2

What might be the best way to implement timed-task in a web-site (asp.net) environment ? Say clicking a button locks it for 4 hours, or a day. How would I go about implementing the process of counting those 4 hours, (or 1 day) and then unlocking the button) ?

Keep in mind this is a web-site: Do I

  1. save the current datetime stamp to the DB (I'm logged in as a registered user to the web-site)
  2. every time I visit the page with the button I retrieve the stamp and the duration
  3. and calculate how much longer I have to wait, until the button is unlocked.

(And possibly implement a JS (for example) count-down counter that would show near the button)

I'd assume using session variables or cookies is a bad idea, as I may close my web-site or delete my user data and thus loose the above.

Иво Недев
  • 1,570
  • 1
  • 20
  • 33

4 Answers4

3

Since your requirement is to support this across sessions, then it definitely needs to be in the DB.

DB

Add a LockedUntilUtc column that indicates the date/time that the button should unlock. Better yet, name the column to represent the business model. Maybe you are writing an HR app the has a raise approval process, and there is a mandatory 7 day waiting period before the manager can release the raise to allow HR to review, and the button is laballed "Publish Raise" in which case I'd name it something like PublishRaiseAvailableUtc.

I've dealt with lots of scenarios like this, and it's often simpler to use the date/time that an event needs to occur. As opposed to saving the beginning of the timer and always having to add 7 days everytime you need to make a calculation.

UI

Send this value down with the page as a hidden value. Write javascript using the framework of your choice, or just something as simple as setTimeout which will fire to unlock the button at that point in time.

Do not worry about trying to come up with a convoluted way to prevent the user from unlocking the button by manipulating the HTML. You should assume they can unlock the button if they put effort into it. Given that assumption, we need server side logic to validate the request.

Server Post Validation

When the user clicks the button, and the POST is sent to the server, then server-side code should retrieve the value of PublishRaiseAvailableUtc from the database(do not trust the value posted from the hidden field), and compare that to the server time. I.e. server time should be greater than the PublishRaiseAvailableUtc, assuming you ensure you are comparing UTC times.

AaronLS
  • 37,329
  • 20
  • 143
  • 202
1

I think the best way is saving the day when the button becomes unlocked again. And every time the page is loaded, retrieve that info from the db to check if it should be locked or not.

Another possible way is to use an application variable. But i dont recommend this, because data is stored in memory and because if you reset the app or server, data will be lost.

Andrés Murman
  • 106
  • 3
1

You first problem is in your approach. You don't necessarily care how long it will be until the time you've saved, but you definitely do want your button to change when that time comes.

What I might suggest is to load the DateTime value from the database, place it somewhere in the page where JavaScript can read it. Now, one only problem is that some users may be able to locate and modify this value to skip the timer. I'm not personally familiar with a way to circumvent this easily, but you should be able to research a solution.

Once you have the value readable by JavaScript, a loop is probably going to be your best bet for checking the current time against your saved time, then performing whatever action you want.

  1. A do..while loop will probably suit your needs
  2. To avoid performance issues, use setTimeout to delay each loop iteration. The delay doesn't have to be very significant.
  3. In the loop, retrieve the current date and time, then compare it to the date and time you saved in the database. If the current date and time is greater, perform your action.

Now, my idea may not be optimal, but I feel it is at least a step in the right direction. I also suggest a loop so that the user is not required to refresh the page to see what changes resulted from the performed action.

keeehlan
  • 7,874
  • 16
  • 56
  • 104
1

Do not rely on client side validation that the button is locked/unlocked. Always check server side that the click happened during the allowable time. This would prevent someone from "hacking" the page to allow a click outside of the allowable window.

BoltBait
  • 11,361
  • 9
  • 58
  • 87
  • Technically Yes, always, but it would be nice to unlock the button without needing a page refresh. It shouldn't be impossible to use an UpdatePanel though... – Иво Недев Apr 08 '16 at 23:59