receiving a cached version of another users form? *IOW is there
a proxy server that is common to both users?- Hide quoted text -
- Show quoted text -
i am using a hidden field and am not sure if there is a cached version
of another users form. i tested it myself on my PC which no one else
uses and here is what happend. Mike edited something and it recorded
Scots userid, then i edited something and it recorded mikes userid.
is that the cached form your talking about? If so, how can i prevent
this?
On May 30, 8:16*am, Mangler <webmas...@repa irresource.comw rote:
On May 29, 5:54*pm, "Anthony Jones" <A...@yadayaday ada.comwrote:
"Mangler" <webmas...@repa irresource.comw rote in message
news:1b******** *************** ***********@34g 2000hsf.googleg roups.com...
Here is the process on the site before I ask the question:
User logs in
session is created based on username and userid
user edits a record in the db
a hidden field with the userid session is inserted in the db to show
who edited the record
I had a user ( mike, id -1 ) edit a record today but the userid that
got inserted was 2 ( scott ). *mike doenst know scotts credentials and
scott has never used the PC that mike is using, matter of fact scott
hasnt even logged into the site today.
can someone help me figure out what might have happened so i can
correct it?
If you are using hidden fields and it sounds like you are, could it be that
one user is receiving a cached version of another users form? *IOW is there
a proxy server that is common to both users?- Hide quoted text -
- Show quoted text -
i am using a hidden field and am not sure if there is a cached version
of another users form. *i tested it myself on my PC which no one else
uses and here is what happend. *Mike edited something and it recorded
Scots userid, then i edited something and it recorded mikes userid.
is that the cached form your talking about? *If so, how can i prevent
this?- Hide quoted text -
- Show quoted text -
Ok i figured out what is going on but am not sure how to correct it.
I logged in several different times under different people and went to
the page to do an edit. the hidden field is always holding the userid
of the last person that went there. Any suggestions on how to prevent
this?
On May 29, 5:54*pm, "Anthony Jones" <A...@yadayaday ada.comwrote:
"Mangler" <webmas...@repa irresource.comw rote in message
news:1b******** *************** ***********@34g 2000hsf.googleg roups.com...
Here is the process on the site before I ask the question:
User logs in
session is created based on username and userid
user edits a record in the db
a hidden field with the userid session is inserted in the db to show
who edited the record
I had a user ( mike, id -1 ) edit a record today but the userid that
got inserted was 2 ( scott ). *mike doenst know scotts credentials and
scott has never used the PC that mike is using, matter of fact scott
hasnt even logged into the site today.
can someone help me figure out what might have happened so i can
correct it?
If you are using hidden fields and it sounds like you are, could it be that
one user is receiving a cached version of another users form? *IOW is there
a proxy server that is common to both users?- Hide quoted text -
- Show quoted text -
This is weird, it only happens on this one page. I have several other
pages that edit other parts of the DB and it has the same tracking
feature, identical the only difference being that the other pages work
fine. It even does it locally on my machine.
"Mangler" <we*******@repa irresource.comw rote in message
news:8d******** *************** ***********@a1g 2000hsb.googleg roups.com...
On May 30, 8:16 am, Mangler <webmas...@repa irresource.comw rote:
On May 29, 5:54 pm, "Anthony Jones" <A...@yadayaday ada.comwrote:
Ok i figured out what is going on but am not sure how to correct it. I logged in several different times under different people and went to the page to do an edit. the hidden field is always holding the userid of the last person that went there. Any suggestions on how to prevent this?
Tweak you program logic so that it doesn't send th last userID in the hidden
field?
--
Anthony Jones - MVP ASP/ASP.NET This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Xizor |
last post by:
Let's say I run a server. I have two people using the server. Bill and Joe.
Bill is at address.com/bill and Joe is at address.com/joe.
Let's say Joe and Bill are both using PHP with sessions on their web pages.
Let's say they both create the session variable $_SESSION. Each uses
yo for a different purpose.
Now we have a user accessing address.com. He goes to Bill's site and his
session his started with the $_SESSION created.
|
by: Paul |
last post by:
Hmmm, didn't seem to work. I have set session.use_cookies = 1 and
session.use_trans_sid = 1 in my php.ini file. Index.php contains:
----------------------------------------------------------------------------
<?php
ini_set("session.use_cookies", "off");
ini_set("session.use_trans_sid", "on");
session_start();
$_SESSION = "";
$_SESSION = "";
echo "<form method='POST' action='login.php'>
|
by: VijayShankar |
last post by:
Can u be more specific on your question
Anyway its not like Session variables are available for
sometime and not available for sometime.
When your session starts it is very much available unless
your session ends
One more thing Session variables can very much be used in
Application events
|
by: Ernest Forman |
last post by:
How can I view the defined Session Variables in the Dotnet environment? I
found the session object and it shows me the count of the number of items,
but I don't see how to see the names and values of the items.
|
by: Jeff Smythe |
last post by:
I simply want to execute some code once when a new session of my ASP.NET
application is started (I'm not using session state for anything else - just
writing some data to a database). I thought that I could simply put the code
in the Session_Start event procedure in Global.asax.cs, however, the event
procedure executes and a new session is created every time any page is
requested - not just for the first page requested....
| |
by: DavidS |
last post by:
First: There are several ways to confuse one regarding session timeout.
(1) web.config - <sessionState timeout="20">
(2) IIS Manager | Internet Information Services | ServerNode | Default Web Site |
Properties | Configuration | Options | Enable Session State
Session timeout 20
(3) within Global.asax.vb file - Session_Start subroutine can use
Session.Timeout=x minutes or
(4) within any web page, i.e., <web page>.aspx can use...
|
by: tshad |
last post by:
I have been using the default session state (InProc) and have found that I
have been loosing my information after a period of time (normally 20
minutes).
Is there anyway to find out how much more time I have on a session?
If I do a refresh, does reset the session clock?
Do you have have to go to another page to reset the session timeout or will
a postback also do it? This is important as we have a few pages that a user
|
by: Rippo |
last post by:
Hi
I am using role base forms authentication in asp.net and have come
across a problem that I would like advice on.
On a successful login a session variable is set to identify a user.
This is all good as this session variable is used to retrieve data for
that user etc. However if I restart the webserver then the users
session is lost but the ticket is still active. Therefore the user is
not redirected back to the login page.
|
by: George |
last post by:
Hi, Is it possible to delay session creation in ASP.NET
I want the user to browse my site without any session created (no cookies set). My pages will know that is Session = null then Session has not been created and they should not rely on it.
But at the moment user puts something into shopping cart i want to trigger session creation (set the cookies) and from no own that user will have regular session.
Is it doable with .NET Session or...
|
by: Kevin Frey |
last post by:
Hello,
I've been reading that ASP.NET serialises (ie. processes one at a time) HTTP
requests if two simultaneous requests need to access the same session state.
It also makes note that ASP.NET tries to reacquire a lock on the session
state every 1/2 second until the timeout is reached, and then it will
forcibly release the previous users lock and take the lock for itself.
What is this timeout figure?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
| |
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |