Updating User Session with Ajax - Round 2
Well back by popular demand is updating your user's session with Ajax. Back in this blog posting: http://radio.javaranch.com/pascarello/2005/07/05/1120592884938.html I wrote a little script that used a confirm to update the session with Ajax.
Now of course that causes some trouble with the user not answering the confirm, removing focus from the element, and so on. With that in mind I rewrote the JavaScript functionality to make it more user friendly and give it that rich user interface people want.
It now uses a layer to float onto the page so we do not disrupt the user's actions when it comes on the screen. It also changes the message when the message has been on the screen after a set period of time. No more update your session message after it has expired. Plus I am using some code from my book Ajax In Action to make the request as easy as possible. The .net loader is explained in it in detail, so if you like it then you may want to pick up the book to learn more.
The Ajax Session Management script is avaiable on my website at:
http://www.pascarello.com/AjaxSessionTimer.aspx
Tell me what you think, any changes, etc.
Eric Pascarello
Moderator of HTML/JavaScript at www.JavaRanch.com
Author of: JavaScript: Your Visual Blueprint for Dynamic Web Pages
Everything in the zip file is what you need to run it.
Eric
string timeValue = ValueSystem.Configuration.ConfigurationSettings.AppSettings[SOMEKEY].toString();
You would have to write this to a variable, register the variable to the page, and set the object with this string.
Eric
Eric, thank you very match for an excellent article and example. I got the same idea a while ago but never had time to work on it. Recently I started to search for existing solutions, posted my question on a SitePoint forum and then found your article using Google.
Here's a question: I think it would be more secure to automatically redirect browser to a "expired" (back to a login page, or whatever) screen in case user did not respond to to a timeout notification. You answered on Ashok's question above saying that if user clicks on Confirm button too late it brings back the login page that your application would normal bring up. But my point is slightly different: how to automatically bring back the login page in case a user did not click on any button at all?
It would be more secure: suppose I started to fill out some form with my sensitive data and then was called to a different room to fix my supervisor's machine. Meanwhile the form with my SSN stays visible, although a timeout notification is displayed above. It's too bad. It should display login page instead.
Wow! I didn't think it's so easy. Thank you Eric! Another concern to me is that our site uses frames heavily. Hopefully it would be possible to have only one "central" function working with a timer and Ajax and use onLoad events from other frames to reset a timer... I have to figure it out.
I'm using XMLHttpRequest for several years but only in synchronous mode. It's time to switch to Ajax now. I bought your Ajax book and going read it :)
P.S. Math Quiz is a great idea. It's easier than usual generation of images with screwed words.
function extendedWait(){
document.getElementById("divAjaxContent").innerHTML = ref.extendedMessage;
}
with that code.
Eric