By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,853 Members | 1,570 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,853 IT Pros & Developers. It's quick & easy.

Concurrent session issues. Currently our website can have only one window open. Help me solve this.

P: n/a
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.

Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.

So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.

Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?

Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.

Thanks in advance.

Oct 5 '06 #1
Share this Question
Share on Google+
9 Replies


P: n/a
cendrizzi wrote:
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.

Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.

So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.

Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?

Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.

Thanks in advance.
Hi,

You have several options (if I understand your problem).
The simplest is this: Just mark your steps in the SESSION.
Just add a field:
$_SESSION["step"] = 1;

If a script is called for step 3, it first checks if the last step in the
SESSION was 2, otherwise it refuses the posting and tell the client he/she
should use it in the right order.

When a script succesfully finishes, increase the step in session to its new
value.

Does that help?

The other option (with different id's) goes against the idea behind a
session. Every browser can build 1 session for a domain. I wouldn't try
something like changing the sessionid for each new request. I can be done,
but it is a mess.
Just force the enduser to do things in the right order, simply by counting
your steps and refusing calls to scripts that are before or after the step
that is defined (by YOU) in the sessionarray.

Hope that helps.

Regards,
Erwin Moller
Oct 5 '06 #2

P: n/a
cendrizzi wrote:
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.

Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.

So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.

Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?

Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.

Thanks in advance.
Without knowing the specifics of your application, I can only talk in
general terms. But I have a few thoughts.

I don't like the idea of having multiple sessions running for one user,
but you can take your original idea and make it work within one session
easily. Instead of using that unique value you generate as a session
id, just make it a key value for an array which will hold your user's
data as they progress. Pass that key value along in hidden form
elements so that each time through the process, the user is writing to
a different part of the session. If you generate a new, unique key at
each 'step1', then no matter how many windows they have open, each one
will be using it's own data.

I also don't like the idea of preventing the user from opening a new
window, and I suspect, neither will they. I guess if there is no other
option, then on 'step1', you can check to see if partial data is
already in the session and, if so, alert the user to either continue
with that data, or blow it away and start over from scratch. But in
all honesty, you should try to anticipate that the user WILL do things
out of the order you expect, and work around that, not force them into
one particular path.

Oct 5 '06 #3

P: n/a
Read http://www.tonymarston.co.uk/php-mys...nt-clones.html for a
description of how I solved this very same problem.

--
Tony Marston

http://www.tonymarston.net
http://www.radicore.org
"cendrizzi" <ce*******@gmail.comwrote in message
news:11*********************@i3g2000cwc.googlegrou ps.com...
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.

Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.

So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.

Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?

Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.

Thanks in advance.

Oct 5 '06 #4

P: n/a
Interesting ideas. With your solution tony if I press open link in a
new window (or tab) will it know to go to a new session? Or do they
have to explicity choose to go to create a new session?

On Oct 5, 10:33 am, "Tony Marston" <t...@NOSPAM.demon.co.ukwrote:
Readhttp://www.tonymarston.co.uk/php-mysql/client-clones.htmlfor a
description of how I solved this very same problem.

--
Tony Marston

http://www.tonymarston.nethttp://www.radicore.org

"cendrizzi" <cendri...@gmail.comwrote in messagenews:11*********************@i3g2000cwc.goo glegroups.com...
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.
Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.
So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.
Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?
Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.
Thanks in advance.
Oct 5 '06 #5

P: n/a
I have thought of something like this but I was hoping to not be this
restrictive if possible. In the end I'll just go for what works.

On Oct 5, 9:27 am, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spam yourself.comwrote:
cendrizzi wrote:
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.
Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.
So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.
Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?
Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.
Thanks in advance.Hi,

You have several options (if I understand your problem).
The simplest is this: Just mark your steps in the SESSION.
Just add a field:
$_SESSION["step"] = 1;

If a script is called for step 3, it first checks if the last step in the
SESSION was 2, otherwise it refuses the posting and tell the client he/she
should use it in the right order.

When a script succesfully finishes, increase the step in session to its new
value.

Does that help?

The other option (with different id's) goes against the idea behind a
session. Every browser can build 1 session for a domain. I wouldn't try
something like changing the sessionid for each new request. I can be done,
but it is a mess.
Just force the enduser to do things in the right order, simply by counting
your steps and refusing calls to scripts that are before or after the step
that is defined (by YOU) in the sessionarray.

Hope that helps.

Regards,
Erwin Moller
Oct 5 '06 #6

P: n/a
cendrizzi wrote:
Interesting ideas. With your solution tony if I press open link in a
new window (or tab) will it know to go to a new session? Or do they
have to explicity choose to go to create a new session?

On Oct 5, 10:33 am, "Tony Marston" <t...@NOSPAM.demon.co.ukwrote:
>Readhttp://www.tonymarston.co.uk/php-mysql/client-clones.htmlfor a
description of how I solved this very same problem.
I suspect you would have to do it explicitly.

Creating a concurrent session is a lot easier if you set use_trans_sid - and
even then it still misses a lot of stuff. I guess you could write a
javascript which rewrites any references to your own site to include the
session id.

My solution was to stick with a single session and subdivide it - for my
purposes it simplifed the session management - but it still means
reproducing (sub-)session identifiers across every page.

A better way to solve this might be to execute the pages within a large
frame and keep the (sub-)session identifier in a seperate (small) frame as
a hidden variable then read it into the main frame as required.

HTH

C.
Oct 5 '06 #7

P: n/a
After cloning the current window you are still using the current session by
default, so you have to press the "new session" link in order to create a
new session name with a new session id. After that the two windows are using
different sessions, so what happens in one window is invisible to the other.

--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org

"cendrizzi" <ce*******@gmail.comwrote in message
news:11**********************@i3g2000cwc.googlegro ups.com...
Interesting ideas. With your solution tony if I press open link in a
new window (or tab) will it know to go to a new session? Or do they
have to explicity choose to go to create a new session?

On Oct 5, 10:33 am, "Tony Marston" <t...@NOSPAM.demon.co.ukwrote:
>Readhttp://www.tonymarston.co.uk/php-mysql/client-clones.htmlfor a
description of how I solved this very same problem.

--
Tony Marston

http://www.tonymarston.nethttp://www.radicore.org

"cendrizzi" <cendri...@gmail.comwrote in
messagenews:11*********************@i3g2000cwc.go oglegroups.com...
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.
Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.
So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.
Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?
Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.
Thanks in advance.

Oct 6 '06 #8

P: n/a

"cendrizzi" <ce*******@gmail.comwrote in message
news:11**********************@e3g2000cwe.googlegro ups.com...
>I have thought of something like this but I was hoping to not be this
restrictive if possible. In the end I'll just go for what works.
My code works. I've been using it iny application for 18 months. Yes, it is
tricky, but it's do-able.

--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org
On Oct 5, 9:27 am, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spam yourself.comwrote:
>cendrizzi wrote:
Hi all,
I've read some stuff on this but can't seem to come up with a solution
that works right. I have a semi-mature (yet very large and robust)
internal web application that currently only works with one window open
at a time.
Maybe I'm abusing the use of $_SESSION but I have data entry processes
split up in several steps (which is required since depending on what
was put before determines what pages will be shown after). To store
this information between the steps I use the session, which is the only
way I know that this would be possible (uses arrays in arrays). So if
I were to open up a window and start the data entry it would overwrite
the last one.
So one thought was trying to create an instance id that that is
randomly generated that is passed between the pages using a $_GET
variable. Using this id I would create and reference custom session
variables making sure each instance is completely unique. This seems
to be consistent with what others have tried but I don't think it would
work since if someone middle clicked on a page link it would open up a
new tab (in firefox and IE7) with the same instance id with. There
doesn't seem to me to be an easy way to ensure that each window in a
browser has it's own, unique, instance.
Surely this isn't unique to me so how in the world can I ensure that
each window/tab gets a unique id of some sort so that my session is
unique for each one?
Lastly, if necessary, I wouldn't mind trying to suppress a new window
but this is plagued with the same issues (how do I know it's a new
window/tab?). I know this is not ideal but given the nature of the
application this wouldn't be a big problem.
Thanks in advance.Hi,

You have several options (if I understand your problem).
The simplest is this: Just mark your steps in the SESSION.
Just add a field:
$_SESSION["step"] = 1;

If a script is called for step 3, it first checks if the last step in the
SESSION was 2, otherwise it refuses the posting and tell the client
he/she
should use it in the right order.

When a script succesfully finishes, increase the step in session to its
new
value.

Does that help?

The other option (with different id's) goes against the idea behind a
session. Every browser can build 1 session for a domain. I wouldn't try
something like changing the sessionid for each new request. I can be
done,
but it is a mess.
Just force the enduser to do things in the right order, simply by
counting
your steps and refusing calls to scripts that are before or after the
step
that is defined (by YOU) in the sessionarray.

Hope that helps.

Regards,
Erwin Moller

Oct 6 '06 #9

P: n/a
I have similar solution to this problem. Let me describe it in my
application.

Searching and showing search result to user. While user is switching
through table result pages, i don't want to generate the search
condition every time. So on start of showing search result i create
unique session with search condition and use session every time user
change result page(or change sort...).

But, i can't find solution when to destroy this session. So if the user
make 100 searches it creates 100 sessions. I can't destoy current
session on next new search, beacuse search could be triggered on new
tab(and old search is still on use).

Any ideas?

Tony Marston je napisal:
"cendrizzi" <ce*******@gmail.comwrote in message
news:11**********************@e3g2000cwe.googlegro ups.com...
I have thought of something like this but I was hoping to not be this
restrictive if possible. In the end I'll just go for what works.

My code works. I've been using it iny application for 18 months. Yes, it is
tricky, but it's do-able.

--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org
Dec 3 '06 #10

This discussion thread is closed

Replies have been disabled for this discussion.