How to stop basepage from recursivly detecting session timeout

Alternate Title: How to redirect on session timeout

FINAL SOLUTION: Credit to: Robin Day (Although I tested Ben's solution and it also works and the other two solutions are also both good solutions)

I got rid of the basepage that I had originally.

Put this in the Session_Start of Global.asax

void Session_Start(object sender, EventArgs e) 
{
    string cookie = Request.Headers["Cookie"];
    // Code that runs when a new session is started
    if ((null != cookie) && (cookie.IndexOf("ASP.NET_SessionId") >= 0))//&& !Request.QueryString["timeout"].ToString().Equals("yes"))  
    {
        if(Request.QueryString["timeout"] == null || !Request.QueryString["timeout"].ToString().Equals("yes"))
            Response.Redirect("开发者_C百科Default.aspx?timeout=yes");
    }
}

Put this on the Defualt.aspx page:

 if (!IsPostBack)
    {
        if (Request.QueryString["timeout"] != null && Request.QueryString["timeout"].ToString().Equals("yes"))
        {
            Response.Write("<script>" +
               "alert('Your Session has Timedout due to Inactivity');" +
               "location.href='Default.aspx';" +
               "</script>");
        }
    }

This solution works even when the timeout occurs on the Default.aspx page

---

END SOLUTION

I have a base page that checks for session timeout. (thats all it does). I want to redirect to the home page if there is a session timeout. However, the home page also inherits from this base page.

I'm not sure if i'm explaining this well:

Step 1: One of my pages loads

Step 2: It sits for more than 20 minutes(this would cause session timeout).

Step 3: I click on something that causes poastback

Step 4: Basepage detects timeout and redirects to default.aspx

Step 5: As default.aspx loads, the basepage detects that there is still a timeout and once again tries to redirect to default.aspx. Step 6: Repeat step 5

The bold is the undesired effect...

This is the basepage code.

using System;  
using System.Web.UI;   
public class SessionCheck : System.Web.UI.Page  
{   
public SessionCheck()  {}  

override protected void OnInit(EventArgs e)  
{  
    base.OnInit(e);  

    if (Context.Session != null)  
         {  
             //check the IsNewSession value, this will tell us if the session has been reset.  
             //IsNewSession will also let us know if the users session has timed out  
             if (Session.IsNewSession)  
             {  
                //now we know it's a new session, so we check to see if a cookie is present  
                 string cookie = Request.Headers["Cookie"];  
                 //now we determine if there is a cookie does it contains what we're looking for 
                 if ((null != cookie) && (cookie.IndexOf("ASP.NET_SessionId") >= 0))  
                 {  
                     //since it's a new session but a ASP.Net cookie exist we know  
                     //the session has expired so we need to redirect them  
                     Response.Redirect("Default.aspx?timeout=yes&success=no");  
                 }  
             }  
         }  
     }  
} 

Thanks!!!

(If you need further clarification please ask)

Note: I know that if I redirect to a page that does not inherit from this basepage it would fix the problem. But i don't like this solution.

---

Can you use the event Session_OnStart within the Global.asax?

This will be fired once whenever a new session begins. You can do your redirect in there.

The key I guess though is that you only redirect to the home page if you're not already on it. You can do this by just checking the URL in the Request object.

---

We had similar situation. We first check if the there's Session Timeout and within that we only redirect if current page is not the Default Login page.

---

The below will do the trick with your existing code but robin day's sugestion of using global.asax is a better option.

if (Context.Session != null)  
     {  
         //check the IsNewSession value, this will tell us if the session has been reset.  
         //IsNewSession will also let us know if the users session has timed out  
         if (Session.IsNewSession)  
         {  
            //now we know it's a new session, so we check to see if a cookie is present  
             string cookie = Request.Headers["Cookie"];  
             //now we determine if there is a cookie does it contains what we're looking for 
             if ((null != cookie) && (cookie.IndexOf("ASP.NET_SessionId") >= 0))  
             {  
                 //since it's a new session but a ASP.Net cookie exist we know  
                 //the session has expired so we need to redirect them
                 //Only redirect if the current page is NOT Default.aspx
                 if (Request.Path.Substring(Request.Path.LastIndexOf("/")) != "/Default.aspx") 
                 {
                     Response.Redirect("Default.aspx?timeout=yes&success=no");  
                 }
                 else if (Request.QueryString["timeout"] == "yes")
                 {
                     ScriptManager.RegisterStartupScript(this, this.GetType(), "TimeOutScript", "alert('Your session timed out');", true);
                 }
             }  
         }  
     } 

Editing the answer to respond to comments below becuase it is easier than adding more comments:

I did not provide you with a solution to redirect when the session timed out, you simply cannot do that, the session has timed out, there is nothing to redirect. You said "i just wanna know if there was a timeout" and i gave you a solution for that. There is no real way to tell if a user is hitting page x becuase their session has timed out or because they have opened a browser and started a new session, all you know is there is no existing session. If they hit a page they need to be authenticated to view then you can assume the session has timed out because they should not be hitting the page from scratch. But you can't do this on the home page becuase you can't tell the difference between a user who's session timed out on this page and a user who is just hitting the page for the first time. I have updated the code so that for every page other than Default.aspx it will redirect, and if it has redirected to Default.aspx due to a session time out it will pop up a javascript alert.

---

Create a common base page that contains all things you want to have both in your home page and in other pages.

Than inherit from this your home page and another base page (say SessionCheck) in which to put your session expiration logic. All your pages but home have than to inherit from SessionCheck page.

public class BasePage: System.Web.UI.Page //(this contains all things shared between all pages)
public class SessionCheck : BasePage //(your session loginc in this class)
public class Home : BasePage 

---

Put a property in your base page:

public bool IsDefault { get; set; }

In the PreInit event of your default page:

public void Default_PreInit(object sender, System.EventArgs e)
{
    this.IsDefault = true;
}

Modify your session check:

if (Context.Session != null && !this.IsDefault)
{
    // blibbitty blah blah
}