rofl90 Posted March 4, 2008 Share Posted March 4, 2008 How do I check if a user has logged out, I can do in, using a database field online/offline, but how can the system tell if someone is logged in or out? Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/ Share on other sites More sharing options...
frijole Posted March 5, 2008 Share Posted March 5, 2008 when they logout in your script you can set the value that tells you that they are logged in to "logged out" Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483384 Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Check and see if the session/cookie is still active. If it is, the logged in value would be true. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483389 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Sometimes they won't press logout, and just hit x, how do I check if the cookie is still active? Note: I have it set as time()+'value' 'value' being a mysql query which is editable.. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483391 Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 I'm unsure about that. Is there a way to check and see if the window is closed, terminate login? Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483393 Share on other sites More sharing options...
trq Posted March 5, 2008 Share Posted March 5, 2008 What you really need to do is wehn a user logs in, update an active database field to 1. You will also need to store a timestamp (storing the current time) in this same row. Now what you need to do is keep track of active users. So, upon each request you need to update the timestamp to the current time. Then it is simply a matter of running a cronjob every few minutes that looks for records with a timestamp older than say 5 minutes and sets the active field back to 0. There really is no simple way of doing this. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483395 Share on other sites More sharing options...
trq Posted March 5, 2008 Share Posted March 5, 2008 Sometimes they won't press logout, and just hit x, how do I check if the cookie is still active? Note: I have it set as time()+'value' 'value' being a mysql query which is editable.. Just read this. Your not seriously storing a mysql query in your cookie? That is a huge security hole. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483397 Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Sounds like a good way to go about doing it, I'm sure there is plenty of tutirlas about cron jobs on the web, if you don't know how to use them. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483399 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 No, I'm storing a variable taken fro a mysql record in a cookie. Also, I know its not very community mentality, but could somebody spit out some code to get me started.. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483413 Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Sorry I cannot be of any other assistance. I am not skilled enough in PHP to really give sample scripts. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483421 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Could somebody explain to me the idea of cronjobs, sounds like what I need, now all I need is something to check if the users cookie is still alive. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483427 Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Cronjobs is a server-side tool. I believe it's Linux-based, and it is used to run scheduled tasks on the web server. It's pretty extensive, I personally do not know much about it, but I know what it does. You may want to look into some documentation on cronjobs and it's functions. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483429 Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 if you are doing sessions, and have anything stored in the session ,this can be used: <?php if(strlen($_SESSION['id']) > 0){ //checks to see if they are logged in mysql_query("Select `blah blah blah` FROM `table` WHERE `id`= '{$_SESSION['id']}' "); }?> that should reset the timestamp Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483431 Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 my fault. one mistake <?php if(strlen($_SESSION['id']) > 0){ //checks to see if they are logged in mysql_query("SELECT `some column` FROM `table` WHERE `id`= '{$_SESSION['id']}' "); }?> Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483436 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 How would I do that with sessions, also I got some wierd error.. theres part of the code php designer says '$quoters = "SELECT * FROM usersdb WHERE password='$pass'";' is the problem. it outputs a blank page once the php starts. if (isset($_GET['p']) && $_GET['p'] == "login") { $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform); $namer = $_POST['name'] $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters); $infor = mysql_fetch_array($result); if($infor != $namer) { echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } $pass = $_POST['pass'] $quoters = "SELECT * FROM usersdb WHERE password='$pass'"; $resulto = mysql_query($quoters); $quiza = mysql_fetch_array($resulto elseif ($quiza != $pass) { echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } else { setcookie('MyLoginPage', md5($_POST['pass'].$randomword), time()+ $timing); $quotersi = "update usersdb set online='online' WHERE username='$namer'"; $result = mysql_query($quoters); header("Location: index2.php"); } } ?> Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483437 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Latest is displays http://www.codeetech.com/backend/ <?php error_reporting(E_ALL); $dbhost = 'x'; $dbuser = 'x'; $dbpass = 'x'; $dbname = 'x'; mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname); ?> <style type="text/css"> <!-- .style2 { font-size: 14; font-family: "Trebuchet MS"; } --> </style> <span class="style2"> <?php $username = 'charlie,andreas'; $users = explode(",", $username); $password = "xxx"; $randomword = "xxx"; if (isset($_COOKIE['MyLoginPage'])) { if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> </span> <meta http-equiv="refresh" content="0;http://www.codeetech.com/backend/index2.php" /> <span class="style2"> <?php exit; } else { echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>"; exit; } } if (isset($_GET['p']) && $_GET['p'] == "login") { $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform); $namer = $_POST['name'] $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters); $infor = mysql_fetch_array($result); if($infor != $namer) { echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } $pass = $_POST['pass'] $quotersa = "SELECT * FROM usersdb WHERE password='$pass'"; $resulto = mysql_query($quotersa); $quiza = mysql_fetch_array($resulto); elseif ($quiza != $pass) { echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } else { setcookie('MyLoginPage', md5($_POST['pass'].$randomword), time()+ $timing); header("Location: index2.php"); } } ?> </span> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post" class="style2"><fieldset> <label>Your IP is <?php echo $_SERVER['REMOTE_ADDR']; ?>, and has been logged, unauthorised attempts to access will be logged, and steps will be taken.<br /></label> <br /> <input type="text" name="name" id="name" /> <label>Name</label><br /><br /> <label><input type="password" name="pass" id="pass" /> Password</label> <br /> <br /> <input type="submit" id="submit" value="Login" /> <input name="ip" type="hidden" id="hidden" value="<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>" /> <br /> <br /> Backend time out currently set at: <?php echo $timing / 60; ?> minutes. </fieldset></form> Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483453 Share on other sites More sharing options...
jedney Posted March 5, 2008 Share Posted March 5, 2008 Make sure you pay attention to the forum rules, post in the code tags. Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483455 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 I tried to post in Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483456 Share on other sites More sharing options...
darkfreaks Posted March 5, 2008 Share Posted March 5, 2008 there is no terminator after post name $namer = $_POST['name']; Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483458 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 one sec trying it Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483462 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 still not working and php designer is saying: $quotersa = "SELECT * FROM usersdb WHERE password='$pass'"; is an unexpected t-variable??????????? Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483463 Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 i don;'t know if this will make a differnce, but try it... when i use queries with dynamic info (variables)... instead of $quotersa = "SELECT * FROM usersdb WHERE password='$pass'"; i would do this: $quotersa = "SELECT * FROM usersdb WHERE password='{$pass}'"; plus, is this a system with user passwords??? if it is, this script is probably relly unsecure. Are you encoding your passwords? Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483465 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 its unsecure, i will be securing it once i do the basics, now phpd2008 is saying: edit: securer? edit2: hmm.. am i aloud to do this //blablabla } //blablabla elseif(//blabla) { //blablabla } else if ($quiza != $pass) { is unexpected elseif? just to keep updated: <?php error_reporting(E_ALL); $dbhost = 'xxt'; $dbuser = 'xx'; $dbpass = 'xx'; $dbname = 'x'; mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname); ?> <style type="text/css"> <!-- .style2 { font-size: 14; font-family: "Trebuchet MS"; } --> </style> <span class="style2"> <?php $username = 'charlie,andreas'; $users = explode(",", $username); $password = "x"; $randomword = "x"; if (isset($_COOKIE['MyLoginPage'])) { if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> </span> <meta http-equiv="refresh" content="0;http://www.codeetech.com/backend/index2.php" /> <span class="style2"> <?php exit; } else { echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>"; exit; } } if (isset($_GET['p']) && $_GET['p'] == "login") { $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform) or die(mysql_query()); $namer = $_POST['name']; $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters) or die(mysql_query()); $infor = mysql_fetch_array($result); if($infor != $namer) { echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } $pass = $_POST['pass']; $quotersa = "SELECT * FROM usersdb WHERE password='md5($pass)'"; $resulto = mysql_query($quotersa) or die(mysql_query()); $quiza = mysql_fetch_array($resulto); elseif ($quiza != $pass) { echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } else { setcookie('MyLoginPage', md5($password.$randomword), time()+ $timing); header("Location: index2.php"); } } ?> </span> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post" class="style2"><fieldset> <label>Your IP is <?php echo $_SERVER['REMOTE_ADDR']; ?>, and has been logged, unauthorised attempts to access will be logged, and steps will be taken.<br /></label> <br /> <input type="text" name="name" id="name" /> <label>Name</label><br /><br /> <label><input type="password" name="pass" id="pass" /> Password</label> <br /> <br /> <input type="submit" id="submit" value="Login" /> <input name="ip" type="hidden" id="hidden" value="<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>" /> <br /> <br /> Backend time out currently set at: <?php echo $timing / 60; ?> minutes. </fieldset></form> Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483471 Share on other sites More sharing options...
ohdang888 Posted March 5, 2008 Share Posted March 5, 2008 as far as i know elseif has to be used like this : }elseif{ if( asdfadsf){ balh sdfg sdfg sdfg }elseif(gsdfg){ sdfgsdfg }else{ gfhfhg } Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483479 Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Ok that worked now when I try to login I get this errors.. username password online Charlie #hash offline and heres the code and the error im recieving is Sorry, that username does not match. Click here to try again. <?php error_reporting(E_ALL); $dbhost = 'xxx'; $dbuser = 'xx'; $dbpass = 'xxx'; $dbname = 'xxx'; mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname); ?> <style type="text/css"> <!-- .style2 { font-size: 14; font-family: "Trebuchet MS"; } --> </style> <span class="style2"> <?php $username = 'charlie,andreas'; $users = explode(",", $username); $password = "xxx"; $randomword = "xxx"; if (isset($_COOKIE['MyLoginPage'])) { if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> </span> <meta http-equiv="refresh" content="0;http://www.codeetech.com/backend/index2.php" /> <span class="style2"> <?php exit; } else { echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>"; exit; } } if (isset($_GET['p']) && $_GET['p'] == "login") { $pass = $_POST['pass']; $quotersa = "SELECT * FROM usersdb WHERE password='md5($pass)'"; $resulto = mysql_query($quotersa) or die(mysql_query()); $quiza = mysql_fetch_array($resulto); $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform) or die(mysql_query()); $namer = $_POST['name']; $quoters = "SELECT * FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters) or die(mysql_query()); $infor = mysql_fetch_array($result); if($infor != $namer) { echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } elseif ($quiza != $pass) { echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } else { setcookie('MyLoginPage', md5($password.$randomword), time()+ $timing); header("Location: index2.php"); } } ?> </span> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post" class="style2"><fieldset> <label>Your IP is <?php echo $_SERVER['REMOTE_ADDR']; ?>, and has been logged, unauthorised attempts to access will be logged, and steps will be taken.<br /></label> <br /> <input type="text" name="name" id="name" /> <label>Name</label><br /><br /> <label><input type="password" name="pass" id="pass" /> Password</label> <br /> <br /> <input type="submit" id="submit" value="Login" /> <input name="ip" type="hidden" id="hidden" value="<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>" /> <br /> <br /> Backend time out currently set at: <?php echo $timing / 60; ?> minutes. </fieldset></form> Link to comment https://forums.phpfreaks.com/topic/94387-check-if-a-user-is-logged-inout/#findComment-483482 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.