Re: [PHP] Auto logout
For the basic logout, it's very easy. Store a session variable which is the last active time. Initialize it to the current time when the user logs in. Each time a page loads, start the session and check current time against the last active time. If the difference is over the limit, display a message and/or go back to the login screen. If it is not, reset the last active time to the current time. This way you have a timer which is reset on every page load. If no page is loaded for some given amount of time, the timer expires and you force a new login. To update the logged in status in the database after a time-based logout, you need a way to know when the user has *not* done something, and that by definition is not going to come from the user themselves. So you have to use a cron job which resets the database flag, there's no way around it. You could store the last active time described above in the database in addition to or instead of in the session data to facilitate this. -- Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Auto logout
I do not think there is really any way around the dual login from the same browser issue. As for the auto-logout I have a suggestion. I have the same set-up for one of my sites. I have a session MySQL database and I track the id of a user once they login and then that record is updated with a timestamp each time a page is reloaded. So at any given time you can calculate the inactivity of a user via the database and show a online status. I then have a cron job that runs every 5 minutes and it deletes records from my session database as records expire i.e. more than 30 minutes etc. My PHP pages behind the login then run a check on every load for a current session database entry based on the user id. Their PHP session may still be valid but if the database record does not exist the user is sent to the login page via a header redirect. Dan T On Mar 15, 2005, at 11:06 AM, Vaibhav Sibal wrote: Hi I wanted to implement an auto-logout feature for my project so that if a terminal is left unattended for say 10 minutes, it should automatically logoff the user. Apart from this, there is another problem that I am encountering with my authentication scheme, the scene is as follows : (1) I am using a $_SESSION variable to transfer the username across pages, what happens is that I cannot login more than one user from the same machine since if i try the same the SESSION[username] variable's value gets changed to the most latest login name. How do i get around this ? (2) Secondly, What happens is, when the user logs off from the system, there are two things that happen at that time, first is that the session variable is killed manually. The second is that the logged in status of the user is updated in the database. So what happens is that when the user is logged on the system, the database shows the user logged in status as 1 otw it shows it as 0. Now the problem is that if by chance the user closes the current browser window without actually logging off, the session variable gets killed automatically but the database is not updated accordingly. Please suggest some way around this also. I would be really happy if you guys can help me with this. Thanks in advance Vaibhav -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Auto logout?
On Monday, June 24, 2002, at 11:14 AM, Hawk wrote: I have a login, and when users are logged on, it should show in some way on the page, that's not the problem, it is to show that they are logged off when they are, often people forget to press the logout button, and the mysql database is unchanged, saying they are still logged on, how can I do so it logs out when a user leaves the page, if the page is closed or something like that, need suggestions, sorry for my currently bad english, but I'll blame the heat ;) Hawk, Have a read of the following thread from this weekend: http://marc.theaimsgroup.com/?l=php- generalr=1w=2q=bs=Whos+online+at+the+moment+in+PHP It discusses some of the issues involved in this. Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php