Click here to Skip to main content
15,920,688 members
Articles / Web Development / HTML
Article

Prevent Session Timeout in ASP.NET

Rate me:
Please Sign up or sign in to vote.
4.47/5 (57 votes)
16 Feb 20051 min read 699.2K   144   109
Simple code to prevent a sesison from timing out while a user enters data or edits HTML etc.

Introduction

I have developed ASP and ASP.NET sites for many years and one of the most common end user problems (apart from basic stupidity ;-) is that while the user is entering information into a web form or HTML edit box, the session timeout period will elapse and they lose all the work they have done.

I have tried solutions such as making JavaScript alert the user to click a button or refresh page, but this has restrictions, especially if they are not able to submit the form yet due to required field limitations.

Solution

I recently came across some code which attempted to fix this problem but that was unsuccessful because the author had forgotten the issue of client side caching.

Add to your page the following code:

C#
private void Page_Load(object sender, System.EventArgs e)
{
this.AddKeepAlive();
}
C#
private void AddKeepAlive()
{
int int_MilliSecondsTimeOut = (this.Session.Timeout * 60000) - 30000;
string str_Script = @"
<script type='text/javascript'>
//Number of Reconnects
var count=0;
//Maximum reconnects setting
var max = 5;
function Reconnect(){

count++;
if (count < max)
{
window.status = 'Link to Server Refreshed ' + count.toString()+' time(s)' ;

var img = new Image(1,1);

img.src = 'Reconnect.aspx';

}
}

window.setInterval('Reconnect()',"+ _
    int_MilliSecondsTimeOut.ToString()+ @"); //Set to length required

</script>

";

this.Page.RegisterClientScriptBlock("Reconnect", str_Script);

}

This code will cause the client to request within 30 seconds of the session timeout the page Reconnect.aspx.

The Important Part

Now this works the first time but if the page is cached locally then the request is not made to the server and the session times out again, so what we have to do is specify that the page Reconnect.aspx cannot be cached at the server or client.

This is done by creating the Reconnect.aspx page with this content:

ASP.NET
<%@ OutputCache Location="None" VaryByParam="None" %>
<html>
</html>

The OutputCache directive prevents this from being cached and so the request is made each time. No code behind file will be needed for this page so no @Page directive is needed either.

And that's it.

Hope this helps someone.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


Written By
Founder Tech Dept
United Kingdom United Kingdom
My Evolution:
TRS-80 Basic, Clipper, C, Better Basic, FORTRAN, C++, Visual Basic, Delphi, C#

Comments and Discussions

 
GeneralRe: Why Pin
Ach1lles16-Feb-05 22:29
Ach1lles16-Feb-05 22:29 
GeneralRe: Why Pin
Anonymously17-Feb-05 0:32
Anonymously17-Feb-05 0:32 
GeneralRe: Why Pin
Ach1lles17-Feb-05 2:42
Ach1lles17-Feb-05 2:42 
GeneralRe: Why Pin
jbkind17-Feb-05 7:17
jbkind17-Feb-05 7:17 
GeneralTRS-80? That takes me back... Pin
Keith Farmer16-Feb-05 8:53
Keith Farmer16-Feb-05 8:53 
GeneralRe: TRS-80? That takes me back... Pin
Ach1lles16-Feb-05 22:30
Ach1lles16-Feb-05 22:30 
GeneralRe: TRS-80? That takes me back... Pin
netbard28-Feb-05 4:42
netbard28-Feb-05 4:42 
GeneralRe: TRS-80? That takes me back... Pin
Vladimir Kelman1-Jun-05 21:13
Vladimir Kelman1-Jun-05 21:13 
I don't think XMLHttp attaches the current cookies (session or otherwise) to an XMLHttp request.

It does. I used XMLHTTP Request extensively in my PHP and ASP applications for server-side data validation and populating client HTML controls without page reloading. And in server script I always checked session to see if it is not expired. If it was expired, server response contained a special error message which triggered client JavaScript to redirect to logout page.
So, XMLHTTP should work, but it's an overkill for such a small trick. Some people use invisible IFRAME for the same purpose, but I think in this particular case, when no data is returned from a server script back to client, dynamic image creation with src="yourpage.asp" is the best solution. In addition, image would work with older browsers which do not support XMLHTTP or even IFRAME.

But I think that the best approach is to display a previously hidden DIV when session is about to expire prompting user to hit a button to stay alive. JavaScript alert() is worse, because it does not allow page to automatically redirect to logout.asp until user clicks OK.

Vladimir Kelman
http://www.vkelman.com
GeneralRe: TRS-80? That takes me back... Pin
xnolightx22-Mar-05 17:10
xnolightx22-Mar-05 17:10 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.