Jump to content

A question regarding delete user session


helloworld001

Recommended Posts

I have a simple user login where it inserts the user session into database like this (id, user_id, hash).   It works fine.  I can delete the session from the database when the user logs out.  

 

Now I realized something.  When I close the browser window, it'll destroy the session(log out the user) as intended but it won't delete the session from the database.  I was wondering if there is a way to do that?

Link to comment
Share on other sites

You can most likely cause havoc trying js and ajax using the window close event, I wouldn't.

 

Not sure what session handler you use or what else have going on, you have them stored in a database. The session expire time, cache time and garbage collection should be handling this.

Link to comment
Share on other sites

When you use the word 'session', are you talking strictly about the actual PHP Session or just some data items that you are using to identify the user?

 

If I understand it correctly, a PHP Session is destroyed (soon) after the browser is closed. If you are simply worried about any ids contained in that session, they will go away soon, as said. If you are talking about some other info that is contained elsewhere then you need to perhaps store the session id in that db entry so that you can tell if a user returns but doesn't have the same session id anymore.

 

Of course it none of what you are writing about is at all related to the PHP Session, then let's start this conversation over and tell us what you are really doing.

Link to comment
Share on other sites

Let me  clarify.

 

When a user is logged in, a user's session is created.  I took an extra step and decided to insert that session into the database table so that I can keep track of the users who are logged in. 

 

Yes every time I close the browser window, the user session on server side gets destroyed.  But the user session in the database remains there.  That only gets deleted when the logged in user signs out. 

 

Now based on "QuickOldCar"s suggestion, I now use expiry time.  It works.  Basically every time a user logins in, I insert the session data(including current time + add minutes) into the table. Like this.

$time_created	 = date("Y-m-d H:i",strtotime("+10 minutes"));

I then check that time against the current time on the php page.  If it's less than current time, I delete the session from the table.

 

So all in all, it  works now.

Link to comment
Share on other sites

The proper way to do this would be to write an adapter that reads/writes the session to the database, instead of to the default file system location. You're basically storing sessions in two locations right now, which is not ideal.

 

If you simply want to track which users are online, then you could add a simple "last_active" timestamp to the users table. Whenever the user visits a page, update this last_active value. Then have some logic that says if the last_active timestamp is within so many minutes of the current timestamp (so it's <15 minutes old, for example) then they are online.

 

EDIT: http://php.net/manual/en/session.customhandler.php Here is the information about the session handlers to be able to read/write sessions to a database table.

Edited by scootstah
Link to comment
Share on other sites

The proper way to do this would be to write an adapter that reads/writes the session to the database, instead of to the default file system location. You're basically storing sessions in two locations right now, which is not ideal.

 

If you simply want to track which users are online, then you could add a simple "last_active" timestamp to the users table. Whenever the user visits a page, update this last_active value. Then have some logic that says if the last_active timestamp is within so many minutes of the current timestamp (so it's <15 minutes old, for example) then they are online.

 

EDIT: http://php.net/manual/en/session.customhandler.php Here is the information about the session handlers to be able to read/write sessions to a database table.

 

I see. 

 

Now my question is, do I HAVE to store the user sessions in the database?

Link to comment
Share on other sites

Nope, that was your idea. But it doesn't make sense to dump all of the session data in there alongside having filesystem sessions, if all you want to do is track if a user is online or not.

 

Understood. I will remove the database sessions completely and follow your advice on seeings users who are online.  

 

Thanks.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.