We are currently developing a Web Application for one of our clients who is interested in selling it across continents. Now one of the features of the web application requires the application to capture the local time of the machine the client is using. I have looked for various options on the forum and using javascript seems to be the only option. Now the question is what happens when a user has javascript disabled on his machine.
Is there any better alternative for this since this is paramount for the application to capture the client machine time/ date.
Eagerly awaiting a response.
there is no real way to get the exact user time without javascript... I mean if the user disables javascript you could try to get the user location from IP and then set the correct time in your DB.
I would suggest you to offer a possibility to change the user time zone so the user can set up the correct time in the settings.
Related
How would a cloud web app get Client Device Information such as IP address, Serial Number, etc?
Looking to have an app developed for tracking asset conditions within the school. Just want to make sure my ask is possible before I list it for review.
Basically the user goes to a webpage and fills out a condition report and submits it. I'm wanting to automatically identify the Chromebook or Laptop that is submitting the condition report. With Chromebooks especially, the S/N on the board is not what always is on the case plastics (due to repairs). The aim of making this automatic is to keep data correct.
I could identify the device by serial number, asset number, or local LAN IP. Could potentially identify by any other persistent hardware id that doesn't change.
Thoughts on possible solutions / workarounds:
Maybe there is a unique hardware hash or identifier that Chrome supplies that is persistent and I don't know about. I could manually build a lookup table if its not appropriate to use it directly.
It looks like the WebRTC method no longer works for obtaining local IP address - unless there is a way to force the Chrome Flags for specific sites through Google Workplace policies.
I could create a web service that runs behind the firewall and returns the IP address of the requestor. The client side JavaScript would use that when communicating with the cloud web app and if it cannot connect to the local web service then it prompts the user for the serial number as a last resort.
I could create and force install an extension that the webpage can use to obtain the IP address...
E.g. https://github.com/DoctorLai/what-is-my-ip/
Just wondering if there is an easier way than the above ... One that would work even if the Chromebook wasn't on site...
Thanks
I'm developing a web application that will be accessed by many users on an intranet. At almost every time I would like the server to know the clients that have logged unto the system. The idea that I have currently is that of pinging machines (clients) that the users are sitting on. Every time the user logs in, I would like some code to capture the IP address for the user's machine and send it to the server. The code I have is using json which is however limiting because I will not always have internet access on the intranet to access 'http://smart-ip.net/geoip-json?callback=?'. Is there someone with alternative ideas that can help? I would really like to get the IP addresses for users as they log in.
If there is someone going through the problem I posted above they may find my solution helpful.
I have devised an algorithm yet to be implemented. The algorithm gets each user's IP via the simple $_SERVER['REMOTE_ADDR'] using php and using using some JSP to constantly ping the user from the server to check the user's connection status. To ensure absolute availability for the user the client also uses JS to determine user activity on the application and sends some infor to the server via Ajax if the user is inactive for a given number of minutes. I really think this will work especially that it has worked on my paper work. I will share my experience when I finally implement my thinking.
I have a Ruby on Rails 3 application, and I want to be able to see a list of who is currently online. For example user1, IP address, and country. I then want to be able to open a chat / push messages to this user until they leave my site.
How can I accurately monitor who is currently on the site and instantly remove the user from the list when they leave?
I then can talk to them via faye pub/sub.
How can I accurately monitor who is currently on the site and instantly remove from list when they leave?
Well using HTTP you can not do this "instantly" in a browser. Almost all solutions I see use a heartbeat technique. Every X seconds, a request is sent from the browser (using Ajax), that tells if the user is online. If you haven't heard from the user in x heartbeats, you regard the user as disconnected - even Facebook uses this, it seems. I will recommend you to drop your requirement for instant, unless it's really important.
Another approach is to implement Flash or Silverlight, to make a socket connection to the server. But the demand on the server is high, and if many people is on your site, you will run into trouble with ports and so on.
I think this is not so much related with Ruby on Rails... but this is very hard to implement in HTTP with a scripting language only. The server does not know whether a user has closed the browser or not. The server just sends the requested page data to the user and closes the connection.
You would rather have to integrate Ajax or Flash to make things easier. I have seen some people developing chat programs with Flash, and it seems to work much better than any other Ajax-implemented chat programs.
Chat is very unfavorable in a web browsing context, since the page will be reloaded as the user clicks a link. If you are thinking about building an application that only supports a chat feature, you probably want to look something other than Ruby on Rails. For example, Node.js will be a good one.
I've been asked to display the 'correct' time on our website which I frankly feel is rather pointless as 'correct' can be interpretted in such a variety of ways.
Our current method definately results in an inaccurate time as it uses a server control rendering JavaScript that runs onload using the datetime from the server as a parameter to create a clock object in JavaScript that finally renders on the page and then starts incrementing the clock. Between the server processing, network latency and client-side performance (there's plenty other stuff running onload) the clock ends up way off the actual server time and who knows compared to the client PC.
So to get the 'correct' time shown I could;
Use local PC time and pass new Date() to the JavaScript clock object. Pros: Should be as close to the PC clock as possible. Cons: Not sure how accurate the PC clock is let alone in which timezone.
Use web service for TCP request to NTP server to update clock on web page. Pros: If local PC also sync'd to NTP will be accurate and best possible match. Cons: Will have to handle all the timezone adjustments relative to our servers. If PC clock is out will still have mismatch.
Do I implement my own web service or use something like; Earth Tools or World Time Web Service (EDIT: link removed - now 404)
Here's a blog post from Jon Galloway on Atomic Clock Web Service which is pretty old and yet ranks high when I google and he doesn't reach a conclusion.
Hoepfully I can win the argument with management why syncing to our server clock (GMT) doesn't makes sense if your not in that timezone and why we even need to match a local PC.
Any angles on this I'm missing?
I needed to show the accurate time to clients in an auction web app. You can send the current server time with the page and have the javascript initialize right away without waiting for the rest of the page to load. So the, you only are dealing with network latency which in the worst case is not likely to be more than a couple of seconds.
After that, you're pretty darn close to accurate time. As long as your Javascript timer code is written properly, you're not going to far out of sync before the next page load. But I have seen a lot of bad JS clock code. (Hint: Date() good, setTimeout() bad.)
If you have an application that users are going to be sitting on for a long time, just refresh your time sync either by reloading the page or Ajax.
I wouldn't worry about time zones, just use UTC time so there is no confusion about what time things will happen.
First, be certain that your client is aware that Windows, Linux, and OSX all have built-in clocks that are almost always visible to the users (or made visible very easily). Also, be certain that your client is aware of physical clocks that are often located near any kiosks that might be setup to hide the built in clock from the operating system.
If you know that, and your client still wants a clock on your website, have your client define "correct" time, then implement the solution that matches their definition (both of your solutions seem like they would take care of the two most-likely definitions).
you can use geo targeting to know the physical location of a website visitor and in your database stored the (GMT - XX:XX) of the zone and then calculate the time based on the location of the request. that is going to save the long trip to any third party web service.
Another way you can implement it is using IP Geolocation. There are services that can tell you where your user is connecting from based on it's ip (usually including their timezone) and combining that information with your server's realtime clock you can show the user it's local time.
It's far from perfect, specially with corporate users that might seem to be connecting from somewhere they are not (I live in Argentina, but my work internet connection is trough my employeer that is an American company, so every website assumes I'm located in the US)
Handle time in UTC.
Have users tell you what zone they want to use.
If your users have persistent profiles, persist the choice.
Always display UTC and Local Time side by side and clearly labelled.
You can also display an arbitrary number of user specified zone clocks. Vista
does this and I remain surprised at how
handy it is.
Our company makes the web based application which is priced per workstation.
That means that user/pass credentials should only be used from one particular machine.
Currently what is happening that several users are sharing credentials and we do not have any way to prevent this if they are not doing it concurrently.
The nature on the application is such that user needs to use it once in a while so the inability to work concurrently does not bother the users much and the company loses it's possible revenues.
The application currently is purely AJAX without flash/activeX/Java applets.
The ideal solution would be to read the computer name or IP address of the client with javascript using "Shell.Network" scripting interface.
But this is impossible because of the strict security settings in Internet Explorer. I have to mention that cross browser functionality does not matter and the only browser supported is IE.
Searching google I came across this solution here http://www.reglos.de/myaddress/MyAddress.html but it requires JAVA applet so will not be very convenient.
Are there any other solutions for this?
Your licensing model is not consistent with the delivery model. Change one of them.
Set a cookie on the machine with an id. Retrieve the cookie each time the user logs in. If you see several different cookies alternating for a single user you know you've got something odd going on.
(Of course a single switch may just mean they've moved to a new PC as one off. )
Alternatively, price per usage, 'query' or some other item.
This kind of abuse can probably be detected moderately effectively using the Cookie technique that RichH suggested. At least blatant abuse can be detected quite easily (say 10 licenced users, 100 real users).
But of course, don't lock the user out, just monitor the situation and get your Sales people to call up suggesting that they buy more licences.
We do exactly the same (in terms of licensing and delivery), and I'm sure that you have good business reasons for not changing your model.
Track through sessions per user. Do not allow multiple sessions to a single user. To achieve this you will have to save the session ID into the database and check everytime a user logs in.
To help users who at times have a browser crash and relogin with new session, allow them to sign out their previous session... so you can kill the old session and instead register the new one.
Hope this is useful.
There's no easy answer as your clients (the software) are effectively anonymous and the users are self-identifying.
For IE "locking you out" (I'm hardly an IE expert), but can't the IE settings be set for particular domains? You could simply make it a requirement that the users configure their browsers to give your app superior access.
I don't see any reason why you can't have certain requirements for the users browser (i.e. only IE 6/7/8, these security settings, etc.).