By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,335 Members | 2,258 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,335 IT Pros & Developers. It's quick & easy.

don't open new window

P: n/a

Is there the possibility of not permiting the user of opening
two windows of the same web site?

Thanks
+---------------------------------------------+
| Jayme Assuncao Casimiro |
| Graduado em Ciência da Computação |
| Estudante de Mestrado em Computação |
| Universidade Federal de Minas Gerais - UFMG |
+---------------------------------------------+

Jul 17 '05 #1
Share this Question
Share on Google+
9 Replies


P: n/a
Jayme Assuncao Casimiro:

Is there the possibility of not permiting the user of opening
two windows of the same web site?


No.

André Næss
Jul 17 '05 #2

P: n/a
Jayme Assuncao Casimiro <ja***@dcc.ufmg.br> schrieb:
Is there the possibility of not permiting the user of opening
two windows of the same web site?


No. You can't control the user and the users browser(s) and computer(s).

Regards,
Matthias
Jul 17 '05 #3

P: n/a
Matthias Esken wrote:

No. You can't control the user and the users browser(s) and computer(s).


Perhaps you could (with a complicated session-based tracker, or by
tracking IPs), but the point is that you *should not* control the user's
browser, that's not the purpose of a website!

-adi

Jul 17 '05 #4

P: n/a
Adi Schwarz wrote:
Matthias Esken wrote:

No. You can't control the user and the users browser(s) and computer(s).


Perhaps you could (with a complicated session-based tracker, or by
tracking IPs), but the point is that you *should not* control the user's
browser, that's not the purpose of a website!

-adi


I would say it's not even possible then. The client most probably caches
the page and when a new window is opened just opens it from cache. You
*may* be able to do it with JavaScript (if you are really anal, a
combination of javascript and PHP), but again, there is no reason you
should be limiting how many windows a client has open. You shouldn't care,
your PHP code should be robust enough to handle submissions/track where a
user is if they have multiple pages open, plus thats just one thing you
should mess with. A users web-browser is personal. At the point you start
making it impossible to do something, they get pissed. (Or do something
for that matter, like pop-ups). Take my advice, leave the browser alone.
-Eric Kincl
Jul 17 '05 #5

P: n/a
*** Eric Kincl wrote/escribió (Fri, 21 Nov 2003 01:53:38 +0000):
I would say it's not even possible then. The client most probably caches
the page and when a new window is opened just opens it from cache.


User can spoil any attempt just opening two browsers (Explorer and
Mozilla)—given that he actually care. I normally leave annoying sites
unexplored ;-)

--
--
-- Álvaro G. Vicario - Burgos, Spain
--
Jul 17 '05 #6

P: n/a
Eric Kincl <Er**@Kincl.net_NO_SPAM_> wrote in message news:<3f******@news.gvsu.edu>...
Adi Schwarz wrote:
Matthias Esken wrote:

No. You can't control the user and the users browser(s) and computer(s).


Perhaps you could (with a complicated session-based tracker, or by
tracking IPs), but the point is that you *should not* control the user's
browser, that's not the purpose of a website!

-adi


I would say it's not even possible then.


No. It's possible. As Adi said, you need complex session
processing for that. BTW, I don't mean disabling "Open new window"
option of browser---I mean if the user opens a new window, then prompt
a error message or force log off.

My bank ( http://www.icicibank.com/ )have such option. They won't
allow you to use "Stop button", or "Refresh button" or "Ctrl+N" or
"Open link in new window". If you do so, then they will force log off
telling that it's for security purpose.

---
"One who mix sports and patriotism is a barbarian"
Email: rrjanbiah-at-Y!com
Jul 17 '05 #7

P: n/a
R. Rajesh Jeba Anbiah:
Eric Kincl <Er**@Kincl.net_NO_SPAM_> wrote in message
news:<3f******@news.gvsu.edu>...
Adi Schwarz wrote:
> Matthias Esken wrote:
>
>>
>> No. You can't control the user and the users browser(s) and
>> computer(s).
>
> Perhaps you could (with a complicated session-based tracker, or by
> tracking IPs), but the point is that you *should not* control the
> user's browser, that's not the purpose of a website!
>
> -adi


I would say it's not even possible then.


No. It's possible. As Adi said, you need complex session
processing for that. BTW, I don't mean disabling "Open new window"
option of browser---I mean if the user opens a new window, then prompt
a error message or force log off.

My bank ( http://www.icicibank.com/ )have such option. They won't
allow you to use "Stop button", or "Refresh button" or "Ctrl+N" or
"Open link in new window". If you do so, then they will force log off
telling that it's for security purpose.


Well they can obviously do that because you have to log in and thus they can
link all your actions to you as a person. But in the general case you don't
have that luxury.

But really, instead of disallowing the Stop, Refresh and CTRL-N buttons the
bank should get a fucking clue and implement their system so that it can
handle those sorts of things. Doesn't sound like a bank I would want to
use. "Our security depends on the user's ability to not make mistakes.".
Right.

André Næss
Jul 17 '05 #8

P: n/a
ng**********@rediffmail.com (R. Rajesh Jeba Anbiah) schrieb:
Eric Kincl <Er**@Kincl.net_NO_SPAM_> wrote in message news:<3f******@news.gvsu.edu>...
I would say it's not even possible then.


No. It's possible. As Adi said, you need complex session
processing for that. BTW, I don't mean disabling "Open new window"
option of browser---I mean if the user opens a new window, then prompt
a error message or force log off.

My bank ( http://www.icicibank.com/ )have such option. They won't
allow you to use "Stop button", or "Refresh button" or "Ctrl+N" or
"Open link in new window". If you do so, then they will force log off
telling that it's for security purpose.


Which information do they use for this? IPs can change (Proxy!) and
browsers can change.

Regards,
Matthias
Jul 17 '05 #9

P: n/a
Matthias Esken <mu******************@usenetverwaltung.org> wrote in message news:<bp**********@usenet.esken.de>...
ng**********@rediffmail.com (R. Rajesh Jeba Anbiah) schrieb:
Eric Kincl <Er**@Kincl.net_NO_SPAM_> wrote in message news:<3f******@news.gvsu.edu>...
I would say it's not even possible then.


No. It's possible. As Adi said, you need complex session
processing for that. BTW, I don't mean disabling "Open new window"
option of browser---I mean if the user opens a new window, then prompt
a error message or force log off.

My bank ( http://www.icicibank.com/ )have such option. They won't
allow you to use "Stop button", or "Refresh button" or "Ctrl+N" or
"Open link in new window". If you do so, then they will force log off
telling that it's for security purpose.


Which information do they use for this?


I don't know about their implementation. The pages are in JSP. I
think, they're doing this with session. Also, their system is somewhat
buggy---sometimes the system fails to recognize the use of "Stop
button" or "Refresh button" or "Ctrl+N"...

Here is my simple, quick (but buggy) solution:

<?php
session_start();
header('Cache-Control: no-store, no-cache, must-revalidate'); //don't
cache the page

if (isset($_SESSION[$_SERVER['PHP_SELF']]))
{
echo 'Error: You cannot see a page more than once or open more
than one window.';
}
else //no problem...
{
$_SESSION[$_SERVER['PHP_SELF']] = 1;
echo 'Hello, World!.';
//show other contents...
}
?>

---
"There are two kinds of people, those who do the work and those who
take the credit. Try to be in the first group; there is less
competition there."---Indira Gandhi
Email: rrjanbiah-at-Y!com
Jul 17 '05 #10

This discussion thread is closed

Replies have been disabled for this discussion.