Can someone please guide me as to what is the best way to have the time restriction timer in one of my online application written in Classic ASP with MsAccess database.
Simple process..Once the user shops, the system redirects the user to enter the billing & shipping information where-in this timer is shown and valid for 10 minutes.
Initially I captured the server side time and added 10 minutes using Classic ASP's DateAdd function "DATEADD("n",10, TIME())" and then used JavaScript to match the current time with the expiry time. But since site can be accessed from any part of the world, so taking server time is not helpful as Javascript matching is taking local PC time, so it will never match.
Secondly, when the user refreshes the page, the 10 minute timer will restart.
Appreciate your help. It can be through Javascript or Classic ASP.
In page1, do this
session("shopping_time") = now
In the subsequent pages
do this,
session("current_time" ) = now
time_elapsed = datediff("n",session("current_time" ),session("shopping_time"))
if ( time_elapsed > 10 ) then
//do something
end if
Related
I am currently programming with PHP/HTML/CSS/MYSQL/JAVASCRIPT and i want to perform the following scenario:
Send an email to someone but not by clicking a button "SEND".
I want to build something called "Future Send" that will enable the user to schedule when the email will be send. (for example 5 minutes from now).
This is easy to be accomplished with a Javascript counter that will fire an event when countdown == 0; But this requires that the browser/website must be open.
But what happens in the event that the user writes the email, schedule it for 5 minutes later, and closes the browser or even the computer? The counter will stop and the event will never be fired..
Is there a way to bypass this using the technologies referred above?
Do i have to switch to a different programming language?
Any suggestions?
Thanks in advance.
I have faced a similar case in my production and i made as follow :
1- store the subject, cc, rc, body in a text file
2- name it as follow : timestampToBeSend.txt
3- place it in a pool
4- create a simple PHP script that it will run indefinitely
while (TRUE) {
// find files that they names are less or equal than current timestamp
// if true ? read the contents, delete the file and send mail
// sleep (DESIRED_TIME);
}
This solution works fine from more than 4 years :)
I'm producing an event registration website. When someone click on a link:
Reserve id=10 event
The system is doing a "lock" on this event for ten minutes for this visitor. In that case no one else can reserve this event in next ten minutes. If the payment is done in that time, everything is OK, else the event is unlocked again. I hope the idea is clear.
PROBLEM: When bot (google bot, malicious bot, or angry customer script :P) visits this page, he see this link. Then he enters the page. Then the lock is done...
Also if someone visit recursive: /reserve/1, /reserve/2, /reserve/3, ... He can lock all the events.
I thought about creating a random md5 string for each event. In that case, every event has (next to id) unique code, for example: 1987fjskdfh938hfsdvpowefjosidjf8243
Next, I can translate libraries, to work like this:
<a href="/reserve/1987fjskdfh938hfsdvpowefjosidjf8243" rel="nofollow">
Reserve
</a>
In that case I can prevent the "bruteforce" lock. But the link is still visible for bots.
Then I thought about entering the captcha. And that is the solution. But captchas are... not so great in case of usability and user experience.
I saw few websites with reservation engine working like this. Are they protected? Maybe there is a simple ajax / javascript solution to prevent the bots from reading this as a pure text? I thought about:
Reserve
<script type="text/javascript">
$('#reserve').click(function(e) {
e.preventDefault();
var address = ...;
// something not so obvious to follow?
// for example: md5(ajaxget(some_php_file.php?salt=1029301))
window.location('/reserve/' + address);
});
</script>
But I'm not sure what shall I do there to prevent bots form calculating it. I mean stupid bots will not be able even to follow javascript or jquery stuff, but sometimes, someone wants to destroy something, and if the source is obvious, it can be broken in few lines of code. And whole database of events will be locked down with no reservation option for noone.
CRFS + AJAX POST + EVENT TOKEN generated on each load.
Summary: don't rely on GET requests especially through a elements.
And better if you add some event block rate limits (by IP for instance).
EDIT: (this is a basic sketch)
replace all the href="..." with data-reservation-id=ID
delegate click on the parent element for a[data-reservation-id]
in the callback, simply make a POST ajax call to the API
in the API's endpoint check rate limits using IP for instance
if OK, block the event and return OK, if not return error.
IP-Specific maximum simultaneous reservations
Summary: Depend on the fact that many simple bots operate from one host. Limit the number of simultaneous reservations for a host.
Basic scetch:
Store the requesting IP alongside the reservation
On reservation request count the IP's which have a non-completed reservation.
SELECT Count(ip) FROM reservations WHERE ip=:request_ip AND status=open;
If the number is above a certain threshold, block the reservation.
(this is mostly an expansion of point 4 given in avetist's excellent answer)
I have multiple heroku dynos and a chat app. When a user logs in, their status is set to "online" in MongoDB. However, if a server crashes, their status will still be set as online. How can I update the user status to be "offline" when a server crashes?
If I only had one dyno, this would be easy. I'd just update every user to be "offline" when the server starts. Unfortunately, this is not possible with multiple servers.
As per our chat and comments.
The best option is to go with checking against last activity. So seeing when the last message was sent and if it happened within the last let's say 5 minutes they are online if there were no activity mark them as offline.
Like I mentioned in the comments, if you are not storing a date_created on the messages documents you will not have to change anything because _id stores the timestamp
ObjectId("507f191e810c19729de860ea").getTimestamp()
that returns this Date object
ISODate("2012-10-17T20:46:22Z")
This answer is another option (if you are wanting to keep them as online even if they are not sending messages):
If you would like to know they are still active even when they're not jumping from page to page, include a bit of javascript to ping your server every 60 seconds or so to let you know they are still alive. It'll work the same way as my original suggestion, but it will update your records without requiring them to be frantically browsing your site at least once every five minutes.
var stillAlive = setInterval(function () {
/* XHR back to server
Example uses jQuery */
$.get("stillAlive.php");
}, 60000);
here is my question:
I've a website that works only during the night (after 21:00 until 24:00)
I have a button that says "Enter", but i want that button to alert() a message such as 'The website is not available yet'.
But to do so it must check the time so in pseudocode:
if (time is less more than 21:00 and less than 24:00) {
return true;
} else {
alert('the website is not available yet');
e.preventDefault;
return false;
}
But I don't understand how I can do that in terms time difference, in any day,
any hint?
thank you guys!
new Date().getHours()
will return current hour (13 when I am writing this at 13:42). However this solution has several drawbacks:
it uses system time, changing the time in the computer will fool your script
it uses system time zone, consider getUTCHours()
it can be easily bypassed by disabling JavaScript or modifying the script on the fly
Thus consider fetching time from the server when rendering the page and repeating the test on the server side when user enters (to make sure the check was not bypassed).
I'll try to keep this brief. Hope to get some help or directions about this. Im creating a webapp for a customer that needs notifications for something like this case.
A client register to the hotel at 10PM for 12 hours, this person will left the hotel at 10AM. My client wants a way to display a notification when there is 10 minutes to run out of time for the customer at hotel. I mean, at 9:50AM, the system should display a notification saying: "Time for Room 212 it's gonna expire soom. Contact him and ask if he wants extra hours".
Im using PHP and JQuery for this mission. The whole thing is to figure out a way to check the end-time for the customer and display a notification 10 mins before that end-time. I don't know how to keep "checking the end-time" constantly and display the notification when is the right time.
I hope i've explained my self about this. Any direction, anything that works for this, anything will be very welcome.
Thanks in advance.
I advice you to use jQuery timers plugin for actions explained in previous post.
As way for you is creating notificator that will ask server every minute for the messages. It will be like that:
$(document).everyTime('1min', function(){
// your request function
});
In your request you don't need send any data (of course if your server knows your timezone).
And server will respond you after DB reques as FALSE if no notifications at the time or with notification / array of notifications (of course as json-object).
Good Luck!
setInterval(function() {
// check the time, if it is 10 min before end-time, display notification
}, 1000);