Prevent multiple users on a page at a time

What whould be the best way to prevent multiple users on a page?

For example if a user is at the page "Home.aspx", no other users should be allowed to go there.

I'm using asp.net on the server and the js-framewo开发者_StackOverflow中文版rd jQuery on the client side.

The easy part is only allowing one user to access a page. You can for example store a session id in an application variable to keep track of who's on the page.

The hard part is to know when the user leaves the page. The HTTP protocol only handles requests, so the server only knows when a user enters the page. There is no concept of "being on" a page in the protocol.

You can use the onunload event in client code to catch when a user goes somewhere else, however this will not always work. If the user loses the internet connection, there is no way to communicate back to the server that the user leaves the page. If the browser or computer crashes, there will naturally be no onunload event.

You can keep requesting data from the server, by for example reloading an image on the page. That way the server can know if the user is still on the page at certain intervals. However, if the user loses the internet connection, the server will think that the user has left, while the user thinks that he/she is still on the page.

Another problem is browser history and cache. A user might leave the page, then go back to the page again. You have to make sure that the page is not cached, or the browser will just use the cached page and the server has no idea that the user thinks that he/she is on the page again.

Agreed with Guffa, you cannot be sure that the browser is already on the page or not, you can only check if the browser is already connected to that page or not.

You can do a sort of "ping", but its more a trick than a 100% working solution and it requires javascript enabled.

I didn't do it but I should look at XMLHTTPRequest and onreadystatechange to handle this :

1) On page load, the browser (client) initiate a XMLHTTPRequest with the web site (server) then wait for callback with the onreadystatechange event.

2) The web site receive the request and "mark" the page as "in use" with the current DateTime.Now.

3) Then the web site sends the response.

4) The onreadystatechange event get the response and the event code re-request the server to re-initiate the 2 after 1 min.

5) If another client request the page, the server check the DateTime mark : if the mark is greater than 1min ago, it means the client didnt respond to the request and may not be on the page again.

Not sure why you would want to do this because it flies in the face of web usability. You could do a locking mechanism on each page in server side code (write user name, page and time to a DB), which is freed up when they go to another page. You would then check on a the page load event to find out if anyone currently has that page locked. However, and this is a big however - have you considered what happens if somebody just shuts their browser down or walks off and leaves it on a page. You would need to seriously consider a timeout to free up locks too. That would need to be a back ground service, either in global.asax as global code or a separate process.

Maybe use static variables to hold the ip of the first user to access the page and then check whether other requests come from the same ip, otherwise display a "no access" page.

make sure you use lock it:

Object thisLock = new Object();
lock (thisLock)
{
    // access static variables
}

You should also use "Session_End" method in global.asax to remove the ip address in case the user leaves your website without pressing the logout button