Jump to content

Logging out multiple users on one click


PNewCode

Recommended Posts

Hello,

I have a chat system where I need the ability to log out all users at the end of the meeting. They can do this individually, however most of them neglect to do so and it is necessary for other purposes. Below is the link they have individually to log out. How could I edit this so that I can add it on my ADMIN page, and log out ALL of the people in the "unique_id" column of the database?

<a href="php/logout.php?logout_id=<?php echo $row['unique_id']; ?>" class="logout">Logout</a>

And here is the logout page php

 

<?php
    session_set_cookie_params(0);
    session_start();
    if(isset($_SESSION['unique_id'])){
        include_once "config.php";
        $logout_id = mysqli_real_escape_string($conn, $_GET['logout_id']);
        if(isset($logout_id)){
            $status = "Offline now";
            $sql = mysqli_query($conn, "UPDATE users SET status = '{$status}' WHERE unique_id={$_GET['logout_id']}");
            if($sql){
                session_unset();
                session_destroy();
                header("location: https://www.peredy1.com/adminchat/logintool.php");
            }
        }else{
            header("location: ../users.php");
        }
    }else{  
        header("location: https://www.peredy1.com/adminchat/logintool.php");
    }
?>

Many many thanks for any help with this

Link to comment
Share on other sites

I'm not familiar with the subject, but I can share some ideas:

To expand on ginerjm comment, perhaps you create a table that populates as users join the chat. Then, use that same information from an array to disconnect these people.

Or, can the chat room simply be destroyed?

Is this a general chat or a private conference?

If the average conference lasts 1 hour, can you set an automatic logout/end of season for 90 minutes? This will provide a buffer but also unsure that users are thrown out when their time is done.

Edited by phppup
Typos
Link to comment
Share on other sites

Sure, sorry I should explain more. So when we get together online (there are only 8 of us) we all join at the same time. It's internal so it's private. It's not open to the public. And we all leave at the same time. There's a set amount of people and specific people that are in there and it never changes.

I went in and manually changed the status to "Offline now" and that didn't log them out. That just made them look offline. I need to log them out completely because they would still have to manually click the logout button and then log back in to be able to appear back online themselves (sometimes some of them leave early or don't show up)

So I need to be able to do more than change the "status" and literally log them out. Below is a screen shot of the Mysql database

 

chatss3.jpg

Link to comment
Share on other sites

the code wasn't designed to let you do this, because it isn't querying on each page request to get the user's current status, which would let the login check code force a log-out based on a value stored in the database table.

you can either rewrite the code to do this, or you could delete all the session data files, which would also log-out the admin performing this action, unless you want to scan through the session data files to find the one for the admin and not delete it too.

btw - not only should the logout be a post method form, but using mysqli_real_escape_string() on a value that isn't being used in a string context in a query doesn't provide any sql injection protection, which still can occur for trusted users if cross site scripting is possible, since any value submitted to your code can be changed by cross site scripting to be anything and cannot be trusted. the only fool-proof way of preventing sql injection is to use a prepared query.

Link to comment
Share on other sites

Okay, so the status... if it changes to Offline now, then yes he APPEARS to be offline. That part is awesome. 
So lets say I just update the Mysql to show offline. Then yes they will all APPEAR to be offline.
But that doesn't mean they aren't still logged into the chat. They need to be literally logged out completely.

I don't know what the function is that makes them logout. But I know when they click on "Logout", then they can't get back in unless they login again.

Changing the "Status" only makes them LOOK offline but they can still be in the chat. That "Status" only changes the way they appear.

Link to comment
Share on other sites

Since most of them just refuse to click that Logout button, there has to be a way to force a logout so that wondering eyes on their computer don't get nosey (other people in their houses, etc)
So if they wont click the button, then I need an ability to do it for them without logging into each account one by one and logging them out

Edited by PNewCode
Link to comment
Share on other sites

@ginerjmlike I said I don't know what the function is that makes that happen. I just know that is the link on the button, and it goes to that logout.php page. The only thing that changes in the database that you see is the status to appear offline when they click it. I'm sorry but that is all I know. Like I said I paid for someone to make this, I didn't write it. And unfortunately he said he doesn't know how to make what I'm wanting to happen, happen

Link to comment
Share on other sites

@mac_gyverI'll have to go the first route. Maybe it's in one of the js files. I'm not sure. I wont need any functions like  promoting, demoting, suspending, or banning a user because they can't even get in unless I register them manually (it's a private chat thing) so if I wanted them out I would just delete them from the database completely. I don't have any folders that look to be storing anything like that so I'm thinking it might be written to a file? (session log)

Link to comment
Share on other sites

@mac_gyverthank you for that. I'm clearly in way over my head. I truly thought it would be as easy as making one button that sends to multiple pages that I could just put in the id in but I can see that it's not. I just tried to put in the session_save_path() in the logout page and it came back as page isn't working haha. So yeah, sigh... this is way beyond my understanding. I spent all my money having this made but maybe I can save a couple more months and hire someone to fix all this for me

Link to comment
Share on other sites

Hey @mac_gyverI did find this page called data.php do you think it answers where I need to look? EDIT: Actually this looks like the functioning for the chat messages only

 

<?php
    while($row = mysqli_fetch_assoc($query)){
        $sql2 = "SELECT * FROM messages WHERE (incoming_msg_id = {$row['unique_id']}
                OR outgoing_msg_id = {$row['unique_id']}) AND (outgoing_msg_id = {$outgoing_id} 
                OR incoming_msg_id = {$outgoing_id}) ORDER BY msg_id DESC LIMIT 1";
        $query2 = mysqli_query($conn, $sql2);
        $row2 = mysqli_fetch_assoc($query2);
        (mysqli_num_rows($query2) > 0) ? $result = $row2['msg'] : $result ="No message available";
        (strlen($result) > 28) ? $msg =  substr($result, 0, 28) . '...' : $msg = $result;
        if(isset($row2['outgoing_msg_id'])){
            ($outgoing_id == $row2['outgoing_msg_id']) ? $you = "You: " : $you = "";
        }else{
            $you = "";
        }
        ($row['status'] == "Offline now") ? $offline = "offline" : $offline = "";
        ($outgoing_id == $row['unique_id']) ? $hid_me = "hide" : $hid_me = "";

        $output .= '<a href="chat.php?user_id='. $row['unique_id'] .'">
                    <div class="content">
                    <img src="php/images/'. $row['img'] .'" alt="">
                    <div class="details">
                        <span>'. $row['fname']. " " . $row['lname'] .'</span>
                        <p>'. $you . $msg .'</p>
                    </div>
                    </div>
                    <div class="status-dot '. $offline .'"><i class="fas fa-circle"></i></div>
                </a>';
    }
?>

 

Edited by PNewCode
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.