user authentication and some related issues
Posted 11 August 2006 - 10:34 PM
Please tell me whether there is a way by which the server can standalone'ly check that the user is online or not. the user authentication thing.
I don't want the browser to tell me that the user is online by setting up cookies or by other means. because i find that if the cookies are disabled the website is set useless. please help in this regard.
PHP freaks asks for the login duration when we log in (60mins) or unlimited. i want some technique by which the server may check whether the user is online or not.
Posted 11 August 2006 - 11:40 PM
Both are essentially the same. Keep track of page visits from users by recording their ip/session value in a db along with a time stamp, when you haven't seen a page hit from their session var and/or IP for a period of time, consider them no longer online.
Posted 11 August 2006 - 11:49 PM
you can only keep track of and authenticate users on your site WITHOUT sessions if you force them to provide their credentials on EVERY PAGE (unless you pass their credentials by URL parameters from page to page, in which case why even bother having an authentication system?). this quickly becomes tiresome for users, plenty more tiresome than simply allowing cookies for your domain.
Posted 12 August 2006 - 12:02 AM
your suggestion is good, same as what i thaught once and is acceptable. please clear to me one thing about the time/expiration thing that you mentioned in your reply to my question.
when the user is offline for a long period is it the duty of server admin(me) to delete manually the username or the login info from the database or the PHP script will automatically delete the login info. what is the possibility without using the cookies or sessions.
cookies are what i can use but i am confused about sessions because i have not learned much about them. i just know that they have some relation with cookies and object oriented programming too.
Posted 12 August 2006 - 12:32 AM
When they build the list of "online" people at the top, they are going into that table and pulling the names of the users who have viewed a page within the last few minutes (I think it's 15 for SMF, but it's been a while since I admin'd SMF). If a user hasn't viewed a new page in 15 minutes, then they are consitered "offline".
when the user is offline for a long period is it the duty of server admin(me) to delete manually the username or the login info from the database or the PHP script will automatically delete the login info.
You don't have to delete anything. The server determines whether the user is "online" by the timestamp (i.e. if less than 15 minutes has expired since the last page visit, they are online, otherwise they are offline).
Posted 12 August 2006 - 12:50 AM
you have helped me to recall what i once put on paper and forgot.
the idea that you provided matches the one i created in my mind a few days ago(although i am not the pioneer of this idea). i am once again thankful to you for your generous help.
Posted 12 August 2006 - 01:03 AM
Posted 12 August 2006 - 01:22 AM
Every time someone logged on hits a page, then that page can retrieve the session variables related to that person and can then put the persons username in a communal file which is then included or called into the pages to give the list of currently logged on users.
Whenever you visit a page generated by SMF it calls the function "writelog()". That function deletes all users in the "log_online" table who have not visited a page in the predetermined period of time, and inserts your username, the page, and the timestamp into the table.
To determine who is online, it uses the function "ssi_whosOnline" to retreive the users who are listed in the log_online table (remember it removes "offline" users everytime a page is loaded).
I'm sure SMF uses sessions and session cookies because no session id shows on the url
If you disable cookies the session id will show up in the url.
Posted 12 August 2006 - 01:28 AM
all of you are PHP experts and i respect your knowledge in the field of PHP programming. i want to ask one more thing. how can i change the nonspammer sub-title that is being displayed below my username to something else on this forum. people have different sub-titles attatched to their names.
please. it will feel good if i have a sub-title saying that i am a PHP programmer.
Posted 12 August 2006 - 02:06 AM
Posted 12 August 2006 - 02:30 AM
i have understood the use of this forum and i am following the rules of messaging for purpose, not for status.
I am trying to sort out problems that the visitors are facing to the extent i can. I have a good knowledge of PHP and i can reply to question related to PHP and other programming languages as well. but still i call myself a learner because you guys are superior to me in every field. so i respect all of you. this is the last ir'relevant msg that i am posting just because you asked.
Posted 12 August 2006 - 03:47 AM
my mind clicked once again with a question. what if there is no user online and no script is running on any browser. i.e. on the clientside?
can the server smell a user's status (online or offline)?
i read a book saying that most network applications consist of two pieces: a client and a server. further it says that we focus on the communication process from the client side. the request or control from the serverside is not defined in it. the chapter's name is PHP connectivity.
is there any way that the server understands by itself that someone is offline now or then.
like msn messenger understands that a user is offline when someone disconnects by any reason. can the methods of msn or yahoo messenger be applied on websites with PHP. please refer to me a solution if there is any.
Posted 12 August 2006 - 02:34 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users