2

I would like to prevent two users from being able to editing the same page at the same time. When one user is editing a page, the other users shall not be able to visit that page. My first thought was to just set a value in my database but to update that value using an ajax request would be useless if the users browser unintentionally shut down in any way.

Is it possible to do this in a more secure/sustainable way?

Ayush
  • 41,754
  • 51
  • 164
  • 239
hgerdin
  • 637
  • 2
  • 8
  • 24
  • like an article OR post ? – CS GO Mar 11 '14 at 06:02
  • Yes, like and article or post. (More like a profile maybe) – hgerdin Mar 11 '14 at 06:03
  • Possible duplicate of http://stackoverflow.com/questions/2792013/prevent-two-users-from-editing-the-same-data?rq=1 – Manoj Saini Mar 11 '14 at 06:11
  • Instead of "locking", consider "optimistic concurrency" and letting the users resolve the conflict as a business process - this is how SO allows many people to edit the same post simultaneously, for instance. (With locking you'll need some form of timeout mechanism/reaper or override - even if the client didn't disconnect without sending an "unlock", the server might itself terminate unexpectedly.) – user2864740 Mar 11 '14 at 06:34
  • That post didn´t really answer my question. That post doesn´t contain a sustainable (waterproof) solution. – hgerdin Mar 11 '14 at 06:37
  • U mean like just notify the user about the situation and let them decide what to do? – hgerdin Mar 11 '14 at 06:39
  • @hgerdin In this sense [optimistic concurrency](http://en.wikipedia.org/wiki/Optimistic_concurrency_control) means, try to make the change *unless* it results in a conflict - generally this means that there was a change made that a user *wasn't* aware of when they were editing the data; they should be made aware, and then (perhaps) allowed to integrate/merge the conflict with their own data. – user2864740 Mar 11 '14 at 06:40
  • 1
    The benefit of OC here is that the user can walk away - on purpose or otherwise - and when they hit "update" they'll be ensured that no critical data is overwritten. Meanwhile, it doesn't prevent others from making any changes as deemed fit. It may be useful to also use an *advisory* system to indicate that multiple people may be working on the same data, but this is orthogonal to implementing OC itself. (OC can also apply to whole or part of an item, for instance, on SO the body/title/tags in a question can all be be edited independently by different people without conflict.) – user2864740 Mar 11 '14 at 06:44
  • @user2864740 Yes I understand. In this case it might be hard to integrate/merge conflicts because there´s a lot of data that might be changed and as it´s build right now it would be hard to compare and match all data. I think that an advisory system will be enough for me at the moment. – hgerdin Mar 11 '14 at 06:46
  • I suppose you could try some form of versioning? If you stored a new copy of a document along with an incrementing version number every time a new edit is submitted and only show the latest version on the page then there's no chance of two users overwriting each other's edits in such a way as to corrupt the document and there'd be a record of what the various previous versions looked like. Of course it would take up however many versions of a document you store of storage (unless you stored diffs or something) so you'd probably also need a cron job to remove versions more than a certain age – GordonM Feb 22 '17 at 08:08

0 Answers0