RE: [PHP] trying to figure out the best/efficient way to tell whoisloggedinto a site..
ben... i understand what you've stated, but i was under the impression that a number of sites (etrade, etc...) can/do track who is/is not logged into their sites.. and not just by some crude 'timeout' function... i might be wrong, but it was my understanding that those kinds of sites have the ability to more or less know when someone kills the browser session, and is no longer on the system. these kinds of sites also ustilize some form of a 'timeout' process as well for users who simply have browser sessions that are inactive... by your statements, you're pretty much saying that the only approach one has to this issue is to utilize some sort of timeout function, and if you don't detect user activity after your timeout, then mark the user as no longer being active, and proceed accordingly. this apporach doesn't allow an app to immediately know when a user has killed the browser. so, the question might be, how does one detect when a user has killed a session/left your app? -bruce -Original Message- From: Ben Holt [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 13, 2005 11:05 PM To: [EMAIL PROTECTED] Cc: php-general@lists.php.net Subject: Re: [PHP] trying to figure out the best/efficient way to tell whoisloggedinto a site.. bruce wrote: ben... your statements/approach is pretty much what i've been thinking of. however, with regards to the forums/cms apps.. i've yet to find one that actually keeps a track of the logged in users, that works when the user kills the browser.. the ones that i've seen, that allow an admin to see who's online, appear to fail when i've killed the test user. the apps still show the killed user as being online... hence my isuue! Bruce, what I have been trying to explain is that this _can_not_ be overcome. The web is stateless. Connections between server and client last only long enough for a file to be requested and sent, once that has happened the server and client are no longer connected and have no knowledge of each other. _No_ server-side program will be able to tell you when a user closes their browser or goes to another web site. HTTP simply doesn't provide what you are looking for. - Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] trying to figure out the best/efficient way to tell whoisloggedinto a site..
On 9/14/05, bruce [EMAIL PROTECTED] wrote: ben... i understand what you've stated, but i was under the impression that a number of sites (etrade, etc...) can/do track who is/is not logged into their sites.. and not just by some crude 'timeout' function... This might be possible to do with some client-side javascript. I think that eTrade and all of those sites are using an AJAX paradigm and so the client is periodically pushing requests onto the server (but just for the information that needs to be updated). Among other things I'm sure that users would be submitting the session ID that they have and eTrade can track if the browser session is still alive by doing this. However, all of this would be something to ask on a JS list instead of here. :-) Also remember that not all users will enable JS so you need to have backup functionality (i.e. rely on the timeout) so you will never have 100% accuracy, but the method described above will improve your accuracy (at the cost of extra HTTP connections) ... by your statements, you're pretty much saying that the only approach one has to this issue is to utilize some sort of timeout function, and if you don't detect user activity after your timeout, then mark the user as no longer being active, and proceed accordingly. this apporach doesn't allow an app to immediately know when a user has killed the browser. so, the question might be, how does one detect when a user has killed a session/left your app? The timeout method is still the main way to do it... but with the addition of the AJAX methods you can have the client machine *push* updates into your user session. Once you've determined that the client is enabling JS then it is pretty safe to assume they will keep JS enabled for the life of the browser session. So when your site stops getting pings from the client you could kill their session. All of this said... unless you're using AJAX throughout the entire sit already I wouldn't mess around with it. IMHO it takes a lot of extra coding and the added benefit for something like improved user count isn't going to offset the costs of coding and extra HTTP connections when it goes live.
Re: [PHP] trying to figure out the best/efficient way to tell whoisloggedinto a site..
bruce wrote: ben... i understand what you've stated, but i was under the impression that a number of sites (etrade, etc...) can/do track who is/is not logged into their sites.. and not just by some crude 'timeout' function... Yes they do, the key there being that they are tracking who is logged into their site. You log in, they make a note of it, you log out, they make a note of it. If you don't log out and yet are inactive for a period of time your login becomes stale and you are logged out automatically by the timeout. i might be wrong, but it was my understanding that those kinds of sites have the ability to more or less know when someone kills the browser session, and is no longer on the system. these kinds of sites also ustilize some form of a 'timeout' process as well for users who simply have browser sessions that are inactive... by your statements, you're pretty much saying that the only approach one has to this issue is to utilize some sort of timeout function, and if you don't detect user activity after your timeout, then mark the user as no longer being active, and proceed accordingly. this apporach doesn't allow an app to immediately know when a user has killed the browser. so, the question might be, how does one detect when a user has killed a session/left your app? Provide a login/logout ability and when they log out you kill their session. This is how an e-trade like site would deal with it. If they don't log out you still won't know they have left your site until their session times out though. Some reading on HTTP would help you understand why what you are looking for is not possible. - Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php