PHP SESSIONS AND LOGIN

[Divante]

I have simple website that uses sessions to update user login information as per the database gets updated when they login and also when they logout. Everything works fine until they close the browser window. The database does not get updated so on the admin side it still shows that they are logged in. What i am tryin to accomplish is to detect and destroy the session when they close the browser as well as update their login information in the database.

[MasterACE14]

use a timestamp field in your database and in your script check if they were active in the last X amount of minutes, if not delete the record.

[WebStyles]

what I normally do is have a javascript/ajax with a little timeout (say every 60 seconds so it doesn't use too much resources) that checks if the users are still logged in and saves the time of the last update. whenever it runs, all the users that have not updates for over 65 seconds are considered logged out, the I update the sessions accordingly.

[revraz]

How will that javascript/ajax run if they close the browser?  Cron job to check the last time stamp is probably the surest way.

[WebStyles]

javascript runs on all active browsers. it won't run on the closed one, but someone else will run it.

[revraz]

And let's say for some reason no one is on your site or they have javascript disabled.  Why would you rely on that, makes no sense.

[WebStyles]

well, if no one's on your site, no one is looking at the list of online users so it doesn't matter. as soon as someone comes online, the lists gets updated and what's displayed is correct again.

[Divante]

thanks all for the input, i know JavaScript can tend to be unreliable some times especially in cases where its turned off. i have kinda solved the problem by running a cron job once every 3 or 4hrs to remove session data as each login session is unique and will be ended once the browser is closed. Hence i look for those special cases once every 4 hrs. Any additional inputs will be appreciated.