473,545 Members | 2,068 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

prevent to open the SAME APPLICATION (with the same session) in two or more browser windows.

Everybody knows how to open (or clone) the same page that you are
viewing in a new browser window by CTRL+N or via File->New Window. the
question is how to PREVENT to open the SAME WEB APPLICATION (with the
same session) in two or more browser windows.

any ideas?

ja****@gmail.co m
thanks in advance!!! =)

Jan 24 '07 #1
8 10987
<ja****@gmail.c omwrote in message
news:11******** **************@ q2g2000cwa.goog legroups.com...
Everybody knows how to open (or clone) the same page that you are
viewing in a new browser window by CTRL+N or via File->New Window. the
question is how to PREVENT to open the SAME WEB APPLICATION (with the
same session) in two or more browser windows.

any ideas?
Firstly, apart from under exceptional circumstances, sessions are unique
irrespective of browser and/or user. That means the same 'user' (see below)
will always have a different session every time they access the web app,
even when running two copies of the browser on the same computer at the same
time, so you're on a bit of a non-starter with that one...

Secondly, the web app will have no idea who the 'user' is unless it uses
some sort of authentication mechanism i.e. the user logs in, or uses
Integrated Windows Authentication, which is quite common in corporate
intranets etc, but highly unlikely on the public Internet.

Therefore, unless your web app has some way of 'knowing' who the user is,
there's not much you can do to prevent the same user accessing the same site
more than once at the same time.
Jan 24 '07 #2
Thus wrote Mark,
<ja****@gmail.c omwrote in message
news:11******** **************@ q2g2000cwa.goog legroups.com...
>Everybody knows how to open (or clone) the same page that you are
viewing in a new browser window by CTRL+N or via File->New Window.
the question is how to PREVENT to open the SAME WEB APPLICATION (with
the same session) in two or more browser windows.

any ideas?
Firstly, apart from under exceptional circumstances, sessions are
unique irrespective of browser and/or user. That means the same 'user'
(see below) will always have a different session every time they
access the web app, even when running two copies of the browser on the
same computer at the same time, so you're on a bit of a non-starter
with that one...
Unfortunately, that's usually not the case. Most browsers share a cookie
jar (so to speak) when you open a new window or tab, and that's what most
users do and the OP alluded to. You have to run another instance of the browser
executable to avoid this. But at the end of the day, that's an implementation
detail of the browser.

Cheers,
--
Joerg Jooss
ne********@joer gjooss.de
Jan 24 '07 #3
"Joerg Jooss" <ne********@joe rgjooss.dewrote in message
news:94******** *************** ***@msnews.micr osoft.com...
You have to run another instance of the browser executable to avoid this.
That's right - that's what I said:
"even when running two copies of the browser on the same computer at the
same
time,"
Jan 24 '07 #4
Nope, this is what you said
" That means the same 'user' (see below)
will always have a different session every time they access the web app,
even when running two copies of the browser on the same computer at the same
time"
And this is incorrect. Most likely browsers will share same session if you
running 2 copies of the browser window on the same computer at the same
time.

George

"Mark Rae" <ma**@markNOSPA Mrae.comwrote in message
news:u$******** ******@TK2MSFTN GP05.phx.gbl...
"Joerg Jooss" <ne********@joe rgjooss.dewrote in message
news:94******** *************** ***@msnews.micr osoft.com...
>You have to run another instance of the browser executable to avoid this.

That's right - that's what I said:
"even when running two copies of the browser on the same computer at the
same
time,"

Jan 24 '07 #5
"George Ter-Saakov" <gt****@cardone .comwrote in message
news:OY******** ********@TK2MSF TNGP05.phx.gbl. ..
And this is incorrect. Most likely browsers will share same session if you
running 2 copies of the browser window on the same computer at the same
time.
I just tried it. I opened 10 instances of IE7 and pointed at my website - 10
different SessionIDs...

Then I opened one instance of IE7, pointed at my website and clicked Cltr-N
nine times - 10 different SessionIDs...
Jan 24 '07 #6
Thus wrote Mark,
"George Ter-Saakov" <gt****@cardone .comwrote in message
news:OY******** ********@TK2MSF TNGP05.phx.gbl. ..
>And this is incorrect. Most likely browsers will share same session
if you running 2 copies of the browser window on the same computer at
the same time.
I just tried it. I opened 10 instances of IE7 and pointed at my
website - 10 different SessionIDs...

Then I opened one instance of IE7, pointed at my website and clicked
Cltr-N nine times - 10 different SessionIDs...
Funny, IE7 and Firefox2 behave for me just as I've described (I'm testing
this with my ASP-based web mail site).

But that't no that point. The point is that this behavior (or a lack of it)
is an implementation detail, and simply cannot be relied upon.

Cheers,
--
Joerg Jooss
ne********@joer gjooss.de
Jan 25 '07 #7
"Joerg Jooss" <ne********@joe rgjooss.dewrote in message
news:94******** *************** ***@msnews.micr osoft.com...
But that't no that point. The point is that this behavior (or a lack of
it) is an implementation detail, and simply cannot be relied upon.
Absolutely.
Jan 25 '07 #8
On Jan 25, 8:57 am, Joerg Jooss <news-re...@joergjoos s.dewrote:
Thus wrote Mark,
"George Ter-Saakov" <gt-...@cardone.com wrote in message
news:OY******** ********@TK2MSF TNGP05.phx.gbl. ..
And this is incorrect. Most likely browsers will share same session
if you running 2 copies of the browser window on the same computer at
the same time.
I just tried it. I opened 10 instances of IE7 and pointed at my
website - 10 different SessionIDs...
Then I opened one instance of IE7, pointed at my website and clicked
Cltr-N nine times - 10 different SessionIDs...

Funny, IE7 and Firefox2 behave for me just as I've described (I'm testing
this with my ASP-based web mail site).

But that't no that point. The point is that this behavior (or a lack of it)
is an implementation detail, and simply cannot be relied upon.

Cheers,
--
Joerg Jooss
news-re...@joergjoos s.de
Ok, here's the deal: I was looking for a way to prevent users of my
website to open two or more instances of the same page. I must add
that my website is a game, so having multiple browsers opened is no
doubt an advantage. After reading this thread and trying out a couple
of things, here's what i did:
- user opens first instance of the page, he is not logged in.
- here i used javascript to attach a name to this window. the name is
a md5 hash of the php session_id , user ip, http_user_agent and
whatever else you want.
- the user logs in, then javascript checks if the window name is
correct.

- user opens another instance (Open link in new window)
- since user is already logged in, i check if the window name is still
the same . it's NOT ! .. i log out the user and force a new session
with a new id to be created and used in setting the window name.

what now ?
user has two choices: either continues to log in on this second page,
thus disabling the first page since the session id is different so the
page name will not match . this makes the first page log the user out
if accessed. Or the user will close the second page, returning to the
first but will find himself logged out.

That's it. And because of using the session id along with the ip and
user_agent this will also work if using two different browsers are
used or two different computers (IE and Firefox) : all you have to do
is put that key you created somewhere in a database, in a table where
you have your online users and checking every time to see if the user
has the same key or not.

I hope this helps and if you need a working example, I could send it
by email.

Feb 13 '07 #9

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

12
2506
by: Dave Smithz | last post by:
Hi there, Users of my PHP DB application have complained that it seems to log them out every now and then. I actually assume this is when it has been idle for sometime as I use session variables to store a logged in token. With only basic knowledge of sessions I assumed there was some kind of default time before the session data is...
1
3547
by: Justin Beckwith | last post by:
Hi all, I have a very basic ASP application in which a user is authenticated, a flag is set in a session variable, and a new window is opened. The file opened exists in the same application directory as the file which sets the session flag. After calling the window.open() method in javascript to open my new file, the session id changes. ...
18
8815
by: Paul | last post by:
I link to a web site from an Excel spreadsheet. The page i link to is getCookie.asp which sets a cookie then returns back some html which opens a new window, to the same site but a different page (same folder). The cookie is not received. Can someone explain why? I worked around this by adding a cache-control header with a value of...
4
3371
by: google | last post by:
Hi there, I've searched high and low for this, but it seems most people are looking to establish (and control) the relationship between a parent browser window and it's associated child window created with window.open. I would like to break this connection. Why? Because there is an application that I want to open in a new window, but no...
18
3368
by: Gleep | last post by:
I've searched google intensely on this topic and it seems noone really knows how to approch this. The goal I don't want clients to give out their usernames and passwords to friends, since the site relies on subscrption fees. Sessions ID's are matched between the browser and the server. So a users can login with same username and password...
5
8689
by: John Scott | last post by:
Ok..this a rather odd question/problem. I haven't really found a straight forward answer to how to handle this scenario, so I hope someone here can help. Here it is: I have an application that allows users to log in. Each user can have multiple roles within the application. Each role allows the user to access different sections of the...
9
2799
by: cendrizzi | last post by:
Hi all, I've read some stuff on this but can't seem to come up with a solution that works right. I have a semi-mature (yet very large and robust) internal web application that currently only works with one window open at a time. Maybe I'm abusing the use of $_SESSION but I have data entry processes split up in several steps (which is...
20
3150
by: luqman | last post by:
If user login with the login control in ASP.Net 2005 and then just close the browser and then open the browser again, the login status shows, User still Login? Any idea, how to Logout the User when the User click on the Close Button of Browser ? I am using Sql Membership Provider for security. Best Regards,
0
7405
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
7811
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
1
7428
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
5975
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
1
5334
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
3455
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3444
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
1019
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
0
709
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.