Keep session alive for form

Hey folks, I'm hosted at CrystalTech using CF8 and in the shared environment, therefore I have a max session timeout of 20 minutes. Currently users log in to the site and we store username in their session.  The site is for posting reviews and therefore they write paragraphs and paragraphs of information.  My problem lies with a user typing and typing and going over their timeout limit of 20 min. Any ideas for keeping this session alive? I tried implementing an IFRAME to routinely hit a keepAlive.cfm page in the background - but that seems so rudimentary and cumbersome - plus it didn't work 100% of the time in my testing. Any ideas? Would cfajaxproxy help? I need something to keep that session while they type their long-winded review.

> Any ideas for keeping this session alive? I tried implementing an > IFRAME to routinely hit a keepAlive.cfm page in the background - but > that seems so rudimentary and cumbersome - plus it didn't work 100% of > the time in my testing. Well, here's a little script I have used, obviously only works for users with javascript enabled, but that's a pretty good percentage these days. 'image.cfm' just needs to be some CF page that sits under your Application.cfm (or .cfc) it doesn't really need to do much. But the script will make sure it gets called every 15 minutes and keep the session alive. Obviously you can just put the actual number of milliseconds in that last statement, rather than writing it out as I have here.) //calls a cfm page to refresh the user session every 15 minutes   function keepAlive() {     var imgAlive = new Image();     var d = new Date();     imgAlive.src = 'image.cfm?d=' + d;   }   setInterval('keepAlive()', 15*60*1000);  

I like Mary Jo's suggestion and would add 1 item. This method will keep the session alive for as long as the page is open in a browser, it does not, however, verify that the user is still using the page. One thing that I have used in the past is added a 'confirm('Unless you click the \'ok\' button now, you will be logged out. If they click on either button, then you can run the keepAlive function.   Just an idea. Also, you might even consider adding a 'save work' button that would save what was typed in your database, but not 'publish' it.  This would allow those users who are writing novels in your website to avoind losing their work, javascript enabled or not. (the action of saving would also allow the session to stay alive automatically.) William -- William E. Seiter Have you ever read a book that changed your life? Go to: www.winninginthemargins.com Enter passkey: goldengrove Web Developer http://William.Seiter.com > Any ideas for keeping this session alive? I tried implementing an > IFRAME to routinely hit a keepAlive.cfm page in the background - but > that seems so rudimentary and cumbersome - plus it didn't work 100% of > the time in my testing. Well, here's a little script I have used, obviously only works for users with javascript enabled, but that's a pretty good percentage these days. 'image.cfm' just needs to be some CF page that sits under your Application.cfm (or .cfc) it doesn't really need to do much. But the script will make sure it gets called every 15 minutes and keep the session alive. Obviously you can just put the actual number of milliseconds in that last statement, rather than writing it out as I have here.) //calls a cfm page to refresh the user session every 15 minutes   function keepAlive() {     var imgAlive = new Image();     var d = new Date();     imgAlive.src = 'image.cfm?d=' + d;   }   setInterval('keepAlive()', 15*60*1000);  

Thanks Mary Jo and William, I've got javascript similiar to what you have. It is reloading the Iframe every x minutes.  Again that wasn't 100% on my testing, so maybe it was goofy for some reason.  I'll plan on implementing your JS and see where that leads. I like the idea of a "Save Work" periodically button. I'm also using FCKEditor (although custom installation of that). Any idea if FCKEditor has a automatic feature like this in the background.  I would think perhaps AND I will do some research myself on this.  Let me know if anyone has experience using FCKEditor (CF8 or Custom Install) and autosaving. I'll try to report back to as I dig deeper into fckeditor.net

Wow! This is absolutely amazing. http://greenmap.sourceforge.net/fck_demo/about.html might solve my session problems and provide a nice "Draft" capability.

>> therefore I have a max session timeout of 20 minutes. >> we store username in their session >> My problem lies with a user typing and typing and going over their >> timeout limit of 20 min. I ran into a similar problem with a website where people would start something get interrupted leave the page open come back finish and submit only to find the session had expired and the work seemd lost beasue they had to login again.  Javascript keep alive was unreliable so I had to re-think the authentication plan and eventually changed it to store the login information in a cookie.  That way once they logged in they they could take as long as they wanted because if the session expired the application would log them back from the cookie information and accept the post. Best Regards, Dennis Powers UXB Internet - A website design and Hosting Company 690 Wolcott Road P.O. Box 6029 Wolcott, CT  06716 Tel: (203)879-2844 http://www.uxbinternet.com/ http://www.uxb.net/

I would advise against storing user data in a literal way in a cookie. We ran into a situation where the user's ID was stored in a cookie.  By changing the cookie, I could impersonate any user. Client variables (you're using a DB for them, right?) might be a good way to avoid that, though, since they don't store an easily recognizable or fudgable ID (like the auto-incremented ID key for users 0-:) --Ben Doom Dennis Powers wrote: ----- Excess quoted text cut - see Original Post for more -----