473,396 Members | 1,895 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > handling session destroy and logout issue. how to handle ?

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Handling session destroy and logout issue. How to handle ?

Hi

This is somas here. I asked query about detecting the browser close event using javascript. I want to detect the event only when the X button in the top right corner is clicked and not else where. (like moving to other pages by clicking some links).
Can u help me in this case.

Cause of this ,

In my php site, i want to restrict multiple logins with same username and password at a same time from different system.
To avoid this , in backend i.e. postgres database , i created a table which has login (boolean) field. If a user logged in , that login flag is set to true. If any other user tries to log in with same user name and password , i'm restricting that login . (Since that user is already logged in) . If logout link is clicked , i'm calling a php page , there the login flag is reset and session variables are destroyed. So there would not be any problem. Incase , if the browser is closed using X button in the top right corner , these login flag resetting process would not take place. Then how that user can login again ? when i should clear this flag.

When the user is idle for long time , i'm destroying the session variables. For this i created a login_details table. It contains user_id, login_time, last_action_time. Whenever the user login i'm updating the login_time and last_action time with current_timestamp. While moving to some other page , first i'm checking the last_action time with current_timestamp, if the difference is greater than the session expiry time (normal variable which i explicitly declared. Not the session variable) , it is assumed that the user is idle .Hence the , login (boolean) flag is reset , session varaiables are destroyed (manaully giving that command) , and move to a page that displays session expiry message and tell the user to login .

Here also , what i should do if the browser X (close) button is clicked without proper logout ? Hence i'm hunting for javascript event on clicking X close button ?
Or is there any other efficient method to handle this.
Please post your replies. It is very urgent

Thanks in advance
somaskarthic
Aug 26 '06 #1
6 18206
ronverdonk
4,258 Expert 4TB
Why do you worry about that? Just stick with the procedure as you have it.

When a user clicks the X on the bowser, the user data in the database still shows him as 'logged in'. So the next time he comes back, just check the time of inactivity and force him to login again.

If you really want to delete the entry from the database, you can run a daily cron-job to remove any hanging user entries.

Ronald :cool:
Aug 26 '06 #2
hello, i'm having the same problem, my solution is this:
When the user logs in, i set a boolean flag to 'yes' and update the timestamp in the DB to the login time.
if the user properly logs out, this boolean will be set 'no'.

Now, if a another person tries to login while the original user is logged in, the boolean will be validated and the login will fail.

the problem is: how to handle browser close issue.
i came up with this idea: i create a session variable that contains a timestamp of the user's last activity($_SESSION['last_action']).
on each page load we execute the following:
Expand|Select|Wrap|Line Numbers
  1. if ( (current time - $_SESSION['last_action']) > $time_out_max )
  2. {
  3. //update the $_SESSION['last_action'] and set it to the current time
  4. // update the database and set the 'last_action' field to the current time.
  5. }
mean while, a cron job is executed regulary every certain amout of time ( larger that $time_out_max, let's call it $cron_time_out ).
if the 'last_action' field is larger the $cron_time_out (this means that user was inactive and most propably closed the browser) in this case we reset the account and set the boolean flag to 'no'.

incase that the user didn't close the browser but was inacative for a a period larger than $cron_time_out, we redirect her to the login page on the next page load.

is this efficient? tell me what do u think.
Oct 2 '06 #3
ronverdonk
4,258 Expert 4TB
You can use this method, but it will put some load on your db server if you want to update each user action. But I hope you mean that last_action is actually the time the user loads another page.

Ronald :cool:
Oct 2 '06 #4
But I hope you mean that last_action is actually the time the user loads another page.

Ronald :cool:
yes, that's what i meant


thanks ronald
Oct 15 '06 #5
This is Ambu,
to reset the flag when user logs out or close the browser.

if he logs out as usual u can reset it in logout page but if he closes the browser

so you can write your code in global.asa file

the session_end in this section you can write your code reset the flag
Dec 8 '08 #6
Atli
5,058 Expert 4TB
Hi Ambu.

Thank you for your suggestion.
Although you should note that this is a PHP forum, and unless I am very much mistaken, your suggesting is for old-school ASP applications.

ASP and PHP are two entirely different things, and although your suggestion might be perfect for a similar problem in ASP, I'm afraid it won't be as useful for a PHP application.
Dec 8 '08 #7

Sign in to post your reply or Sign up for a free account.

Similar topics

6
Can't end session with logout button
by: Jeff | last post by:
I've searched the web for hours trying to figure out this problem and can't seem to find any pertinent answers. I have a website where the user starts on a login page, puts in their credentials and...
PHP
7
Session Timed Out Issue (URGENT)
by: Thaynann | last post by:
I am developin an application that access a web site, i can get to the first page of the site, but when i POST to get to other pages, it gives me a message (amongst the HTML code) "Session Timed...
C# / C Sharp
0
Handling session timeout between asp and asp.net
by: TaeHo Yoo | last post by:
Hi all, I am prett new in asp.net. We have a project which has classic asp and asp.net scripts. Obviously this project has a bin directory under the root directory. About 80% of this project...
C# / C Sharp
7
Session lock-up issue when requesting one webform from another.
by: Thomas Nielsen [AM Production A/S] | last post by:
Hi, I have one web form (WebForm1.aspx) from which i would like to display the output of another web form, WebForm2.aspx, in a controlled environment. I do this by using HttpWebRequest to...
ASP.NET
5
Session destroy is not working on my IIS
by: bnashenas1984 | last post by:
Hi I'm using IIS on windows XP SP2 just for designing my website. Everything is working fine except session_destroy. When I destroy the session with php nothing happends and session is still...
IIS / Internet Information Server
2
run code on session destroy
by: ktrw25 | last post by:
I need to find a way when a user closes the browser (not a refresh), to make a log entry into a txt file of the date/time logged out. I have a logout function, but it only works if they hit the log...
PHP
3
Session destroy when closing browser
by: T. Wintershoven | last post by:
Hi all, After a visitor has loged in, a session is started. The session is destroyed after the visitor clicked "Log out'. When the visitor forgets to log out and closes the browser...
PHP
1
oranoos3000
session destroy for while user stay in one page without any action
by: oranoos3000 | last post by:
hi I 'd like to session destroy when that user for 1 hours dont dont press any key or scroll page and dont go to another or in other words stay in one page for a alot of time thanks alot
PHP
1
oranoos3000
session destroy with onunload event brower
by: oranoos3000 | last post by:
hi i'd like to destroy sessions for logging out logged in user with onuload event from brower i wrote a script that with onunload event brower a function is ran that is writen with jquery and...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!