I am trying to code an app for work where our clients can edit certain fields. When they click edit, the code will lock the data to be editted. And when they click save the data will unlock. But I am having trouble deciding if I can unlock the data when they click elsewhere, go to another page or site, or even close the browser.
What's a good way to decide if the user has left the edit page?
(We are using C# .NET 3.5 and JQuery and a SQL Server 2005 DB).
If you really must use pessimistic locking you could add check in Session_End and unlock all locks that this user set in current session. Use onUserExit jQuery plugin to end session if user closes the browser window or goes on another site, here is the example :
https://stackoverflow.com/a/10481972/351383
You can make use of "onunload" event of html tag. This event is raised
- when Page is closed using X button
- when Page is redirected(In your case user clicks on edits and move on to different link without saving.)
Hope this helps!!
Your question is being understood as "what's a good way to decide if the user has abandoned the edit page without having clicked 'Save' to unlock the field?"
But I am having trouble deciding if I can unlock the data when they click elsewhere, go to another page or site, or even close the browser.
All the scenarios in which someone looks at another page from the same application might mean another window in the same session - perhaps to check something. You don't want that to trigger an unlock because your user could still have a window open in which they can submit the edit.
The other scenarios where the user leaves the page can use onUserExit.
However, you omit from this list the scenario "user goes to lunch leaving webpage open". This is why pessimistic locking is problematic.
Therefore, rephrase the problem as "the user has clicked Edit, but then failed to make the amendment and save within a reasonable time limit".
Basically, your lock should at some point expire.
Upon clicking 'Edit', the save lock kicks in and a timer (5 minutes?) starts, which is also visible on-screen. (If getting these in sync is an issue, make the client-side timer shorter than the server-side one). Your users must make the change and click Save within this time. You could perhaps add an Extend button to extend the time.
The principle is that you need to determine that someone has left it too long, not that someone has left it. You also show to users that having clicked Edit you are expecting them to make an edit some time soon.
You will need to code your system to unlock fields where the lock has expired.
This has the benefit that your countdown will look 'cool' to the sorts of people that request such edit locks.
Related
What might be the best way to implement timed-task in a web-site (asp.net) environment ?
Say clicking a button locks it for 4 hours, or a day. How would I go about implementing the process of counting those 4 hours, (or 1 day) and then unlocking the button) ?
Keep in mind this is a web-site: Do I
save the current datetime stamp to the DB (I'm logged in as a registered user to the web-site)
every time I visit the page with the button I retrieve the stamp and the duration
and calculate how much longer I have to wait, until the button is unlocked.
(And possibly implement a JS (for example) count-down counter that would show near the button)
I'd assume using session variables or cookies is a bad idea, as I may close my web-site or delete my user data and thus loose the above.
Since your requirement is to support this across sessions, then it definitely needs to be in the DB.
DB
Add a LockedUntilUtc column that indicates the date/time that the button should unlock. Better yet, name the column to represent the business model. Maybe you are writing an HR app the has a raise approval process, and there is a mandatory 7 day waiting period before the manager can release the raise to allow HR to review, and the button is laballed "Publish Raise" in which case I'd name it something like PublishRaiseAvailableUtc.
I've dealt with lots of scenarios like this, and it's often simpler to use the date/time that an event needs to occur. As opposed to saving the beginning of the timer and always having to add 7 days everytime you need to make a calculation.
UI
Send this value down with the page as a hidden value. Write javascript using the framework of your choice, or just something as simple as setTimeout which will fire to unlock the button at that point in time.
Do not worry about trying to come up with a convoluted way to prevent the user from unlocking the button by manipulating the HTML. You should assume they can unlock the button if they put effort into it. Given that assumption, we need server side logic to validate the request.
Server Post Validation
When the user clicks the button, and the POST is sent to the server, then server-side code should retrieve the value of PublishRaiseAvailableUtc from the database(do not trust the value posted from the hidden field), and compare that to the server time. I.e. server time should be greater than the PublishRaiseAvailableUtc, assuming you ensure you are comparing UTC times.
I think the best way is saving the day when the button becomes unlocked again. And every time the page is loaded, retrieve that info from the db to check if it should be locked or not.
Another possible way is to use an application variable. But i dont recommend this, because data is stored in memory and because if you reset the app or server, data will be lost.
You first problem is in your approach. You don't necessarily care how long it will be until the time you've saved, but you definitely do want your button to change when that time comes.
What I might suggest is to load the DateTime value from the database, place it somewhere in the page where JavaScript can read it. Now, one only problem is that some users may be able to locate and modify this value to skip the timer. I'm not personally familiar with a way to circumvent this easily, but you should be able to research a solution.
Once you have the value readable by JavaScript, a loop is probably going to be your best bet for checking the current time against your saved time, then performing whatever action you want.
A do..while loop will probably suit your needs
To avoid performance issues, use setTimeout to delay each loop iteration. The delay doesn't have to be very significant.
In the loop, retrieve the current date and time, then compare it to the date and time you saved in the database. If the current date and time is greater, perform your action.
Now, my idea may not be optimal, but I feel it is at least a step in the right direction. I also suggest a loop so that the user is not required to refresh the page to see what changes resulted from the performed action.
Do not rely on client side validation that the button is locked/unlocked. Always check server side that the click happened during the allowable time. This would prevent someone from "hacking" the page to allow a click outside of the allowable window.
I have a new message page that can only be accessed if you are replying to a message or you click to message a user (unless of course you guess the URL). The cancel button currently will send you back to the previous page you were on using javascript:history.back().
I'm wondering if this is the best practice or if I should be using something on the server side to set where the cancel button takes you.
I took a look at this similar question: Does using javascript:history.back(); have any unknown issues?
I don't understand the cache problem mentioned in that post or the javascript being disabled because the site has a lot of javascript that this feature would be the least of the concern if the user does not have javascript. I'm also not too worried about the user not having a page to go back to because as I said, this new message page can only be accessed by clicking on a button on a site unless you guess the URL or copy the URL into a new window.
I'm wondering if there's any other issues on doing it one way or another.
Thanks!
Well, one issue you did mention was when the user types in the URL? Maybe we're crazy, and/or hate buttons! Joking aside, using history.back is mainly frowned upon due to its static nature (who knows if there is a page to go back to).
What the guy is trying to say in the link you provided about caching is that, for example, say you had a sign in page. If you hit your button using history.back, the browser would use a cached version of the webpage, and in turn, clear out anything you filled in. It would also show that you weren't logged in on the users end.
If you do have server side logic. I think your best bet in this case would be to just put in an windows.location.href to your previous page. That way, this issue is resolved, and you know exactly where the user is going.
I need to ask the user if he/she wants to continue an operation (say, save operation).
So, after the user clicks the Save button, some stuff is checked on the server side. If one condition is met, the user must be asked if he/she wants to proceed.
Based on user's answer, the postback should be automatically performed carrying the user's reponse back to the server, so the server will now ask again. Is it possible to do it?
Thanks.
EDIT:
To be more specific, I want this:
The user clicks Save button. The postback is performed
I need to make some validations/checks on SERVER SIDE (this is important!)
In the middle of the postback I want to stop if a certain condition is met and ask the user if he/she really wants to continue.
If the user clicks Yes, I need to re-post the request, but now I need to carry the user's response.
If that "certain condition" is met again, I will just ignore it because the user wanted that.
So the solution to add the confirmation dialog right when the button is pressed is not an option because the checks are not simple and require some complex stuff involved (impossible to do it on client side).
Ajax/JS/Telerik, all OK.
You can use
btnExample.Attributes.Add("onclick", "javascript:return confirm('continue?')";
just one of the options...
EDIT:
for your needs you will want to use AJAX, call a method on the server and upon callback open the confirm window.
2nd Edit:
if the server side work isn't long I would this using AJAX.
AJAX works asynchronously and you want a synchronous procedure, right?
instead of posting back, call an AJAX method from the javascript, which will look something like this:
Service.ProccessRequest(data, OnSucceedJSFunction, OnFailJSFunction);
this way when the server side method finishes the OnSucceedJSFunction on the JS will be called.
in this function you can do something like
if (confirm('are you sure?'))
{
call another server method...
}
if you need to resend the data to the same server side method or to another server side method you can do this again and call a different OnSucceed js function.
Im not sure though about what you want to happen at the end of all the procedure...
Quick and dirty is to use javascript confirm function, tons of example on how to avoid the postback when user clicks cancel or ok.
if you need better ui control surely you can use javascript / jquery or whatever to show a nice dialog box and prevent the postback to happen or invoke it.
If non-JS users do not bother you then something like jQuery or AjaxControlToolkit could provide a modal popup solution.
If you are conscious or perhaps work for a company that needs to provide non-JS solutions then you could consider sending the user to another page asking for confirmation, you could carry any relevant info in either the Session or the Query String.
Let say...
If we ASP.net banking application. When user press a button then it will debit $100 from his account.
Issue:
What happened if user two or three times click on this button without waiting for first inform or it press F5/refresh page.
How we can prevent or get data integrity.
If you are using any ASP.Net ajax, Postback Ritalin will help prevent multiple postbacks.
The easiest way to prevent users from submitting the same form multiple times is to simply disable the button, posting your form back. That way they can't accidentaly re-submit it before the page gets processed.
Also, passing through a random piece of string alongside with the other form variables can help you as well. In that case you could compare the string (alongside with other information) to see if previously you've processed a request that had matching details.
Am guessing/hoping this is an exam question of some kind?
Anyways, here a couple of pointers;
look into transactions (for the sum to add up) and perhaps optimistic concurrency (to avoid changing what have been updated by others)
good luck!
BR
Daniel
I have an ASP.NET (C#) page that has a long load time (like 2 minutes). The user is presented with a little animation and a "please wait" message. If the user accidentally loads this page, they need to wait for it to load.
My question is: Is there a way to stop the page load?
Thank you
If you want to stop the server side processing then its a tricky operation. Generally once a request is made that page is rendering on its own independant of other thigns going on. What you would probably need to do is re-engineer that page to check at regular intervals whether a stop command has been issued and abort whatever it is doing at that point. The stop flag could be put in session and should be cleared out after the stoppage.
You may also need to consider how to properly identify the right one to stop (in case there is more than one running). This could be done by returning a unique ID that can be used in part of a call to the "abort" page.
My approach though rather than this complciated rigmarole is to make efforts to stop the user from making this accident. Possibly make whatever link they are clicking pop up an alert saying "the following page will take several minutes to render, do you wish to continue" and then hopefully you will effectively be aborting the page request before it is even made.
I should note that I've never tried to do this sort of thing before so there may be easier ways to do it but this is how I'd probably think abotu going about the problem.
Try window.stop() in JavaScript.