you are confusing me.. :)

let's try again..

original problem: user not get logged in all the time...

according to your logic, you are verifying every time that the user is logged. Since you are not using passport authentication's, and you are using your own, this is simple as get and if with session("userid") <> 0 every time you need to know if the user is authenticated. That way the only way to get logged off is to finish the session.

are we getting better?

HTH

Gonzalo

thanks to all, i got i cleared.
and i am really really very sorry for confusing you all.

i will try to improve my logic, so that, if i need your help and advises, i should not waste yours time.

Mr. Parson, i am once again sorry to know that, its harder for you to get into my questions.

Can you suggest some ways, how can i improve the logic?

thanks

Well

Improvement comes with experience, try to work in a good team, share your thoughts with them, listen to their views, moreover, discuss your issues with your peers to get some useful advice.

Regards
Mike

Fortune favours the brave, so don't regret on missed oppurtunities.

I agree with Mike and I am sorry, I don't mean to come off sounding rude or demeaning to you when I say something is poorly written; I understand that programming is a learning experience and I try to help as many people on here as I can so take my comments with a grain of salt and just realise that I am trying to help you and show you a better way to do things. =]

In so far as improving the logic, personally, I would use the FormsAuthentication class throughout your application as opposed to using your own session values (e.g. Session("userid")) and the reason for this is that the framework handles all of the dirty work, it creates the login cookie, assigns the necessary values, then all you have to do is call User.Identitiy.IsAuthenticated on any page that you want to test for a user being logged into your system.

Session's timeout; cookies can last forever or until the browser is closed. In your application, I think your users would benifit more from the cookie approach and, proof of concept, look at Amazon or Ebay or any other online retailer they determine who you are by the cookie that is on your machine.

Lastly, by using cookies you relieve some strain on your server; remember: anything you add to the SessionState Bag is stored in server memory and you can potentially run into a preformance issue if you have a multitude of people hitting your website.

Again these are my opinion and what I would do, not necessarily what everyone else would do. =]

-------------------------
I will only tell you how to do it, not do it for you.
Unless, of course, you want to hire me to do work for you.

^^Thats my signature

thanks to all for your advises
i will definitely follow your suggestions, as i am a beginner, and i want to improve.

thanks once again for all the help and support