Let say...
If we ASP.net banking application. When user press a button then it will debit $100 from his account.
Issue:
What happened if user two or three times click on this button without waiting for first inform or it press F5/refresh page.
How we can prevent or get data integrity.
If you are using any ASP.Net ajax, Postback Ritalin will help prevent multiple postbacks.
The easiest way to prevent users from submitting the same form multiple times is to simply disable the button, posting your form back. That way they can't accidentaly re-submit it before the page gets processed.
Also, passing through a random piece of string alongside with the other form variables can help you as well. In that case you could compare the string (alongside with other information) to see if previously you've processed a request that had matching details.
Am guessing/hoping this is an exam question of some kind?
Anyways, here a couple of pointers;
look into transactions (for the sum to add up) and perhaps optimistic concurrency (to avoid changing what have been updated by others)
good luck!
BR
Daniel
Related
I have a new message page that can only be accessed if you are replying to a message or you click to message a user (unless of course you guess the URL). The cancel button currently will send you back to the previous page you were on using javascript:history.back().
I'm wondering if this is the best practice or if I should be using something on the server side to set where the cancel button takes you.
I took a look at this similar question: Does using javascript:history.back(); have any unknown issues?
I don't understand the cache problem mentioned in that post or the javascript being disabled because the site has a lot of javascript that this feature would be the least of the concern if the user does not have javascript. I'm also not too worried about the user not having a page to go back to because as I said, this new message page can only be accessed by clicking on a button on a site unless you guess the URL or copy the URL into a new window.
I'm wondering if there's any other issues on doing it one way or another.
Thanks!
Well, one issue you did mention was when the user types in the URL? Maybe we're crazy, and/or hate buttons! Joking aside, using history.back is mainly frowned upon due to its static nature (who knows if there is a page to go back to).
What the guy is trying to say in the link you provided about caching is that, for example, say you had a sign in page. If you hit your button using history.back, the browser would use a cached version of the webpage, and in turn, clear out anything you filled in. It would also show that you weren't logged in on the users end.
If you do have server side logic. I think your best bet in this case would be to just put in an windows.location.href to your previous page. That way, this issue is resolved, and you know exactly where the user is going.
I am currently creating a ASP.Net MVC 3.0 # order processing application. The application allows users to add products to their order, add a payment and then submit the order.
I am currently at the phase of submitting the order. I looking for suggestions as to how to achieve the following. A users clicks the submit button to submit the order. At this point I would like a processing icon to display while the order is processed, if an error occurs user gets redirected to a payment page, if processing completes successfully, redirect to the confirmation page.
What I was thinking of doing is, when the submit button is pressed, a View is returned to the user containing the processing icon, while in the background via an async Task or async controller, the order is processing and when complete, a redirect occurs to the applicable page. Does this sound like the best way achieving such?
Next question I have on this, what is the best way to prevent double submitting eg. user pressing the F5 key in the web browser?
Finally my last question, as order processing handles a number of events I may need to make it transactional, one fails all fail etc. What is the best way of achieving this?
Use can use AJAX.BeginForm. It will alllow for asynchronous post avoiding a post back until the onsuccess method is fired.
Here is post with an example.
Using Ajax.BeginForm with ASP.NET MVC 3 Razor
Good luck
I am trying to code an app for work where our clients can edit certain fields. When they click edit, the code will lock the data to be editted. And when they click save the data will unlock. But I am having trouble deciding if I can unlock the data when they click elsewhere, go to another page or site, or even close the browser.
What's a good way to decide if the user has left the edit page?
(We are using C# .NET 3.5 and JQuery and a SQL Server 2005 DB).
If you really must use pessimistic locking you could add check in Session_End and unlock all locks that this user set in current session. Use onUserExit jQuery plugin to end session if user closes the browser window or goes on another site, here is the example :
https://stackoverflow.com/a/10481972/351383
You can make use of "onunload" event of html tag. This event is raised
- when Page is closed using X button
- when Page is redirected(In your case user clicks on edits and move on to different link without saving.)
Hope this helps!!
Your question is being understood as "what's a good way to decide if the user has abandoned the edit page without having clicked 'Save' to unlock the field?"
But I am having trouble deciding if I can unlock the data when they click elsewhere, go to another page or site, or even close the browser.
All the scenarios in which someone looks at another page from the same application might mean another window in the same session - perhaps to check something. You don't want that to trigger an unlock because your user could still have a window open in which they can submit the edit.
The other scenarios where the user leaves the page can use onUserExit.
However, you omit from this list the scenario "user goes to lunch leaving webpage open". This is why pessimistic locking is problematic.
Therefore, rephrase the problem as "the user has clicked Edit, but then failed to make the amendment and save within a reasonable time limit".
Basically, your lock should at some point expire.
Upon clicking 'Edit', the save lock kicks in and a timer (5 minutes?) starts, which is also visible on-screen. (If getting these in sync is an issue, make the client-side timer shorter than the server-side one). Your users must make the change and click Save within this time. You could perhaps add an Extend button to extend the time.
The principle is that you need to determine that someone has left it too long, not that someone has left it. You also show to users that having clicked Edit you are expecting them to make an edit some time soon.
You will need to code your system to unlock fields where the lock has expired.
This has the benefit that your countdown will look 'cool' to the sorts of people that request such edit locks.
There's a certain website I need to access multiple times each day that requires me to enter my login name/password first, every time. To save some time, I copied-and-pasted the HTML source code and pre-populated the text fields with my info, then saved that to my desktop. Now I can just open that doc in my browser and click "submit" without having to type anything.
I'm wondering if I can go a step further. Whatever data is sent when I click "submit" — I'd like to start with that step.
From what I understand, the form info is converted into a POST request and sent to the web server. Is there some way I can concoct that request manually (without using their login screen) and then execute that request each time I need to access the site?
Thanks!
wow, what a safe site! Anyhow yes you could do this lots of ways. Not a good idea to transmit tho locally. Have you ever just tried using one of the form auto forms plugins for FireFox? one button and it will populate your form for you.
https://addons.mozilla.org/en-US/firefox/addon/autofill-forms/
I assume you want to do this in an active browser because you want to be able to interact with the site after logging in, correct?
A really simple way to do this and end up with a workable browser might be to try using WatiN. The library itself is generally used to automated in-browser testing. But at the hear of it, that's kind of what you're doing here. You just want an executable that will open a browser, navigate to a page, populate a form, submit, and present the result.
This isn't so much from the perspective of crafting the POST request manually, but rather just automating the UI interaction.
Ultimately, though, it's going to be a matter of testing it for what your user experience is like. Does it take longer than you want? Does it leave the application running in the background unnecessarily? etc.
Honestly, this might really be overkill. Browsers have form auto-population these days. Maybe a browser plugin to take advantage of that instead? How transparent does it need to be?
I have an ASP.NET (C#) page that has a long load time (like 2 minutes). The user is presented with a little animation and a "please wait" message. If the user accidentally loads this page, they need to wait for it to load.
My question is: Is there a way to stop the page load?
Thank you
If you want to stop the server side processing then its a tricky operation. Generally once a request is made that page is rendering on its own independant of other thigns going on. What you would probably need to do is re-engineer that page to check at regular intervals whether a stop command has been issued and abort whatever it is doing at that point. The stop flag could be put in session and should be cleared out after the stoppage.
You may also need to consider how to properly identify the right one to stop (in case there is more than one running). This could be done by returning a unique ID that can be used in part of a call to the "abort" page.
My approach though rather than this complciated rigmarole is to make efforts to stop the user from making this accident. Possibly make whatever link they are clicking pop up an alert saying "the following page will take several minutes to render, do you wish to continue" and then hopefully you will effectively be aborting the page request before it is even made.
I should note that I've never tried to do this sort of thing before so there may be easier ways to do it but this is how I'd probably think abotu going about the problem.
Try window.stop() in JavaScript.