Let's see, I'll explain in more detail what happened. I have a texbox and a button; what I want is to enter data into the texbox and when I click on the button I am redirected to another page obtaining the value of that texbox. For that I am logged in to store and then in the other window that will redirect me and show it.
This is the image of my codebing when I click on the button.
Now to get the value of that session and to show it in a texbox what I do is in load(), like this code from my webform2.
Now when I run the application, I enter my webform1.aspx and put the name in the texbox: "name1" if it redirects me to webform2.aspx and if my "name1" is displayed .
Now the problem is that when I open in another tab and place the webform1.aspx and place name2 in the texbox if I am directed to the other page and if the second name that I placed appears now I return to the previous tab and update the page the name has changed and that's the problem.
How could it not be changed or what method is to replace the session?, since what I showed you is something small but according to my question since the same thing happens in my system and I would like to have the name that was placed, imagine that a user logs in and logs something and it's ok logs in with their first name that they logged in but then logs in with their other user and logs everything. Now in the session it will be caught with the second user and not with the first and it would cause problems.
This is the Code of WebForm1
front end
<form id="form1" runat="server">
<div>
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
<asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click"/>
</div>
</form>
Back end
protected void Button1_Click(object sender, EventArgs e)
{
Session["usuario"] = TextBox1.Text;
Response.Redirect("WebForm2.aspx");
}
Webform2 code
front end
<form id="form1" runat="server">
<div>
<asp:Label ID="lbl1" runat="server" Text="Label"></asp:Label>
</div>
</form>
Back end
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
if (Session["usuario"].ToString() == null)
{
Response.Redirect("WebForm1.aspx");
}
else
{
lbl1.Text = Session["usuario"].ToString();
}
}
}
The problem is that when entering the Login, you do not have a validation to know if the user is authenticated.
Assuming that once the user is authenticated you save the username in a session variable
Session["AutenticatedUser"] = TxUsuario.Value.Trim().ToUpper();
(I suggest using known names becauseSession["0"]
only you know them and maintenance becomes complicated, even for you), then in thePage_Load
Login.aspx you should have something like this:In the same way, when you Logout the user, you must destroy the session variable so that when they enter the login, they enter as a new user.
Logout.aspx code:
As @Flxtr has commented, you have a problem checking if the user has already been authenticated. On most websites that require logging, they do not allow you to work with two or more users at the same time from the same browser. If this is your case, they have already given you a good solution. Another similar option would be to use cookies.
In the event that this solution does not suit your needs because for whatever reason you need to be able to work with different users in the same browser, you can create the name of the sessions dynamically for each user. I give you an example:
Suppose we have a website with a simple login. A username and a password are requested, it is verified in the database that this user exists and depending on the response, we allow access or not.
It occurs to me that you take advantage of this query to obtain the user's unique identifier code from your database and use it to dynamically create the name of the session variable:
Thus, in the event that the user had not previously logged in, create the session variable. And if it had already been logged in, we do nothing, since the session variable already exists.
But for this to work, you must also propagate this id throughout the application (for example, you can send this id by url from the login form to the home form ).
either
Then to retrieve the user's name again, you simply dynamically recreate the name of the session variable:
I hope I have explained myself well and that it is useful to you.
EDITING BASED ON YOUR CLARIFICATION
If we adjust the example I gave you a bit, we can adapt it to what you want. We will make this change in your click event of WebForm1:
With this what we do is create a "unique session variable" for this user, and we send the name by url to WebForm2.
And once in WebForm2:
In this way, in WebForm2 we check that we receive the value u by url and use it to create the "single session variable". If it doesn't exist we send it back to WebForm1.aspx.
Perhaps this is not the most correct way to do it, since simply using the value u that we receive by url we have the name, but as an example to clarify things a bit it is fine.
In addition, in the example I have not done it either, but I am used to encrypting every parameter that I send by url.
Check if your session is empty as follows
I do the same thing, I save the user ID in a session variable or else in a cookie if the client wants to keep his session started, I also realized the case you mention, for this I did the simplest thing that can be done, at the time of go to login, exactly in its onload event I eliminate the session variable or, failing that, the cookie, in this way no user will be able to access at the same time as another's session lasts, because the previous session will have already been closed at the time to open the login form.