我在vb中有一个Web应用程序,我使用this approach来阻止用户由于简单的许可协议而进行并发登录。
效果很好,如果用户使用已在使用的帐户登录,则第一个用户将被注销。我正在尝试在loggingin事件中添加消息框或某种js确认框,其中说明:
This user account has been active in the last 20 minutes.
If someone else is using it, then logging in may possibly
compromise any report generation or activity.
Continue login?
以下是代码:
<asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Dashboard/Default.aspx" >
<LayoutTemplate>
<table border="0" cellpadding="0">
<tr>
<td align="right"><p><asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">User Name:</asp:Label></p></td>
<td align="right">
<p><asp:TextBox ID="UserName" runat="server" Width="220" autocomplete="on" />
<asp:RequiredFieldValidator ID="UserNameRequired" runat="server" ControlToValidate="UserName" Text="*"
ErrorMessage="User Name is required." ToolTip="User Name is required." ValidationGroup="Login1" /></p>
</td>
</tr>
<tr>
<td align="right"><p><asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:</asp:Label></p></td>
<td align="right">
<p><asp:TextBox ID="Password" runat="server" TextMode="Password" Width="220"></asp:TextBox>
<asp:RequiredFieldValidator ID="PasswordRequired" runat="server" ControlToValidate="Password" Text="*"
ErrorMessage="Password is required." ToolTip="Password is required." ValidationGroup="Login1" /></p>
</td>
</tr>
<tr>
<td align="center" colspan="2" style="color: red"><asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal></td>
</tr>
<tr>
<td align="right" colspan="2"><asp:LinkButton CssClass="prettyButton" ID="LoginButton" runat="server" CommandName="Login" Text="Log In" ValidationGroup="Login1" /></td>
</tr>
</table>
</LayoutTemplate>
</asp:Login>
Private Sub Login1_LoggingIn(sender As Object, e As LoginCancelEventArgs) Handles Login1.LoggingIn
Dim messagetext As String = "This user account has been active in the last 20 minutes." + Environment.NewLine + Environment.NewLine
messagetext += "If someone else is using it, then logging in may possibly" + Environment.NewLine
messagetext += "compromise any report generation or activity." + Environment.NewLine + Environment.NewLine
messagetext += "Continue login?"
Dim userNameTextBox As System.Web.UI.WebControls.TextBox = DirectCast(Login1.FindControl("UserName"), System.Web.UI.WebControls.TextBox)
Dim currentUser As MembershipUser = Membership.GetUser(userNameTextBox.Text)
If currentUser IsNot Nothing Then
If currentUser.IsOnline Then
'*****CONFIRMATION MESSAGE BOX TO GO HERE*****/
Dim result = MessageBox.Show(messagetext , "Login Warning", MessageBoxButtons.YesNo)
'* IF USER DECIDES NOT TO LOGIN:*/
If result = DialogResult.No Then
e.Cancel = True
End If
'* ELSE LOGIN CONTINUES AND ORIGINAL USER IS LOGGED OUT*/
End If
End If
End Sub
Private Sub Login1_LoggedIn(sender As Object, e As EventArgs) Handles Login1.LoggedIn
Dim userNameTextBox As System.Web.UI.WebControls.TextBox = DirectCast(Login1.FindControl("UserName"), System.Web.UI.WebControls.TextBox)
SingleSessionPreparation.CreateAndStoreSessionToken(userNameTextBox.Text)
End Sub
现在,我可以在本地使用Windows窗体msgbox(),一切都很好,但是一旦我把它放在服务器上,消息框显然不起作用。我尝试了ClientScript和ScriptManager,但客户端检查似乎没有被触发。
非常感谢任何帮助。
答案 0 :(得分:1)
不要在网站中使用VB MessageBox。它只会出现在服务器上 - 并且很可能每次都会杀死你的页面。最终用户永远不会在他的浏览器上看到它。
您可以通过多种方式处理您尝试实现的目标,但效果很好的方法是向用户显示javascript confirm框;它与消息框大致相同,但改为使用OK和Cancel按钮。
您可以在呈现时向您的网页注入一些小javascript,以向用户显示此内容。因此,请删除您的Dim result....行并将其替换为以下内容: - 这会为您的网页HTML注入一些javascript。
Dim cs As ClientScriptManager = Page.ClientScript
cs.RegisterStartupScript(Me.GetType(), "userChecker", "UserCheck(Confirm('yourMessage'));", True)
注意 - 您还将删除检查对话框的代码,{E {1}}
页面加载时,将出现If result = ....对话框。在这种情况下,捕获的响应将传递给名为confirm的{{1}}函数 - 因此HTML中有javascript函数可以接受它。像这样:
UserCheck在javascript内,您可以轻松处理用户响应。也许通过调用.Net的function UserCheck(t){
if (t){
// do something for OK
}else{
// do something for CANCEL
}
函数重定向或引发回发。