The best way I know of is to use mt_rand. Check the manual for examples, but this is usually a good way to seed it: mt_srand ((double) microtime() * 1000000); If you look at the size of a normal session ID, it's pretty easy to make a unique sessid. There are 32 chars in a typical sessid. The chances of someone getting the same ID as someone else, all things being equal and even though it's case-insensitive, is approximately 1 in 6.3340286662973277706162286946812e+49...actually, my windows calculator doesn't go that high. It's 32 to the 36th power, anyway. That's insanely huge. But in reality, you don't really need to worry about getting two 32 character long IDs that are the same. Note: one way to auto-logout someone is to use something like a on_unload javascript procedure, but don't bother. Not worth the hassle and it's isn't fool-proof. -- Plutarck Should be working on something... ...but forgot what it was. ""Richard"" <[EMAIL PROTECTED]> wrote in message 9bi64f$goj$[EMAIL PROTECTED]">news:9bi64f$goj$[EMAIL PROTECTED]... > Greetings. > > Thanks for your help! That about people not using logout buttons is really > true! But what can one expect? However, how can I create a unique session > ID? I don't use Databases, at least not MYSQL. > > - Richard > > ""Plutarck"" <[EMAIL PROTECTED]> wrote in message > 9bhsa8$vq8$[EMAIL PROTECTED]">news:9bhsa8$vq8$[EMAIL PROTECTED]... > > Simplest way to do it IMHO. > > > > When a user logs in (starts their session) register their username into > the > > session (that session is "bound" to them now). > > > > On every page when a user does anything, update your database with the > > current time as a "last_activity" entry for that user. > > > > When showing who is currently logged in, get all the entries out and check > > their dates. If the last activity is older than a certain amount of > > acceptable time (how long it takes them to be considered "logged out". > note: > > people rarely use a logout button), then consider that user as not being > > logged in. > > > > Delete the entry so your "who's online" function doesn't hugely slow down > > the page, and you should be good to go. > > > > > > The only problem is that you have to do an update every time someone > visits > > a page, which increases your server load. But to avoid any noticable slow > > down you could just use a register_shutdown_function. > > > > I think that should handle your problem... > > > > > > -- > > Plutarck > > Should be working on something... > > ...but forgot what it was. > > > > > > ""Richard"" <[EMAIL PROTECTED]> wrote in message > > 9bfv6n$pds$[EMAIL PROTECTED]">news:9bfv6n$pds$[EMAIL PROTECTED]... > > > Greetings. > > > > > > Some of you are familiar with my latest project, a smaller > community. > > I > > > have implemented almost everything I need, and I wish to thank those of > > you > > > who helped me with "which mail is new" and so forth. However, this > problem > > > is quite worse I suppose, but I hope some of you has done something like > > > this before: > > > > > > Sessions. > > > > > > I wish to keep track of every visitor. Not a counter or anything, but > more > > > of when a person signs in, the users nickname will be bound to this > > session > > > ID which will keep track of the person is online or offline. I have > solved > > > it like so: > > > > > > Whenever a person loggs in, I add it's name to a online.dat file. > When > > > the user signs of, I remove the nickname thus the login time from the > > file. > > > > > > PROBLEMS?? First one: User must click on "logout" to remove itself. > > Second: > > > It does not always remove itself. > > > > > > Therefore, I ask: How can I create a new session for every visitor (so I > > > know how many are online at the time), bind this ID to its nickname (so > > one > > > row in a file would be: NICKNAME|SESSION_ID|DATE), and how can I make > sure > > > that whenever the browser is closed or whatever, or after a certain time > > of > > > inactivity (3 minutes), the user is removed from the file. > > > > > > All help is greatly appriciated and your name will be on the credits > list > > > too. > > > > > > - Richard > > > > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
