rofl90 Posted March 4, 2008 Share Posted March 4, 2008 How do I check if a user has logged out, I can do in, using a database field online/offline, but how can the system tell if someone is logged in or out? Quote Link to comment Share on other sites More sharing options...
frijole Posted March 5, 2008 Share Posted March 5, 2008 when they logout in your script you can set the value that tells you that they are logged in to "logged out" Quote Link to comment Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Check and see if the session/cookie is still active. If it is, the logged in value would be true. Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Sometimes they won't press logout, and just hit x, how do I check if the cookie is still active? Â Note: I have it set as time()+'value' Â 'value' being a mysql query which is editable.. Quote Link to comment Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 I'm unsure about that. Is there a way to check and see if the window is closed, terminate login? Quote Link to comment Share on other sites More sharing options...
trq Posted March 5, 2008 Share Posted March 5, 2008 What you really need to do is wehn a user logs in, update an active database field to 1. You will also need to store a timestamp (storing the current time) in this same row. Â Now what you need to do is keep track of active users. So, upon each request you need to update the timestamp to the current time. Â Then it is simply a matter of running a cronjob every few minutes that looks for records with a timestamp older than say 5 minutes and sets the active field back to 0. Â There really is no simple way of doing this. Quote Link to comment Share on other sites More sharing options...
trq Posted March 5, 2008 Share Posted March 5, 2008 Sometimes they won't press logout, and just hit x, how do I check if the cookie is still active? Note: I have it set as time()+'value'  'value' being a mysql query which is editable..  Just read this. Your not seriously storing a mysql query in your cookie? That is a huge security hole. Quote Link to comment Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Sounds like a good way to go about doing it, I'm sure there is plenty of tutirlas about cron jobs on the web, if you don't know how to use them. Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 No, I'm storing a variable taken fro a mysql record in a cookie. Â Also, I know its not very community mentality, but could somebody spit out some code to get me started.. Quote Link to comment Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Sorry I cannot be of any other assistance. I am not skilled enough in PHP to really give sample scripts. Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Could somebody explain to me the idea of cronjobs, sounds like what I need, now all I need is something to check if the users cookie is still alive. Quote Link to comment Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Cronjobs is a server-side tool. I believe it's Linux-based, and it is used to run scheduled tasks on the web server. It's pretty extensive, I personally do not know much about it, but I know what it does. You may want to look into some documentation on cronjobs and it's functions. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 if you are doing sessions, and have anything stored in the session ,this can be used:    <?php if(strlen($_SESSION['id']) > 0){ //checks to see if they are logged in mysql_query("Select `blah blah blah` FROM `table` WHERE `id`= '{$_SESSION['id']}' ");    }?> that should reset the timestamp   Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 my fault. one mistake  <?php if(strlen($_SESSION['id']) > 0){ //checks to see if they are logged in mysql_query("SELECT `some column` FROM `table` WHERE `id`= '{$_SESSION['id']}' ");    }?> Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 How would I do that with sessions, also I got some wierd error.. theres part of the code php designer says '$quoters = "SELECT * FROM usersdb WHERE password='$pass'";' is the problem. it outputs a blank page once the php starts. if (isset($_GET['p']) && $_GET['p'] == "login") { $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform); $namer = $_POST['name'] $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters); $infor = mysql_fetch_array($result);  if($infor != $namer) {    echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  }   $pass = $_POST['pass'] $quoters = "SELECT * FROM usersdb WHERE password='$pass'"; $resulto = mysql_query($quoters); $quiza = mysql_fetch_array($resulto  elseif ($quiza != $pass) {    echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  } else {       setcookie('MyLoginPage', md5($_POST['pass'].$randomword), time()+ $timing); $quotersi = "update usersdb set online='online' WHERE username='$namer'"; $result = mysql_query($quoters);    header("Location: index2.php");   } } ?> Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Latest is displays http://www.codeetech.com/backend/  <?php error_reporting(E_ALL); $dbhost = 'x'; $dbuser = 'x'; $dbpass = 'x'; $dbname = 'x'; mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname); ?> <style type="text/css"> <!-- .style2 { font-size: 14; font-family: "Trebuchet MS"; } --> </style> <span class="style2"> <?php $username = 'charlie,andreas'; $users = explode(",", $username); $password = "xxx"; $randomword = "xxx"; if (isset($_COOKIE['MyLoginPage'])) {  if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> </span> <meta http-equiv="refresh" content="0;http://www.codeetech.com/backend/index2.php" /> <span class="style2"> <?php    exit;  } else {    echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";    exit;  } } if (isset($_GET['p']) && $_GET['p'] == "login") { $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform); $namer = $_POST['name'] $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters); $infor = mysql_fetch_array($result);  if($infor != $namer) {    echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  }   $pass = $_POST['pass'] $quotersa = "SELECT * FROM usersdb WHERE password='$pass'"; $resulto = mysql_query($quotersa); $quiza = mysql_fetch_array($resulto);  elseif ($quiza != $pass) {    echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  } else {       setcookie('MyLoginPage', md5($_POST['pass'].$randomword), time()+ $timing);    header("Location: index2.php");   } } ?> </span> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post" class="style2"><fieldset> <label>Your IP is <?php echo $_SERVER['REMOTE_ADDR']; ?>, and has been logged, unauthorised attempts to access will be logged, and steps will be taken.<br /></label> <br /> <input type="text" name="name" id="name" /> <label>Name</label><br /><br /> <label><input type="password" name="pass" id="pass" /> Password</label> <br /> <br /> <input type="submit" id="submit" value="Login" /> <input name="ip" type="hidden" id="hidden" value="<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>" /> <br /> <br /> Backend time out currently set at: <?php echo $timing / 60; ?> minutes. </fieldset></form> Quote Link to comment Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Make sure you pay attention to the forum rules, post in the code tags. Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 I tried to post in Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted March 5, 2008 Share Posted March 5, 2008 there is no terminator after post name  $namer = $_POST['name']; Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 one sec trying it Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 still not working and php designer is saying: Â $quotersa = "SELECT * FROM usersdb WHERE password='$pass'"; Â is an unexpected t-variable??????????? Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 i don;'t know if this will make a differnce, but try it...  when i use queries with dynamic info (variables)... instead of  $quotersa = "SELECT * FROM usersdb WHERE password='$pass'";  i would do this:  $quotersa = "SELECT * FROM usersdb WHERE password='{$pass}'";  plus, is this a system with user passwords??? if it is, this script is probably relly unsecure. Are you encoding your passwords? Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 its unsecure, i will be securing it once i do the basics, now phpd2008 is saying:  edit: securer?   edit2:  hmm.. am i aloud to do this //blablabla } //blablabla elseif(//blabla) { //blablabla }    else if ($quiza != $pass) {  is unexpected elseif?  just to keep updated:  <?php error_reporting(E_ALL); $dbhost = 'xxt'; $dbuser = 'xx'; $dbpass = 'xx'; $dbname = 'x'; mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname); ?> <style type="text/css"> <!-- .style2 { font-size: 14; font-family: "Trebuchet MS"; } --> </style> <span class="style2"> <?php $username = 'charlie,andreas'; $users = explode(",", $username); $password = "x"; $randomword = "x"; if (isset($_COOKIE['MyLoginPage'])) {  if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> </span> <meta http-equiv="refresh" content="0;http://www.codeetech.com/backend/index2.php" /> <span class="style2"> <?php    exit;  } else {    echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";    exit;  } } if (isset($_GET['p']) && $_GET['p'] == "login") { $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform) or die(mysql_query()); $namer = $_POST['name']; $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters) or die(mysql_query()); $infor = mysql_fetch_array($result);  if($infor != $namer) {    echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  }   $pass = $_POST['pass']; $quotersa = "SELECT * FROM usersdb WHERE password='md5($pass)'"; $resulto = mysql_query($quotersa) or die(mysql_query()); $quiza = mysql_fetch_array($resulto);  elseif ($quiza != $pass) {    echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  } else {       setcookie('MyLoginPage', md5($password.$randomword), time()+ $timing);    header("Location: index2.php");   } } ?> </span> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post" class="style2"><fieldset> <label>Your IP is <?php echo $_SERVER['REMOTE_ADDR']; ?>, and has been logged, unauthorised attempts to access will be logged, and steps will be taken.<br /></label> <br /> <input type="text" name="name" id="name" /> <label>Name</label><br /><br /> <label><input type="password" name="pass" id="pass" /> Password</label> <br /> <br /> <input type="submit" id="submit" value="Login" /> <input name="ip" type="hidden" id="hidden" value="<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>" /> <br /> <br /> Backend time out currently set at: <?php echo $timing / 60; ?> minutes. </fieldset></form> Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 as far as i know elseif has to be used like this : Â }elseif{ Â Â Â if( asdfadsf){ balh sdfg sdfg sdfg }elseif(gsdfg){ sdfgsdfg }else{ gfhfhg } Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Ok that worked now when I try to login I get this errors..  username password   online  Charlie   #hash     offline  and heres the code and the error im recieving is Sorry, that username does not match. Click here to try again. <?php error_reporting(E_ALL); $dbhost = 'xxx'; $dbuser = 'xx'; $dbpass = 'xxx'; $dbname = 'xxx'; mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname); ?> <style type="text/css"> <!-- .style2 { font-size: 14; font-family: "Trebuchet MS"; } --> </style> <span class="style2"> <?php $username = 'charlie,andreas'; $users = explode(",", $username); $password = "xxx"; $randomword = "xxx"; if (isset($_COOKIE['MyLoginPage'])) {  if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> </span> <meta http-equiv="refresh" content="0;http://www.codeetech.com/backend/index2.php" /> <span class="style2"> <?php    exit;  } else {    echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";    exit;  } } if (isset($_GET['p']) && $_GET['p'] == "login") { $pass = $_POST['pass']; $quotersa = "SELECT * FROM usersdb WHERE password='md5($pass)'"; $resulto = mysql_query($quotersa) or die(mysql_query()); $quiza = mysql_fetch_array($resulto); $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform) or die(mysql_query()); $namer = $_POST['name']; $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters) or die(mysql_query()); $infor = mysql_fetch_array($result);  if($infor != $namer) {    echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  }  elseif ($quiza != $pass) {    echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>";    exit;  } else {       setcookie('MyLoginPage', md5($password.$randomword), time()+ $timing);    header("Location: index2.php");   } } ?> </span> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post" class="style2"><fieldset> <label>Your IP is <?php echo $_SERVER['REMOTE_ADDR']; ?>, and has been logged, unauthorised attempts to access will be logged, and steps will be taken.<br /></label> <br /> <input type="text" name="name" id="name" /> <label>Name</label><br /><br /> <label><input type="password" name="pass" id="pass" /> Password</label> <br /> <br /> <input type="submit" id="submit" value="Login" /> <input name="ip" type="hidden" id="hidden" value="<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>" /> <br /> <br /> Backend time out currently set at: <?php echo $timing / 60; ?> minutes. </fieldset></form> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.