Track the users on line?

You would want to increment an application variable. You can decrease
this value in the seesion-end event.

Jacob is right but keep in mind that this will not be 100% accurate.
There will be lag time between when a person closes their browser and when
the session times out. During that time the person could even log back in
and therefore be counted multiple times for a while.
There are also some circumstances in which Session_End may not fire.

A somewhat more accurate way would be to count logins - if you have an
authentication system in place.

--
I hope this helps,
Steve C. Orr, MCSD, MVP
http://SteveOrr.net
"andrea" <go**********@freemail.it> wrote in message
news:9f**************************@news.microsoft.c om...

Which is the best way to track the number of the user currently logged
into a web site?
I've some idea on mind, but I want to compare with you.

One could be to increment a session variable on the session_start in the
global.asa.

But what for decrement the value? This is a black ole, that independently
of all, I don't know
how to solve.

Thank you
Andrea

But it's the same. Suppose I update a table on db that track if user is logged
in, if session_onend
doesn't fire regularly I cannot update back the table.
The solution I used in the past, in this circustamces is deny user login
for the next 20 minutes from
the last login date. And for every user log in launch a general SQL update
query that set to log off
all user that match the above criteria.

I was wondering that new asp.net new system without all this tricks.

Bye
Andrea

re:

The solution I used in the past, in this circustamces is deny user login for the next 20 minutes
from the last login date.
That doesn't work.
Users could, very easily, have valid sessions way past the 20 minute timeout.

Every time a user requests a page, any page,
the clock is reset to the default value set in session timeout.

What you need to look for is for periods of 20 minutes
occurring after the last page is requested by the user.

*Then* you can subtract one from the online user count.

Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"andrea" <go**********@freemail.it> wrote in message
news:9f**************************@news.microsoft.c om... But it's the same. Suppose I update a table on db that track if user is logged in, if
session_onend doesn't fire regularly I cannot update back the table.
The solution I used in the past, in this circustamces is deny user login for the next 20 minutes
from
the last login date. And for every user log in launch a general SQL update query that set to log
off
all user that match the above criteria.

I was wondering that new asp.net new system without all this tricks.

Bye
Andrea

But doesn't the session close the channel when the user close the browser?
Isn't the same if user change site? So I suppose that simply entering a valid
URI
into the address bar, shouldn't open a new session.

But what I mean is - in this case - a session track for user that has been
authenticated.

So.

A valid url, or homepage, add +1 to the global counter ... that's fine ...
and impossible
to trap.
A user login, update table flag to know that user has logged into the system.
If he try again to log from a new browser, the check for the flag doesn't
allow the access.
If a browser will close without pass for the appropriate log off button,
the flag remain there
since lastlogin field on the db + 20 minutes doesn't allow the next user
who try the login to
update all users flag to not logged.
This is system I've used. And always works. But not solved the spot user
that isn't logged in.
For that the best way - I think - is simply doesn't care.

What do you do generally?

Bye
Andrea

the web is stateless. when the brpowser requests a page,

1) opens a socket to the webserver
2) writes the request to the srever
3) reads the response
4) closes the socket.

if keep alives are on, a timer is set to close the socket after a very short
timeout. if a new request comes up in that time period the socket can be
reused.. keep alive generally is used to fetch the page's media without
extra open/close operations, not to keep socket open between requests.

-- bruce (sqlwork.com)

"andrea" <go**********@freemail.it> wrote in message
news:9f**************************@news.microsoft.c om...

But doesn't the session close the channel when the user close the browser?
Isn't the same if user change site? So I suppose that simply entering a
valid URI
into the address bar, shouldn't open a new session.

But what I mean is - in this case - a session track for user that has been
authenticated.

So.
A valid url, or homepage, add +1 to the global counter ... that's fine ...
and impossible
to trap. A user login, update table flag to know that user has logged into
the system.
If he try again to log from a new browser, the check for the flag doesn't
allow the access.
If a browser will close without pass for the appropriate log off button,
the flag remain there
since lastlogin field on the db + 20 minutes doesn't allow the next user
who try the login to
update all users flag to not logged.
This is system I've used. And always works. But not solved the spot user
that isn't logged in.
For that the best way - I think - is simply doesn't care.

What do you do generally?

Bye
Andrea

re:

But doesn't the session close the channel when the user close the browser?
No. It closes the session after the number of minutes specified in web.config
for the sessionstate's timeout value has expired and the user hasn't requested
a page in at least that time.

re: So.
So, your premise is mistaken, so your method can't work.

Juan T. Llibre, asp.net MVP
aspnetfaq.com : http://www.aspnetfaq.com/
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"andrea" <go**********@freemail.it> wrote in message
news:9f**************************@news.microsoft.c om... But doesn't the session close the channel when the user close the browser?
Isn't the same if user change site? So I suppose that simply entering a valid URI
into the address bar, shouldn't open a new session.

But what I mean is - in this case - a session track for user that has been authenticated.

So.
A valid url, or homepage, add +1 to the global counter ... that's fine ... and impossible
to trap. A user login, update table flag to know that user has logged into the system.
If he try again to log from a new browser, the check for the flag doesn't allow the access.
If a browser will close without pass for the appropriate log off button, the flag remain there
since lastlogin field on the db + 20 minutes doesn't allow the next user who try the login to
update all users flag to not logged.
This is system I've used. And always works. But not solved the spot user that isn't logged in.
For that the best way - I think - is simply doesn't care.

What do you do generally?

Bye
Andrea