473,390 Members | 1,753 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,390 software developers and data experts.

Handling session destroy and logout issue. How to handle ?

Hi

This is somas here. I asked query about detecting the browser close event using javascript. I want to detect the event only when the X button in the top right corner is clicked and not else where. (like moving to other pages by clicking some links).
Can u help me in this case.

Cause of this ,

In my php site, i want to restrict multiple logins with same username and password at a same time from different system.
To avoid this , in backend i.e. postgres database , i created a table which has login (boolean) field. If a user logged in , that login flag is set to true. If any other user tries to log in with same user name and password , i'm restricting that login . (Since that user is already logged in) . If logout link is clicked , i'm calling a php page , there the login flag is reset and session variables are destroyed. So there would not be any problem. Incase , if the browser is closed using X button in the top right corner , these login flag resetting process would not take place. Then how that user can login again ? when i should clear this flag.

When the user is idle for long time , i'm destroying the session variables. For this i created a login_details table. It contains user_id, login_time, last_action_time. Whenever the user login i'm updating the login_time and last_action time with current_timestamp. While moving to some other page , first i'm checking the last_action time with current_timestamp, if the difference is greater than the session expiry time (normal variable which i explicitly declared. Not the session variable) , it is assumed that the user is idle .Hence the , login (boolean) flag is reset , session varaiables are destroyed (manaully giving that command) , and move to a page that displays session expiry message and tell the user to login .

Here also , what i should do if the browser X (close) button is clicked without proper logout ? Hence i'm hunting for javascript event on clicking X close button ?
Or is there any other efficient method to handle this.
Please post your replies. It is very urgent

Thanks in advance
somaskarthic
Aug 26 '06 #1
6 18204
ronverdonk
4,258 Expert 4TB
Why do you worry about that? Just stick with the procedure as you have it.

When a user clicks the X on the bowser, the user data in the database still shows him as 'logged in'. So the next time he comes back, just check the time of inactivity and force him to login again.

If you really want to delete the entry from the database, you can run a daily cron-job to remove any hanging user entries.

Ronald :cool:
Aug 26 '06 #2
hello, i'm having the same problem, my solution is this:
When the user logs in, i set a boolean flag to 'yes' and update the timestamp in the DB to the login time.
if the user properly logs out, this boolean will be set 'no'.

Now, if a another person tries to login while the original user is logged in, the boolean will be validated and the login will fail.

the problem is: how to handle browser close issue.
i came up with this idea: i create a session variable that contains a timestamp of the user's last activity($_SESSION['last_action']).
on each page load we execute the following:
Expand|Select|Wrap|Line Numbers
  1. if ( (current time - $_SESSION['last_action']) > $time_out_max )
  2. {
  3. //update the $_SESSION['last_action'] and set it to the current time
  4. // update the database and set the 'last_action' field to the current time.
  5. }
mean while, a cron job is executed regulary every certain amout of time ( larger that $time_out_max, let's call it $cron_time_out ).
if the 'last_action' field is larger the $cron_time_out (this means that user was inactive and most propably closed the browser) in this case we reset the account and set the boolean flag to 'no'.

incase that the user didn't close the browser but was inacative for a a period larger than $cron_time_out, we redirect her to the login page on the next page load.

is this efficient? tell me what do u think.
Oct 2 '06 #3
ronverdonk
4,258 Expert 4TB
You can use this method, but it will put some load on your db server if you want to update each user action. But I hope you mean that last_action is actually the time the user loads another page.

Ronald :cool:
Oct 2 '06 #4
But I hope you mean that last_action is actually the time the user loads another page.

Ronald :cool:
yes, that's what i meant


thanks ronald
Oct 15 '06 #5
This is Ambu,
to reset the flag when user logs out or close the browser.

if he logs out as usual u can reset it in logout page but if he closes the browser

so you can write your code in global.asa file

the session_end in this section you can write your code reset the flag
Dec 8 '08 #6
Atli
5,058 Expert 4TB
Hi Ambu.

Thank you for your suggestion.
Although you should note that this is a PHP forum, and unless I am very much mistaken, your suggesting is for old-school ASP applications.

ASP and PHP are two entirely different things, and although your suggestion might be perfect for a similar problem in ASP, I'm afraid it won't be as useful for a PHP application.
Dec 8 '08 #7

Sign in to post your reply or Sign up for a free account.

Similar topics

6
by: Jeff | last post by:
I've searched the web for hours trying to figure out this problem and can't seem to find any pertinent answers. I have a website where the user starts on a login page, puts in their credentials and...
7
by: Thaynann | last post by:
I am developin an application that access a web site, i can get to the first page of the site, but when i POST to get to other pages, it gives me a message (amongst the HTML code) "Session Timed...
0
by: TaeHo Yoo | last post by:
Hi all, I am prett new in asp.net. We have a project which has classic asp and asp.net scripts. Obviously this project has a bin directory under the root directory. About 80% of this project...
7
by: Thomas Nielsen [AM Production A/S] | last post by:
Hi, I have one web form (WebForm1.aspx) from which i would like to display the output of another web form, WebForm2.aspx, in a controlled environment. I do this by using HttpWebRequest to...
5
by: bnashenas1984 | last post by:
Hi I'm using IIS on windows XP SP2 just for designing my website. Everything is working fine except session_destroy. When I destroy the session with php nothing happends and session is still...
2
by: ktrw25 | last post by:
I need to find a way when a user closes the browser (not a refresh), to make a log entry into a txt file of the date/time logged out. I have a logout function, but it only works if they hit the log...
3
by: T. Wintershoven | last post by:
Hi all, After a visitor has loged in, a session is started. The session is destroyed after the visitor clicked "Log out'. When the visitor forgets to log out and closes the browser...
1
oranoos3000
by: oranoos3000 | last post by:
hi I 'd like to session destroy when that user for 1 hours dont dont press any key or scroll page and dont go to another or in other words stay in one page for a alot of time thanks alot
1
oranoos3000
by: oranoos3000 | last post by:
hi i'd like to destroy sessions for logging out logged in user with onuload event from brower i wrote a script that with onunload event brower a function is ran that is writen with jquery and...
0
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
0
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
0
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
1
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
1
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
0
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
0
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
0
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
0
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.