I think it's a nice user-friendly feature. It's too often when users of my ASP applications enter a bunch of data to a form, then went somewhere, return and click on a "Submit" button just to realize that session was already expired and all data entered was lost.
Question: how to implement that feature (wit ASP or PHP back-ends)?
ASP provides Session_OnEnd event (PHP does not), but it gives no help: I don't think you can refresh a session at the time this event is fired, and you cannot interact with user from inside this event handler.
But what if there are more than one browser window, frame, or iframe open for this site? Especially for multiple windows we need a way for server to initiate counter reset on all client windows when one of them is refreshed. (By the way, it isn't implemented correctly on my bank's website). We could make one more XMLHttpRequest to a server just before displaying a coming expiration warning. It will ask a server for actual expiration time and reset this window's timer as necessary. But for server to know expiration time it must be reset during each page server script running and saved ... in a session variable.
Another solution which comes to mind would be to use server-push technology to reset all necessary client timers. There are some interesting news about it there.
What do you think about all that?
Wednesday, July 05, 2006