[SOLVED] Logout when user presses X on browser!

[budimir]

Hey guys,

 

How to logout a user when a user clicks X or ALT+4???

 

I think I'll need some javascript or is it possible to solve it with php.

 

???

[xoligy]

time out if user is inactive for x amount of time?

[Vivid Lust]

This would be javascript (maybe)

[budimir]

@xoligy:

 

I don't think a timeout will be OK, because the session is destroyed when a user closes his browser. When he logges back in, he gets new session_id.

 

@Vivid Lust:

 

I think I will need a javascript for detecting when browser is closing. Maybe an unload event or something like that...

[xoligy]

I would of thought the timeout would of done it but maybe i am wrong. if i exeted a page at 9:30pm the time out is 5mins i return at 9:45pm my last session has expired there for i would of thought i need to re-login if there isn't a time out then cause the session restarts no? when i say exit i mean close the browser

 

but like i said i maybe and probably am wrong haha

[DamienRoche]

You can't detect that behavior with php because it's client side.

 

I think your best bet would be a timeout...

 

EDIT: saying that, I heard the session is supposed to expire when the browser is closed. Maybe check your php.ini settings or use ini_set.

 

The javascript way, when the client hits x or alt +f4 you could have it redirect to a php script on your server that simply has:

<?php session_destroy(); ?>

 

It's hard to control though because javascript can be disabled.

 

Hope that helps.

[budimir]

OK,

 

So, I have come up with this code!

 

if ($_SESSION['last_reload'] != "" && $_SESSION['last_reload'] < strtotime("-180 minutes"))
{
header("Location:http://localhost/erp/logoutd.php");
}
else
{
$_SESSION['last_reload'] = time();
}  

 

Why is not logging out users when they close browser on X or ALT + F4? It's working fine, when they are inactive and try to click on something...

[xoligy]

i dont think you can have 180 minutes, i think it would have to be -10800  which is 180minutes

[F1Fan]

As far as the JavaScript part, in the body tag, add:

onunload="someLogOutFunction();"

in the body tag.

 

Then just add a function in JS that runs a logout function, maybe using AJAX.

[budimir]

@F1Fan

 

But won't this logout user at the same moment he leaves current page??? (But he is still on the same site...)

[discomatt]

By default a session will only last until the browser window is closed... as will any cookie that has a 0 for expire_time

[budimir]

OK,

 

So, let's explain in a little bit different way.

 

For each user which is logged in I'm setting a status to ON. That's how I know that user is logged in and then I display it in Online Users. When my user hits logout button the status is set to OFF, also if session is expired and user clicks on something the status is set to OFF and user is redirected to login.php.

 

My problem is, when a user hits X on web browser or he presses ALT + F4. The status is not set to OFF.

 

How can I solve this??

 

I'm not getting any ideas, I tried different things and I couldn't think of anything efficient. My thought was that with javascript it would be possible to detect when web browser is closing and then redirect to logout.php and set status to OFF.

[discomatt]

The only way to do this is with javascript... and I'm not entirely sure if it's possible while following standards.

 

You're going to have to open up a logout page when they close their browsers.. which is only going to tick off the end user.

 

Your best bet is to record and check last page request... if it's over x minutes ago, assume the user has logged off.

[DarkWater]

The only way to do this is with javascript... and I'm not entirely sure if it's possible while following standards.

 

You're going to have to open up a logout page when they close their browsers.. which is only going to tick off the end user.

 

Your best bet is to record and check last page request... if it's over x minutes ago, assume the user has logged off.

 

And also, what if they close their browser with kill or they like restart their computer or have a power outage or something?

[budimir]

OOOOHHHH Damn,

 

Do you maybe have any other ideas how to display loged in users????

 

I don't think this is an effecient way I have come up with...

 

HELP...

[DarkWater]

You store the last time that they were active, and then you check whether or not that time was within a certain threshold, like 5 minutes.

[budimir]

OK, so let me see if this would be OK.

 

On each page I have included session.php where I keep my session variables.

 

I can put a query for inserting time on this page and each time some other page is openned the time is updated. And to check if user was inactive for 5 minutes I could put.

 

$time_aktiv = 1800;
"SELECT * FROM users WHERE lastactive < '$time_aktiv'";

 

Is this OK??