1

I am planning to code an application in C# that will only allow a single logged in user connection at a time. I will have a bit column in my SQL Database called LoggedOn and when logging in I will make it check if the database says loggedon = true such as.

if (Loggedon == true) {
    //Login things
} else {
    //it appears you are already logged on.
}

My problem is what if my program unexpectedly shuts down?

For example: Force shutdown or task manager end process, how can I run a query before someone does that to prevent no changes to my database.

I am not sure if I explained this well enough but heres my code 

   protected override void Dispose(bool disposing)
    {
        if (disposing && (components != null))
        {
            components.Dispose();
        }
        string myConnection = "******;";
        MySqlConnection conn = new MySqlConnection(myConnection);
        conn.Open();
        MySqlCommand comm = conn.CreateCommand();
        comm.CommandText = "INSERT INTO users LoggedOn = 'False' where username = '" + Form1.TextBoxText + "'";
        comm.ExecuteNonQuery();
        conn.Close();
        base.Dispose(disposing);
    }

Will this code cover all unexpected closes?is there any alternative easy fast ways of doing this?

Would an eventhandler fix my issue? such as this: http://msdn.microsoft.com/en-us/library/system.appdomain.unhandledexception.aspx

Ghandour
  • 45
  • 1
  • 11
  • And if you want to enforce singleton behaviour, why not use a singleton implementation with a static class? – Niels Keurentjes Jan 22 '14 at 01:37
  • When powering on/loading the app, you could check if LoggedOn = 'False', which it should always be. If it's true then that would imply the process was terminated unexpectedly. – dursk Jan 22 '14 at 01:39
  • How would a singleton behavior help my current problem?I've never thought of that looking into it but can you explain it to me – Ghandour Jan 22 '14 at 01:40
  • Mattm but this is to prevent multiple logins if I always keep it loggedon false people can login more than once – Ghandour Jan 22 '14 at 01:41
  • Side note: don't forget to search for [bobby tables](http://xkcd.com/327/) as good explanation of your classical example of SQL injection. – Alexei Levenkov Jan 22 '14 at 01:42
  • Oh I know I have no parameters I was just writing this fast for a quick answer – Ghandour Jan 22 '14 at 01:43
  • Thanks Nico for the edits. – Ghandour Jan 22 '14 at 01:50
  • 1
    No, this method can never work. What if the power goes out or the system bluescreens? You can never guarantee that an application will always terminate gracefully. If you want to guarantee one user is only ever logged in at one location in one session you need to generate a unique session key and only allow transactions against that key. If anything crashes, you notify on next login that an existing session is still active and invalidate the old key. That way if one session is really still alive, it gets broken by the newest login and if it was a crash you're not locked out. – J... Jan 22 '14 at 01:56
  • I figured that I could load a global session key with asp.net cache but I have no clue on how to create a "login table" which is stated here: http://stackoverflow.com/questions/15903574/when-the-same-user-id-is-trying-to-log-in-on-multiple-devices-how-do-i-kill-the – Ghandour Jan 22 '14 at 01:59
  • j.., would you able to assist me with this on skype? my skype is legendfinalhero I can pay you for your services. – Ghandour Jan 22 '14 at 02:04

1 Answers1

1

Along with the singleton and Loggedon persistance the following will help solve the application crashing scenarios:

If you want persist Loggedon in the database to ensure the user is not logged on to the system from anywhere else in the world you can have a heartbeat timer to keep the value of Loggedon updated. So ever few minutes the client will update the db to indicate user is still logged on. This will handle the situations in which the application is crashed.

There are other ways like: You could logoff all other sessions of the user if a user logs in again. Or you can have a watchdog timer instead of a heartbeat - very similar but watchdog essentially ensures long running sessions are infact active

George Philip
  • 704
  • 6
  • 21
  • George wouldn't that be a ridiculous amount of memory used by the DB because it will always be checking the boolean and setting a timer if its false? there must be a better way to do it – Ghandour Jan 22 '14 at 01:57
  • 1
    +1 - heartbeat is quite standard approach to the problem (i.e. in ASP.Net used by session state). @user3158844 - " ridiculous amount of memory ... checking the boolean "? What DB you use that can't handle such requests? – Alexei Levenkov Jan 22 '14 at 02:07
  • your saying a database with 600,000 active accounts can have a timer all checking for different usernames for a boolean and no problems will occur? – Ghandour Jan 22 '14 at 02:12
  • 1
    There are other ways like: You could logoff all other sessions of the user if a user logs in again. Or you can have a watchdog timer instead of a heartbeat - very similar but watchdog essentially ensures long running sessions are infact active – George Philip Jan 22 '14 at 02:14
  • Well can anyone help me with this issue by skype I will be willing to pay my skype is : legendfinalhero – Ghandour Jan 22 '14 at 02:19