By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,047 Members | 1,257 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,047 IT Pros & Developers. It's quick & easy.

Batch php to loggoff web site

P: n/a
gf
I need to have a batch job, from windows (using AT command) to run
once per night to ensure that admins have logged off/out of the web
site admin panel. If I were logged in, I would issue a url similar to
this

http://mysite.com/cntl.php?action=logout

It's not the AT command that's the issue; it's the php code to do this
from command line php. I would expect to have a php program like this
(called logoff.php)

<?
header("Location: http://mysite.com/cntl.php?action=logout");
?>

and issue a command like
php logoff.php

However, that code does not work from batch, although it does work
from a browser url. Any suggestions to accomplish this? If sockets
are required, please post the method. I have tried that way too but
can't seem to figure it out.

Thanks.
Jul 17 '05 #1
Share this Question
Share on Google+
10 Replies


P: n/a
On 3 Nov 2003 05:29:58 -0800, gf******@earthlink.net (gf) wrote:
I need to have a batch job, from windows (using AT command) to run
once per night to ensure that admins have logged off/out of the web
site admin panel. If I were logged in, I would issue a url similar to
this

http://mysite.com/cntl.php?action=logout

It's not the AT command that's the issue; it's the php code to do this
from command line php. I would expect to have a php program like this
(called logoff.php)

<?
header("Location: http://mysite.com/cntl.php?action=logout");
?>

and issue a command like
php logoff.php


The header() function simply issues an HTTP header and so will only
work with an HTTP client (like a browser). It is the browser that
interprets and acts upon the Location header, not PHP.

You'll need to look at a command-line HTTP client. A windows version
of lynx may be suitable.

--
David ( @priz.co.uk )
The Internet Prisoner Database: http://www.priz.co.uk/ipdb/
The Tarbrax Chronicle: http://www.tarbraxchronicle.com/
Jul 17 '05 #2

P: n/a
I may be misunderstanding you, so if I'm off in the wrong direction, I
apologize.
I'm not that knowledgeable about sockets, but I believe that the web server
may or may not have kept its connection to the browser, so trying to
directly issue that URL to the browser can be difficult or impossible. As I
see it, you're going to have a very hard time forcing client browsers to
receive the logoff URL unless:
a) the script they originally hit is still running, via sleep or some such
process idling mechanism
b) the page that's generated contains a REFRESH tag forcing them to hit the
server again.

a) seems like a bad idea because you leave a lot of processes running
needlessly
b) if the page autorefreshes, then you can just have them logout after a
certain time reloading the same page (i.e., an indication of inactivity), or
after a certain time of day or both.

Hope that helps,

Eric
"gf" <gf******@earthlink.net> wrote in message
news:2e**************************@posting.google.c om...
I need to have a batch job, from windows (using AT command) to run
once per night to ensure that admins have logged off/out of the web
site admin panel. If I were logged in, I would issue a url similar to
this

http://mysite.com/cntl.php?action=logout

It's not the AT command that's the issue; it's the php code to do this
from command line php. I would expect to have a php program like this
(called logoff.php)

<?
header("Location: http://mysite.com/cntl.php?action=logout");
?>

and issue a command like
php logoff.php

However, that code does not work from batch, although it does work
from a browser url. Any suggestions to accomplish this? If sockets
are required, please post the method. I have tried that way too but
can't seem to figure it out.

Thanks.

Jul 17 '05 #3

P: n/a
"gf" <gf******@earthlink.net> wrote in message
news:2e**************************@posting.google.c om...
I need to have a batch job, from windows (using AT command) to run
once per night to ensure that admins have logged off/out of the web
site admin panel. If I were logged in, I would issue a url similar to
this

http://mysite.com/cntl.php?action=logout

It's not the AT command that's the issue; it's the php code to do this
from command line php. I would expect to have a php program like this
(called logoff.php)

<?
header("Location: http://mysite.com/cntl.php?action=logout");
?>

and issue a command like
php logoff.php

However, that code does not work from batch, although it does work
from a browser url. Any suggestions to accomplish this? If sockets
are required, please post the method. I have tried that way too but
can't seem to figure it out.

Thanks.


You are going about it the wrong way. Forget trying to send a HEADER from
the command line... there's no browser to receive it. You need to simply
write a php program that will do what you want and only output to the
command line.

Try this:

1) create a new function in your cntl.php script called 'forcelogout'
2) in this function output only to a logfile or with echo/print (no html)
3) call the function as normal -
http://mysite.com/cntl.php?action=forcelogout

swisscheese
Jul 17 '05 #4

P: n/a
gf
Thanks for the replies thus far. A clarification though. I understand that
that the header() function does not work in batch. I only used that to
indicate the TYPE of thing I am after.
Jul 17 '05 #5

P: n/a
gf wrote:
I need to have a batch job, from windows (using AT command) to run
once per night to ensure that admins have logged off/out of the web
site admin panel. If I were logged in, I would issue a url similar to
this

http://mysite.com/cntl.php?action=logout

It's not the AT command that's the issue; it's the php code to do this
from command line php. I would expect to have a php program like this
(called logoff.php)

<?
header("Location: http://mysite.com/cntl.php?action=logout");
?>

and issue a command like
php logoff.php

However, that code does not work from batch, although it does work
from a browser url. Any suggestions to accomplish this? If sockets
are required, please post the method. I have tried that way too but
can't seem to figure it out.


What you want to do isn't really possible. As I understand it you don't
want admins walking away from their pcs leaving an admin webpage up for
other people to mess about with. In reality there's nothing you can do
about the workstation/web browser, the server has no control over that
end. What you will have to do is implement some form of timeout at the
server end to re-request the admin password before performing any action.

If you use sessions or cookies to identify logged in users then you
should be able to do this by manipulating the expiry times. I use
cookies to identify users. Ordinary users get a fresh 30 day cookie with
every page. The administrator logon only gets a 10 minute one.

Jul 17 '05 #6

P: n/a


What you want to do isn't really possible. As I understand it you don't
want admins walking away from their pcs leaving an admin webpage up for
other people to mess about with. In reality there's nothing you can do
about the workstation/web browser, the server has no control over that
end. What you will have to do is implement some form of timeout at the
server end to re-request the admin password before performing any
action.

If you use sessions or cookies to identify logged in users then you
should be able to do this by manipulating the expiry times. I use
cookies to identify users. Ordinary users get a fresh 30 day cookie with
every page. The administrator logon only gets a 10 minute one.


Enable session management for a short period of time, e.g. 10 minutes, and
insert into the <head> section of your HTML an HTTP-equiv refresh:

<meta http-equiv="REFRESH" content="605; URL=/" />

i.e. the page will refresh itself 10 minutes plus 5 seconds after first
loading. Given that the session will have expired 5 seconds beforehand, it
will therefore log you out.

Martin Lucas-Smith www.geog.cam.ac.uk/~mvl22
www.lucas-smith.co.uk
Jul 17 '05 #7

P: n/a
gf
Martin Lucas-Smith <mv***@cam.ac.uk> wrote in message news:<Pi*************************************@red. csi.cam.ac.uk>...
What you want to do isn't really possible. As I understand it you don't
want admins walking away from their pcs leaving an admin webpage up for
other people to mess about with. In reality there's nothing you can do
about the workstation/web browser, the server has no control over that
end. What you will have to do is implement some form of timeout at the
server end to re-request the admin password before performing any
action.

If you use sessions or cookies to identify logged in users then you
should be able to do this by manipulating the expiry times. I use
cookies to identify users. Ordinary users get a fresh 30 day cookie with
every page. The administrator logon only gets a 10 minute one.


Enable session management for a short period of time, e.g. 10 minutes, and
insert into the <head> section of your HTML an HTTP-equiv refresh:

<meta http-equiv="REFRESH" content="605; URL=/" />

i.e. the page will refresh itself 10 minutes plus 5 seconds after first
loading. Given that the session will have expired 5 seconds beforehand, it
will therefore log you out.


Thanks Martin (and others). This will work in the event they leave
the browser open. However, I never stated that. My issue is that the
cookie is left on their machine and regardless of whether they leave
their browser open or closed the cookie allows them to stay logged in.
I know I can alter the cookie expire time and that is an option.
However, I don't want it expiring while they are in the middle of
something, so I avoid that. What I want is a way to automatically
schedule an offline job that will expire the cookie, log off the
browser, do whatever is necessary so that at 21:00 hours, as an
example, ALL sessions are timed out.
Jul 17 '05 #8

P: n/a
> Thanks Martin (and others). This will work in the event they leave
the browser open. However, I never stated that. My issue is that the
cookie is left on their machine and regardless of whether they leave
their browser open or closed the cookie allows them to stay logged in.
I know I can alter the cookie expire time and that is an option.
However, I don't want it expiring while they are in the middle of
something, so I avoid that. What I want is a way to automatically
schedule an offline job that will expire the cookie, log off the
browser, do whatever is necessary so that at 21:00 hours, as an
example, ALL sessions are timed out.


Simply set the cookie expire time so that it expires at 21:00 hours. It
takes a little calculation but entirely possible.

In my case with 10 min cookies I reissue another 10 min cookie on each
request. That only catches people who walk away from their pc (and lazy
bastards!).

Jul 17 '05 #9

P: n/a
On 4 Nov 2003 06:41:46 -0800, gf******@earthlink.net (gf) wrote:
Martin Lucas-Smith <mv***@cam.ac.uk> wrote in message news:<Pi*************************************@red. csi.cam.ac.uk>... I know I can alter the cookie expire time and that is an option.
However, I don't want it expiring while they are in the middle of
something, so I avoid that. What I want is a way to automatically
schedule an offline job that will expire the cookie, log off the
browser, do whatever is necessary so that at 21:00 hours, as an
example, ALL sessions are timed out.


In your scripts, check if the time is between, say 08:00 and 21:00. If
so, allow the script to continue as normal, otherwise display an
appropriate message and run your logoff function.

If the user has closed their browser or does not refresh the page, you
can't remove the cookie.

Controlling users' login status will be flimsy at best as they're not
actually logged into anything. You only know if the user is "still
there" when they request a new page from the server. They could have
closed their browser, switched off their machine and gone home for the
night and you'll never know about it.

I think the best you can do is the time check above, and setting the
cookie to expire ten minutes ahead. As long as the user is active, the
cookie will keep getting reset. After ten minutes of inactivity the
user will need to log in again. Many sites work like this. And after
9pm the system can't be used anyway.

--
David ( @priz.co.uk )
The Internet Prisoner Database: http://www.priz.co.uk/ipdb/
The Tarbrax Chronicle: http://www.tarbraxchronicle.com/
Jul 17 '05 #10

P: n/a
Sounds to me like you need two things:

One is to make sure all your server-side validation expires after 21:00. So
wherever your reads the cookie and validates the user, you could add a line
checking whether the time is > 21:00, and if it is issue a rejection
message.

To be even more clever, you could use the following Javascript function:
http://www.mcfedries.com/JavaScript/timer.asp
to additionally close the browser at 21:00.

Cheers,

Eric

"gf" <gf******@earthlink.net> wrote in message
news:2e**************************@posting.google.c om...
Martin Lucas-Smith <mv***@cam.ac.uk> wrote in message

news:<Pi*************************************@red. csi.cam.ac.uk>...
What you want to do isn't really possible. As I understand it you don't want admins walking away from their pcs leaving an admin webpage up for other people to mess about with. In reality there's nothing you can do
about the workstation/web browser, the server has no control over that
end. What you will have to do is implement some form of timeout at the
server end to re-request the admin password before performing any
action.

If you use sessions or cookies to identify logged in users then you
should be able to do this by manipulating the expiry times. I use
cookies to identify users. Ordinary users get a fresh 30 day cookie with every page. The administrator logon only gets a 10 minute one.


Enable session management for a short period of time, e.g. 10 minutes, and insert into the <head> section of your HTML an HTTP-equiv refresh:

<meta http-equiv="REFRESH" content="605; URL=/" />

i.e. the page will refresh itself 10 minutes plus 5 seconds after first
loading. Given that the session will have expired 5 seconds beforehand, it will therefore log you out.


Thanks Martin (and others). This will work in the event they leave
the browser open. However, I never stated that. My issue is that the
cookie is left on their machine and regardless of whether they leave
their browser open or closed the cookie allows them to stay logged in.
I know I can alter the cookie expire time and that is an option.
However, I don't want it expiring while they are in the middle of
something, so I avoid that. What I want is a way to automatically
schedule an offline job that will expire the cookie, log off the
browser, do whatever is necessary so that at 21:00 hours, as an
example, ALL sessions are timed out.

Jul 17 '05 #11

This discussion thread is closed

Replies have been disabled for this discussion.