Swarfega Posted January 4, 2013 Share Posted January 4, 2013 Hi. Now I've stumbled across another issue, I'm trying to make a timed Auto-Logout script by checking if Sessions using SESS_MEMBER_ID = MySQLTableUserID is active or alive. Here's what I tried (Yes I know its probably very wrong) <?php require_once('config.php'); $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } $sql = "SELECT id FROM potatis"; $query = mysql_query($sql); $rowcount = mysql_num_rows($query); $i = 1; while($row = mysql_fetch_assoc) { if(isset($_COOKIE['SESS_MEMBER_ID']) != $i ) $qry = "UPDATE potatis SET connected='offline' WHERE uid='".$i . "'"; mysql_query($qry) or die(mysql_error()); $i = $i + 1; } ?> Currently, that piece of code sets EVERY user offline, regardless of them already being online. So my questions are the following: 1. How would I fix this to ONLY update the MySQL Database Connected='offline' IF the SESSION of userID X is not active? 2. How would time this script properly? Currently only the logout.php resets a users session and updates the database, but I wanted it to auto-log them out and auto-update the database when they close the webbrowser window, but that seemed a bit difficult so I wanted to try this approach, but if someone knows a neat way to do that as well, I'm game. Quote Link to comment Share on other sites More sharing options...
requinix Posted January 4, 2013 Share Posted January 4, 2013 You're going about the entire process the wrong way. No automated actions, no checking if sessions are active. Keep track of the last time a user performed an action. Update it every time they do something, be it use AJAX or load a page or anything you can know about. Then define "online" to be "whose last action was no more than X minutes ago", and likewise "offline" to be "whose last action was at least X minutes ago". Choose X to be something reasonable; the session expiration (if you have one) is probably too long but a reasonable upper bound on the number you choose. Quote Link to comment Share on other sites More sharing options...
Swarfega Posted January 4, 2013 Author Share Posted January 4, 2013 (edited) Yes, I've diverted over to a point where I decided to use a whole new PHP and use the require_once function where its needed, to check if the user is active or not. I do have a problem tho. By doing this I am unsure how to proceed. I have: 1. Created a new check_activity.php 2. Created a new Column called last_minute 3. Able to insert the data of each user when they enter a page (using date('m')) which updates their last activity by Minutes by including check_activity.php 4. Conclusion that I want to set a max 15 min timeout. 5. I do NOT understand how the Math is meant to be for auto_logout. $now = date('m'); $then = $row['last_minute'] + 15 if($then < $now) { } That would only work if it is between xx:01-xx:59 , but if it turns into xx:59-xx:03 it wont'. All I need is to understand the math, which I don't. Edited January 4, 2013 by Swarfega Quote Link to comment Share on other sites More sharing options...
requinix Posted January 4, 2013 Share Posted January 4, 2013 I don't know you would think to store only the time but don't. Store a complete timestamp, either as a Unix timestamp or a full string date and time. Quote Link to comment Share on other sites More sharing options...
Swarfega Posted January 4, 2013 Author Share Posted January 4, 2013 Yes, but even if I do that, it wouldn't really work out would it? Unless I convert literally everything to Seconds I guess.. $getdate = date("H:m:s"); $date = explode(":", $getdate); $date[0] = $date[0] * 60 * 60 $date[1] = $date[1] * 60 $totalsecondsnow = $date[0] + $date[1] + $date[2]; $thendate = explode(":", $row['last_activity']); $thendate[0] = $thendate[0] * 60 * 60 $thendate[1] = $thendate[1] * 60 $totalsecondsthen = $thendate[0] + $thendate[1] + $thendate[2]; $totalsecondsallowed = $totalsecondsthen + 900; if($totalsecondsnow > $totalsecondsthen) { //SQLDataUpdate //LogoutUser //KillSession } Is this what you mean? Quote Link to comment Share on other sites More sharing options...
Swarfega Posted January 4, 2013 Author Share Posted January 4, 2013 (edited) Mark as solved. Edited January 4, 2013 by Swarfega Quote Link to comment Share on other sites More sharing options...
rbrown Posted January 4, 2013 Share Posted January 4, 2013 FYI... make sure your provider doesn't dump sessions after x amount of time. I had this problem where end users were complaining that they weren't logged in long enough to have to log back in again. So I had change the script to use a time stamp in the db and it would check the time stamp every time they did something on the site and if it was "in range" would let them continue, otherwise they would be forwarded to the login page. you don't need all that code... Set the time stamp $current_time = time(); then get "stored time" from db if(($current_time - $stored_time) >= 900) { go to login page } Quote Link to comment Share on other sites More sharing options...
requinix Posted January 4, 2013 Share Posted January 4, 2013 Yes, but even if I do that, it wouldn't really work out would it? Unless I convert literally everything to Seconds I guess.. "Seconds" would be a Unix timestamp. Sure you can use that. Or just a regular date and time string. You know, like MySQL's DATETIME type. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.