asp.net multiple users?
Solution 1
You need to use seperate browsers. You're using sessions to identify users, and sessions are matched to a cookie in your browser From your comments above, here's what happens
log in as steve -> session created -> steve stored as username -> cookie returned to browser
in a new window, log in as frank -> session already exists, rename username to frank.
in 1st window refresh. -> session username no frank -> return data based on that username.
New IE windows all share the same context. this means if 1 window gets a cookie, they all do. There are 2 ways around this (actually 3).
- Use physically different machines
- Use 2 broswers, eg IE & Firefox
- In IE press alt to get the menu, then click new session from the file menu. This makes a physically separate window that won't share cookies (although there's nothing to indicate this to you)
Having done the above, try again logging in as Steve & Frank & you should see they don't interfere with each other.
Solution 2
I would guess the problem is that, while the sessions are kept separately (you are storing things in Session, right?), the queries that load data from the database are not taking the username into account.
Have a look at the SQL query that loads tasks and see if you include the username (or a user ID) in that query. Feel free to post the query if you need help looking at it.
So to directly answer your main question, if you store things in Session, they will be properly isolated from other sessions. However, wrong data in, wrong data out.
Jake Gaston
Updated on June 14, 2022Comments
-
Jake Gaston almost 2 years
I have an asp.net c# web application where a user can log in and see his schedule for the last week, which is stored in a remote database. Logging into the site consists of just an SQL check to see if the username and password matches the uname & pass records in the database. Once logged in, they can manipulate the time entries for the schedule, etc. While debugging, I logged in as two different users. User B had all of user A's stuff on his form. I wrote the program like I was writing a regular c# app, and didn't really give any thought to multiple people using the website at the same time. I guess I thought that instance handling would be automatic? I've only been working with asp.net for a week or so, and don't have much support.
My main question is, if I have multiple users on my site at the same time, how do I keep their sessions separate?
update - after adding Session variables
This is my sql statement to get user information. Now, using session variables:
string sqlquery = "SELECT FirstName, LastName, OperatorID FROM operators WHERE EmpID = '" + sql + "'"; using (MySqlConnection conn = new MySqlConnection(ConfigurationManager.ConnectionStrings["EobrConnectionString"].ConnectionString)) { conn.Open(); using (MySqlCommand comm = new MySqlCommand(sqlquery, conn)) { using (MySqlDataAdapter adapter = new MySqlDataAdapter(comm)) { DataTable dt = new DataTable(); adapter.Fill(dt); foreach (DataRow dr in dt.Rows) { Session["Fname"] = dr[1].ToString(); Session["Lname"] = dr[2].ToString(); Session["opID"] = dr[3].ToString(); } } } }In the main menu page I have this:
protected void Page_Load(object sender, EventArgs e) { firstname = Session["Fname"].ToString(); lastname = Session["Lname"].ToString(); lblwelcome.Text = "Welcome, " + firstname + " " + lastname + ", make your selection below."; }When User A logs in, they see their name "Frank Drebbin". When User B logs in they see their name, "Jake Gaston". But now, if I reload the first users page, they see the name as "Jake Gaston".