473,322 Members | 1,614 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

Track user's Online Status

Hello everybody,

I am developing a community site and almost all works are competed.
There is major issue that I am facing is how to track user's online
status. I am using session data to save user's login status. There are
2 major issues which I need to handle for tracking user's Online
status.

1. When login user close his/her browser.
2. When session time out.

Both of above case I need to update a field in database which holds
user's online status. I am really stuck on this.

Please help me.

Any help or suggestion are welcome.

With Regards,
Mitul Patel.

Feb 16 '07 #1
10 9348
Mitul wrote:
Hello everybody,

I am developing a community site and almost all works are competed.
There is major issue that I am facing is how to track user's online
status. I am using session data to save user's login status. There are
2 major issues which I need to handle for tracking user's Online
status.

1. When login user close his/her browser.
2. When session time out.

Both of above case I need to update a field in database which holds
user's online status. I am really stuck on this.

Please help me.

Any help or suggestion are welcome.

With Regards,
Mitul Patel.
Hi Mitul,

Enter the great adventure of Database based sessionstorage.
It is the best way I know of.

Instead of PHP's default sessionstorage (serialized sessions in files), you
can also store them in a DB.

If you are interested, start here:
http://nl2.php.net/manual/en/functio...ve-handler.php
Add some housekeeping to it when you build it (look at garbage collection
routines). It is all very straightforward once you have a database that
holds the sessions.

But don't expect that PHP automagically knows when a user closes the window.
No event is send to PHP when that happens, so you are stuck with your
default session time-out to know if a user is online.
Regards,
Erwin Moller
Feb 16 '07 #2
Thanks Erwin,

Actually I have saved session ID in database. But Actually I am facing
problem with session expire on Browser close. I have tried a things
that I am accessing session file store at session store path. If its
there then we conclude that user is still there and if its not there
then we can say that user's session is expire and user is no longer
exist. But there is a problem that this is malfunctioning some time.

Please suggest me.

Regards,
Mitul Patel.

Feb 16 '07 #3
Mitul wrote:
Thanks Erwin,

Actually I have saved session ID in database. But Actually I am facing
problem with session expire on Browser close. I have tried a things
that I am accessing session file store at session store path. If its
there then we conclude that user is still there and if its not there
then we can say that user's session is expire and user is no longer
exist. But there is a problem that this is malfunctioning some time.

Please suggest me.
Hi Mitul,

Have a look at your php.ini.
Find the part about SESSIONS.
Look at the garbagecollection logic/settings.

The fact that you find a sessionfile deos NOT mean that session is still
valid.
I think PHP will (out of the box) only delete old sessionfiles if the
randomnumber generator produces a number smaller than 0.01.
Thus one in a hundred times.

Here is mine (from an old php.ini)
; Percentual probability that the 'garbage collection' process is started
; on every session initialization.
session.gc_probability = 1

If memory serves me well newer versions of PHP have 2 numbers for this, that
are divided.
Better check carefully by yourself what your php.ini says.

Anyway, to make your directoryscan through the sessionstorage more reliable,
you might want to increase this chance to 100%, forcing stale sessions to
be removed every time anybody uses a session. This will of course slow your
application down a little if you have many sessions for PHP to scan each
time, so you better think this through, or better test. :-)

Or you write your own sessionstoragehandlers and use a database for
sessionstorage. I would advise that, but it is more work if you never did
that before. Database based sessionstorage is very fast, AND makes it
really easy for you to see who is online.

Regards,
Erwin Moller

>
Regards,
Mitul Patel.
Feb 16 '07 #4

Thanks Erwin,

Can you help me more and suggest some good idea? So I can figure out
things fast.....

Hope that you will help me...

Regards,
Mitul Patel.

Feb 16 '07 #5
Mitul wrote:
>
Thanks Erwin,

Can you help me more and suggest some good idea? So I can figure out
things fast.....

Hope that you will help me...
Well, when I first faced the situation in PHP you are in now (how to check
who is online), I found after a litlle studying that database-storage of
sessions is a good approach.

If you want to do that to, you must do the following:
1) Read up at www.php.net on sessions, mainly the part about own
sessionhandlers.
2) Google a little, at ZEND they have a few examples with code ready-to-go.
(I must warn you that the ZEND code is NOT perfect. It doesn't adres
simultanious requests to the same session as I should). But this code will
surely show you HOW things are handled.

3) Pay attention to the straightforward sessiontable.
It will roughly look like this:

CREATE TABLE tblsession(
sessionid TEXT PRIMARY KEY,
lastaccesdate datetime NOT NULL,
userid INTEGER,
sessiondata TEXT
)

Where:
- sessionid holds an unique value for each session your application creates.
This can simply be the PHP generated PHPSESSID.
- lastaccessdate is a field you update each time you use that session.
- userid is something I added for ease of lookup if a user is online.
(It contains a userid that I don't explain any futher, but you can think up
something that makes sense in your case.)
- sessiondata is the field that actually contains the sessiondata. PHP
delivers the content of this field to you, so you don't have to do the
encoding yourself.

Good luck.

One warning: I saw a lot of bad code on the net regarding databasestorage of
sessions.
Most people tend to forget that the PHPSESSID is dangerous to use straight
in the queries because it comes from a cookie (or URL), and thus from the
client, and thus could not be trusted (SQL-injection).
You'll have to sanitize the PHPSESSID everywhere you use it (and that is
almost everywhere in databasestorage queries for sessions.)

Just call addslashes() if needed. (Or mysql_real_escape(), or whatever suits
your SQL-injection defense strategy.) Even in O'Reilly books I saw that
mistake, and at ZEND too. It seems everybody is collectively forgetting to
sanitize the PHPSESSIONID. :-(

Regards,
Erwin Moller
>
Regards,
Mitul Patel.
Feb 18 '07 #6
Thanks a lot Erwin.

I am implementing things as per you suggestion. I will know you if I
have any problem or I got any success.

Thx,
Mitul Patel.

On Feb 18, 4:50 pm, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spam yourself.comwrote:
Mitul wrote:
Thanks Erwin,
Can you help me more and suggest some good idea? So I can figure out
things fast.....
Hope that you will help me...

Well, when I first faced the situation in PHP you are in now (how to check
who is online), I found after a litlle studying that database-storage of
sessions is a good approach.

If you want to do that to, you must do the following:
1) Read up atwww.php.neton sessions, mainly the part about own
sessionhandlers.
2) Google a little, at ZEND they have a few examples with code ready-to-go.
(I must warn you that the ZEND code is NOT perfect. It doesn't adres
simultanious requests to the same session as I should). But this code will
surely show you HOW things are handled.

3) Pay attention to the straightforward sessiontable.
It will roughly look like this:

CREATE TABLE tblsession(
sessionid TEXT PRIMARY KEY,
lastaccesdate datetime NOT NULL,
userid INTEGER,
sessiondata TEXT
)

Where:
- sessionid holds an unique value for each session your application creates.
This can simply be the PHP generated PHPSESSID.
- lastaccessdate is a field you update each time you use that session.
- userid is something I added for ease of lookup if a user is online.
(It contains a userid that I don't explain any futher, but you can think up
something that makes sense in your case.)
- sessiondata is the field that actually contains the sessiondata. PHP
delivers the content of this field to you, so you don't have to do the
encoding yourself.

Good luck.

One warning: I saw a lot of bad code on the net regarding databasestorage of
sessions.
Most people tend to forget that the PHPSESSID is dangerous to use straight
in the queries because it comes from a cookie (or URL), and thus from the
client, and thus could not be trusted (SQL-injection).
You'll have to sanitize the PHPSESSID everywhere you use it (and that is
almost everywhere in databasestorage queries for sessions.)

Just call addslashes() if needed. (Or mysql_real_escape(), or whatever suits
your SQL-injection defense strategy.) Even in O'Reilly books I saw that
mistake, and at ZEND too. It seems everybody is collectively forgetting to
sanitize the PHPSESSIONID. :-(

Regards,
Erwin Moller
Regards,
Mitul Patel.

Feb 19 '07 #7
Hello Erwin,

I am facing following problem. Plz suggest me what to do????

Warning: session_set_save_handler() [function.session-set-save-
handler]: Argument 1 is not a valid callback in /mnt/www/mitul/
global.php on line 31

It is not calling required functions.

Please suggest me......

Can you give me your mail id ..... Mine is mitulmpatel at gmail dot
com.

Feb 19 '07 #8
sorry wrong id give here is correct on patel.mitul.m at gmail dot
com.
Feb 19 '07 #9
Mitul wrote:
sorry wrong id give here is correct on patel.mitul.m at gmail dot
com.
Sorry Mitul,

I don't start personal emailsessions.
The idea of usenet is that everybody can read it, and if others face similar
problems, they can look up suggestions made in past.

I often found solutions for technical problems by searching googlenews
archives (The old dejanews).

So if you have a problem with your sessionhandler, please post the code in
here, and wait if anybody can help you.

Good luck!

Regards,
Erwin Moller
Feb 20 '07 #10
Thanks buddy...

I will ask any query here for more help...

Thanks a lot ...

Regards & Thanks,
Mitul Patel.

Feb 21 '07 #11

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
by: | last post by:
(subject included - apologies) <jason@catamaranco.com> wrote in message news:... > Is there a simple way to track users leaving our site to vendors whose wares > we have advertised as a banner...
1
by: JLuppens | last post by:
Does anyone know if there is a way to track changes in a text field like word does? I am using a SQL2000 database and can use either VB.Net or Access. The field is either ntext or Varchar. I...
2
by: Sandman | last post by:
Just looking for suggestion on how to do this in my Web application. The goal is to keep track of what a user has and hasn't read and present him or her with new material I am currently doing...
8
by: Dica | last post by:
i've got a client that wants to be able to review records about IIS generated emails. in his own words, he wants the "ability to track and report message status (i.e. how many messages were sent...
3
by: Vincent Ye | last post by:
Hi All, I have an application which is using memship and profile functions. It works well in my develop machine which is using SQL Express Edition Server as the provider. When I move this...
22
by: Sandman | last post by:
So, I have this content management system I've developed myself. The system has a solid community part where members can register and then participate in forums, write weblogs and a ton of other...
10
by: Php Developer | last post by:
I want to know how to check that user is online or offline status if he close his browser with the help of <body onunload>.As it not work well if is user change his page as that time it is too...
3
by: Ken Fine | last post by:
Hi, I'm using the VS.NET 2008 website copy tool. It is supposed to keep track of whether files are new, changed, or unchanged relative to a site on my "remote" server. Most of the time it does...
3
by: =?Utf-8?B?QmlsbHkgWmhhbmc=?= | last post by:
I want to limit the user only login the system one time at the same time. I don't want him login the system two with the same user at the same time. How to do this? If i have a table to record...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.