[SOLVED] Disconnect an other user

[Jahren]

Hi guys!

 

here goes question #3!

 

I am an admin and play around my account manager.

I've found out a user that needs to be shutdown for various reasons.

I've deleted the user in question but I would like him to get disconnected right away.

 

How can I nullify his $_SESSION['uname'] from the server?

 

In other words, Is there a way to manipulate someone else's SESSION vars.

I do have auth protection at login. But I won't reconnect to the database everytime a user loads a single page.

 

I just check if the $_SESSION['uname'] exists.

 

Again : Is there a way to play with the array of session vars?

[ratcateme]

you could store the user ID in session then check then every time a user requests a page check that there ID is still in the database.

 

Scott.

[Jahren]

yeah, checking an ID seems a good alternative.

 

so I'd have a table of connected users.

a simple check of online users is far better than checking the whole auth table!

 

thanks!

 

edit : Tho it leads me to an other question

 

I put a userID in that table upon login

and remove it from the table on logout.

 

How can I remove users that have timed out?

 

edit2 : ahaha edit and reply at the same time

[ratcateme]

i guess you would also want a cron job to take old entries out of the online table.

 

Scott.

[DarkWater]

Just check against the users table, don't bother with an online table.  It'll cause extra overhead and be a pain to get working exactly how you want.

[Jahren]

I don't have a clue on how I can do this tho.

 

When would that be triggered?

Is there some sort of Event() when a session dies?

 

I guess you're right DarkWater

 

Edit : I think i'll go with a counter system

i'll try to auth from the table every five pages you load or something