Since this code is going to be on every page in your website I recommend that you create a "base page class" that all of your pages can inherit from. This way you can implement the code that checks Session once instead of having to copy/paste the code into every page.
That being said, I recommend that you put something into Session when the user logs in. That way you can retrieve it from Session and check if it is Null/Nothing to determine whether or not Session has ended.
So, when the user logs in set something in Session like:
(VB.NET)
-
Dim userName As String = "name"
-
Session("UserName") = userName
(C#)
-
string userName = "name";
-
Session["UserName"] = userName;
Now, in every Page Load event check if anything in Session["UserName"] exists...if it doesn't then you know their Session has expired (or otherwise abandoned) and in this case you want to redirect them.
(VB.NET)
-
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
-
If Session("UserName") Is Nothing Then
-
Response.Redirect("otherPage.aspx",true)
-
End If
-
End Sub
-
(C#)
-
protected void Page_Load(Object sender, EventArgs e)
-
{
-
if(Session["UserName"] == null)
-
{
-
Response.Redirect("otherPage.aspx",true);
-
}
-
}
-
-Frinny