I want to tell if someone is currently logged in.

[jandrews3]

The code below is my login code for members of an organization. How can I tell if someone is currently logged in?

<?php
session_start();
$link = mysql_connect("•••••","•••••","•••••") or die("Could not connect: ".mysql_error());
        mysql_select_db("osito_mysql")or die("Could not select database: ".mysql_error());

  $query = "SELECT * FROM ithf_members WHERE uname = '{$_SERVER['PHP_AUTH_USER']}' and pword = '{$_SERVER['PHP_AUTH_PW']}'";
  $result = mysql_query($query) or die("Could not perform query: ".mysql_error());
$row = mysql_fetch_array($result);
$uname = $row['uname'];
$pword = $row['pword'];
$id = $row['id'];


if (!isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])
    || !($_SERVER['PHP_AUTH_USER'] == $uname && $_SERVER['PHP_AUTH_PW'] == $pword))
{
    header('WWW-Authenticate: Basic realm="Authorization Required!"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Authorization Required!';
    exit;
}
else
{
?>

 

[gevans]

You can make a new table in your database, adding the user to it when they login with a timestamp, update the timestamp everytime the user does something. Give it a maximum run-out time like 5 mins, if nothing's happen delete the row and assume the users offline until they do something again.

[cooldude832]

The problem is because the instatneous way of telling if a person is Online is impossible since php only lives for the prehypertext processing.

 

 

You need to build a MySQL table thats called who's online

 

In it you store

 

UserID

LastAction

 

 

On every page load you update LastAction to be NOW() for that given userID (based on their session data)

 

Additionally you need to on each load clear out any users that LastAction was greater than your time frame (usually 5-10 minutes)

 

 

Then to get who is online use the UserID's present in the Who's Online Table Left Joined to the User's table to get the info.

 

 

Pretty trival

[jandrews3]

So there's no way to check to see if a particular SESSION is in effect?

[gevans]

Yes, but you'd have to have access to these, i.e everytime someone logs in add their session id to a row in a table, delete it when they logout or after a certain time period. The easiest was is my first (and cooldude's) suggestion

[cooldude832]

sorry for repeat post you missed a few bits so I didn't feel like rewriting it all

 

 

As for reading sessions its a bad idea because you have to access that file to do what u want.

 

 

As for storing on t user table that isn't great either because you will need to run a large number of Update/Delete/Insert queries on the table and you would much rather do it on a small table than a big table.

 

 

The table "users" needs to really be isolated to as minimal amount of information as possible.

[mtoynbee]

Why not use AJAX to run a simple background refresh to see if the user's browser is still open - therefore is still "online"?

 

 

 

 

[Mark Baker]

Why not use AJAX to run a simple background refresh to see if the user's browser is still open - therefore is still "online"?

It is an option, but the data still needs to be held somewhere on the server, and an Ajax call (triggered by a timer) is simply a method of keeping that information up-to-date.

To quote from gevans post:

update the timestamp everytime the user does something

In this case, the something is simply an Ajax call

[mtoynbee]

Indeed, that was my thought as an enhancement to the 5 minute timeout idea.

[cooldude832]

You are going to be adding more resource usage that way

 

It is really up to you what "online" means

 

I think ajax is a bad idea because I leave firefox open to 25 tabs all day.

 

I'm on a page but i'm not "online" for say

[jandrews3]

I appreciate all your input. It looks like cooldudes answer might be the one to go with. I'm a highschool Spanish teacher and I'm trying to create a gameroom where my students can log on and invite other students who are still online to play Spanish games I've created. Thanks.