Hi
We are running an ASP website where we want to prevent the user from opening more than one instance of the browser-window with our site in it. Any help welcome with deep gratitude.

pckumaran

I do not think you can do that as HTTP is stateless, so you do not know if various requests you get to your page are from one browser or another.

But why anybody ever would want to adaopt something as user-unfriendly as that is beyond me.

I agree with Alsvha. This would be unfriendly, and I don't see any situation when there would be a need for such a restriction. I remember in the days of old, under DOS, only one application would normally run. Windows' operating system, with its ability to open several applications at the same time was seen as a great progress. Now, having only one application would be a step backwards.

A solution is to identify each user with a logon screen. Then you give a session ID to that user. You check if the session ID is always the right one. The session ID would not be a cookie, but a hidden data transfered from one screen to the other.

But why anybody ever would want to adaopt something as user-unfriendly as that is beyond me.
Alsvha is 100% correct on this. It would be more of an annoyance than a help to you.

A solution is to identify each user with a logon screen. Then you give a session ID to that user. You check if the session ID is always the right one. The session ID would not be a cookie, but a hidden data transfered from one screen to the other.
This would work perfectly but your drawback would be that you would have to code a little include statement for every web page on your site.

<snip>
A solution is to identify each user with a logon screen. Then you give a session ID to that user. You check if the session ID is always the right one. The session ID would not be a cookie, but a hidden data transfered from one screen to the other.

I'm not sure that would work as some fast simple testing of for instance firefox seems to indicate that different browser instances - at the very least tabs - use the same session id.
Differnet tabs in Opera also seems to get the same Session id as each other.
Differnet instances of NetScape (no suprise) seems to work as FireFox, using the same Session ID.

This would indicate to me that cookies would also be usable across browser instances and tabs, which I haven't tested (couldn't be bothered to :D) though, so it is speculation from the Session ID testing.
And if this is the case, then you'd not know if it is instance X of the browser or instance Y, and thus a user can have multiple pages open on the site anyway.

Internet Explore seems to spawn a new session per browser instance, so there it would (could?) would.

Now I could easily be wrong as I've not given this much thought or experimenting, because I frankly think it would be poor coding style towards the users.
If anybody want only one instance running on a client, then get the user to download and install a program of yours which connects and shows the relevant pages. Sort of a "browser proxy" for your site.

Well, cookies are out of the question. I did a test script. Remember that cookies only delete upon exiting the browser. If someone is using tabs, the browser will not delete the cookie and will restrinct the user.

Here is my test script.
<?php
if(@$_COOKIE['onepageonly'] == 'alreadyloaded'){
echo "You already have one instance of this website running.";
exit;
}
else{
setcookie('onepageonly', 'alreadyloaded', -3600);
}
?>
<html>
<title></title>
<body>
Welcome to my website.
</body>
</html>