Jump to content

users logged in etc design


jbooth952

Recommended Posts

Generally you would have at the top of each page update when the user was online, setting it to time();

 

Then at the bottom you'd have

 

$SetOn = 24;

$SetOn *= 1000;

$SetOn = time() - $SetOn;

 

mysql_query("SELECT * FROM users WHERE Online > '$SetOn'");

 

or something like that

I understand the concept of flagging the user record when he logs on, and doing a query of all users logged on, but how do you know when a user logs off if he doesn't use your logout, but instead simply closes the browser?

 

Generally you would have at the top of each page update when the user was online, setting it to time();

 

Then at the bottom you'd have

 

$SetOn = 24;

$SetOn *= 1000;

$SetOn = time() - $SetOn;

 

mysql_query("SELECT * FROM users WHERE Online > '$SetOn'");

 

or something like that

well what you have to do really is set a time frame... if u look on here it says within the last 15 minutes... se somethign like

 

<?php
$getusersonline = "SELECT user_id,user FROM useronline 
   WHERE  timestamp > " . (time() - 900); //grab from sql users on in last 15 minutes

$getusersonline2 = mysql_query($getusersonline) or die("Could not get users");
$num = mysql_num_rows($getusersonline2);

echo "<b>There " . ($num != 1 ? "are" : "is") . " $num user" . ($num != 1 ? "s" :
			"") . " currently viewing the forums. </B>";

$tmp = array();
while ($getusersonline3 = mysql_fetch_array($getusersonline2))
{
			$tmp[] = "<A href='$getusersonline3[user]'>$getusersonline3[user]</a>";
}
echo implode(',', $tmp);

I do use sessions, but how do you know when a user logs off if he doesn't use your logout, but instead simply closes the browser?

 

You don't. If you use a session, then when the user closes their browser, the session cookie is deleted. The cookie will usually hold the user's ID, and a token of some sort. It is common to use a timestamp that is salted and then encrypted for this token. You could also add or use an encrypted user agent string for a token.

 

If you want a good login class or a way to authenticate users, you should search the internet for "php session hijacking", and "php session fixation". You will find a lot of examples of login scripts that do their best to defeat hackers.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.