Some problem in session (may be..) [modified]
-
Hi, I have a website in which users are assigned userid and they have to save their daily report in the site after logging in. I keep userid in session variable and while saving the data it is also saved in the report table. But yesterday what happened a user when saved his report, it was saved with other user's id. I also make a log of user login time and in it the login time of both users is also not same even it has difference of hours. Can anyone help me out why it happened? and how could i apply measures so that it would not happen in future.. Abhijit, Yusuf or anyone else there who could help me..
modified on Thursday, April 9, 2009 3:24 AM
-
Hi, I have a website in which users are assigned userid and they have to save their daily report in the site after logging in. I keep userid in session variable and while saving the data it is also saved in the report table. But yesterday what happened a user when saved his report, it was saved with other user's id. I also make a log of user login time and in it the login time of both users is also not same even it has difference of hours. Can anyone help me out why it happened? and how could i apply measures so that it would not happen in future.. Abhijit, Yusuf or anyone else there who could help me..
modified on Thursday, April 9, 2009 3:24 AM
devesh sinha wrote:
But yesterday what happened a user when saved his report, it was saved with other user's id.
May be it can be cause of session problem. How did you clean up the session while log off from the application ? And What data they are saving ?
cheers, Abhijit CodeProject MVP
-
devesh sinha wrote:
But yesterday what happened a user when saved his report, it was saved with other user's id.
May be it can be cause of session problem. How did you clean up the session while log off from the application ? And What data they are saving ?
cheers, Abhijit CodeProject MVP
On logout user is redirected to homepage where i have removed all the session variable and also in Global.asax.cs I have removed session and application at session_end. Data saved by users is their daily work report. I have also made a fucntion to check session on each page and in case it is expired user is redirected to login page.
-
On logout user is redirected to homepage where i have removed all the session variable and also in Global.asax.cs I have removed session and application at session_end. Data saved by users is their daily work report. I have also made a fucntion to check session on each page and in case it is expired user is redirected to login page.
Devesh, can you please put the code for Data Save Section , and Log Out Section?
cheers, Abhijit CodeProject MVP
-
Devesh, can you please put the code for Data Save Section , and Log Out Section?
cheers, Abhijit CodeProject MVP
After checkin some condition this code comes. I ahve used a stored procedure to save the data and the userid is passed through a variable "usrid" which i assigned the value on top from the session variable.
SqlConnection con = cmn.getcon(); //new SqlConnection(constr);
if (con.State == ConnectionState.Open)
con.Close();
con.Open();
SqlDateTime sqldatenull;
sqldatenull = SqlDateTime.Null;
SqlCommand cmd = new SqlCommand("usp_OrderMaster_Ins", con);
cmd.CommandType = CommandType.StoredProcedure;string a = txtVisitHr1.Text.ToString(); string b = txtVisitMin1.Text.ToString(); // Define Parameters cmd.Parameters.Add("@VisitDate", SqlDbType.DateTime, 8).Value = cmn.MMDDYYtoYYMMDD(txtVisitDate1.Text); // --------------Stop After Discussion with Anand and G.Shyam Sundar ------------------------- // cmd.Parameters.Add("@VisitTime", SqlDbType.DateTime, 8).Value = txtVisitHr1.Text.ToString() + ":" + txtVisitMin1.Text.ToString() + " " + ddlAMPM.SelectedValue.ToString(); // ----------------------------------------------------------------------------------------- cmd.Parameters.Add("@VisitType", SqlDbType.Char, 1).Value = ddlVisitType1.SelectedValue.ToString(); cmd.Parameters.Add("@Usr\_ID", SqlDbType.Int, 4).Value = Convert.ToInt32(**usrid**); cmd.Parameters.Add("@FinYr", SqlDbType.Char, 7).Value = cmn.FinYr(); //change to session userid cmd.Parameters.Add("@OutledId", SqlDbType.Int, 4).Value = ddlPartner1.SelectedValue; int itmcnt = gdOrderDetails.Items.Count; string ordst = ""; if (itmcnt > 0) { ordst = "Y"; } else { ordst = "N"; } cmd.Parameters.Add("@OrderStatus", SqlDbType.Char, 1).Value = ordst; if (txtNextVisitDt1.Text.ToString() == "") { cmd.Parameters.Add("@NextVisitDate", SqlDbType.DateTime, 8).Value = sqldatenull; } else { cmd.Parameters.Add("@NextVisitDate", SqlDbType.DateTime, 8).Value = cmn.MMDDYYtoYYMMDD(txtNextVisitDt1.Text.ToS -
After checkin some condition this code comes. I ahve used a stored procedure to save the data and the userid is passed through a variable "usrid" which i assigned the value on top from the session variable.
SqlConnection con = cmn.getcon(); //new SqlConnection(constr);
if (con.State == ConnectionState.Open)
con.Close();
con.Open();
SqlDateTime sqldatenull;
sqldatenull = SqlDateTime.Null;
SqlCommand cmd = new SqlCommand("usp_OrderMaster_Ins", con);
cmd.CommandType = CommandType.StoredProcedure;string a = txtVisitHr1.Text.ToString(); string b = txtVisitMin1.Text.ToString(); // Define Parameters cmd.Parameters.Add("@VisitDate", SqlDbType.DateTime, 8).Value = cmn.MMDDYYtoYYMMDD(txtVisitDate1.Text); // --------------Stop After Discussion with Anand and G.Shyam Sundar ------------------------- // cmd.Parameters.Add("@VisitTime", SqlDbType.DateTime, 8).Value = txtVisitHr1.Text.ToString() + ":" + txtVisitMin1.Text.ToString() + " " + ddlAMPM.SelectedValue.ToString(); // ----------------------------------------------------------------------------------------- cmd.Parameters.Add("@VisitType", SqlDbType.Char, 1).Value = ddlVisitType1.SelectedValue.ToString(); cmd.Parameters.Add("@Usr\_ID", SqlDbType.Int, 4).Value = Convert.ToInt32(**usrid**); cmd.Parameters.Add("@FinYr", SqlDbType.Char, 7).Value = cmn.FinYr(); //change to session userid cmd.Parameters.Add("@OutledId", SqlDbType.Int, 4).Value = ddlPartner1.SelectedValue; int itmcnt = gdOrderDetails.Items.Count; string ordst = ""; if (itmcnt > 0) { ordst = "Y"; } else { ordst = "N"; } cmd.Parameters.Add("@OrderStatus", SqlDbType.Char, 1).Value = ordst; if (txtNextVisitDt1.Text.ToString() == "") { cmd.Parameters.Add("@NextVisitDate", SqlDbType.DateTime, 8).Value = sqldatenull; } else { cmd.Parameters.Add("@NextVisitDate", SqlDbType.DateTime, 8).Value = cmn.MMDDYYtoYYMMDD(txtNextVisitDt1.Text.ToSdevesh sinha wrote:
Logout Section:- On logout user is redirected to homepage where on page load this code is written: Session["Usr_Id"]="no"; Session["Section"] = "";
Try to do it in Log Out button Click
try
{
Session.Abandon();
Response.Redirect("Home.aspx", false);} catch (Exception ex) { }And nothing to do with global.asax until and unless you want to some other stuff while log off. Session.Abandon() will do all stuff for you. :) Hope this will help you :)
cheers, Abhijit CodeProject MVP
-
devesh sinha wrote:
Logout Section:- On logout user is redirected to homepage where on page load this code is written: Session["Usr_Id"]="no"; Session["Section"] = "";
Try to do it in Log Out button Click
try
{
Session.Abandon();
Response.Redirect("Home.aspx", false);} catch (Exception ex) { }And nothing to do with global.asax until and unless you want to some other stuff while log off. Session.Abandon() will do all stuff for you. :) Hope this will help you :)
cheers, Abhijit CodeProject MVP
Abhijit here what i think is the same session shared by two users. So how to prevent that? As in my case one user is logged in into his account, there it was ok even on welcome message i can see his username appearing but while saving the data other user's id was passed. I think it is beacuse of sharing of same session by two users and this thing happened for the first time after more than 1000 entries. What u say about this??
-
Abhijit here what i think is the same session shared by two users. So how to prevent that? As in my case one user is logged in into his account, there it was ok even on welcome message i can see his username appearing but while saving the data other user's id was passed. I think it is beacuse of sharing of same session by two users and this thing happened for the first time after more than 1000 entries. What u say about this??
devesh sinha wrote:
what i think is the same session shared by two users.
For every client session is unique. How the user are sharing session in your case? I am not clear.
devesh sinha wrote:
but while saving the data other user's id was passed.
check and verify the logic where you are retrieving data from session.
devesh sinha wrote:
think it is beacuse of sharing of same session by two users and this thing happened for the first time after more than 1000 entries.
:confused:
cheers, Abhijit CodeProject MVP
-
devesh sinha wrote:
what i think is the same session shared by two users.
For every client session is unique. How the user are sharing session in your case? I am not clear.
devesh sinha wrote:
but while saving the data other user's id was passed.
check and verify the logic where you are retrieving data from session.
devesh sinha wrote:
think it is beacuse of sharing of same session by two users and this thing happened for the first time after more than 1000 entries.
:confused:
cheers, Abhijit CodeProject MVP
Ya i agree with you this thing has also puzzled me. But i dont find any problem in the logic. I am saving the userid to database which i retrieve from the session so how it is possible that other user's id is fetched while saving whereas the user is seeing all the information related to him on the screen but on saving the data it goes it other person account.