473,230 Members | 1,572 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,230 software developers and data experts.

Simple force session logout time on leave page

I could not find on the web a complete solution for this task.
This is not the perfect solution, because it's doesn't have the
ability to log the logout if browser crash or user leave it open while
the session time out expires.
So, any improvement would be apreciated.
1. Make the system frameable, by creating a frameset page with an
unique frame - the system. So the user could navigate through the
pages without "leave" the website.

<frameset rows="*" framespacing="0" border="0"
onunload="unloadLogOut();">
<frame id="fmeSys" name="fmeSys" src="index.php" frameborder="0"
scrolling="auto" />
</frameset>

2. Save this frameset page (default.html). Note the onunload event of
frameset object. It calls the following function.

<script language="javascript">
function unloadLogOut() {
var xmlHttp;
try {
// Firefox, Opera 8.0 , Safari
xmlHttp = new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {
return false;
}
}
}
xmlHttp.open("GET","logout.php",true);
xmlHttp.send(null);
}
</script>

3. The logout.php script is where you update the logout time and
session_destroy().

mysql_query("UPDATE log SET dt_logout = NOW()
WHERE id_user = $_SESSION[id_user]
AND id = $_SESSION[id_access]");
session_destroy();
Best regards,
Thiago
Oct 13 '08 #1
6 5952
Thiago Macedo wrote:
I could not find on the web a complete solution for this task.
This is not the perfect solution, because it's doesn't have the
ability to log the logout if browser crash or user leave it open while
the session time out expires.
So, any improvement would be apreciated.
1. Make the system frameable, by creating a frameset page with an
unique frame - the system. So the user could navigate through the
pages without "leave" the website.

<frameset rows="*" framespacing="0" border="0"
onunload="unloadLogOut();">
<frame id="fmeSys" name="fmeSys" src="index.php" frameborder="0"
scrolling="auto" />
</frameset>

2. Save this frameset page (default.html). Note the onunload event of
frameset object. It calls the following function.

<script language="javascript">
function unloadLogOut() {
var xmlHttp;
try {
// Firefox, Opera 8.0 , Safari
xmlHttp = new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {
return false;
}
}
}
xmlHttp.open("GET","logout.php",true);
xmlHttp.send(null);
}
</script>

3. The logout.php script is where you update the logout time and
session_destroy().

mysql_query("UPDATE log SET dt_logout = NOW()
WHERE id_user = $_SESSION[id_user]
AND id = $_SESSION[id_access]");
session_destroy();
Best regards,
Thiago
HTTP is a stateless protocol, and there is no way to tell when someone
leaves your page. And your idea will fail if, for instance, they have
javascript disabled.

Why do you want to force your users to run through hoops, anyway? If
you absolutely need such functionality, use java applets.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Oct 13 '08 #2
>I could not find on the web a complete solution for this task.

You don't control the user's browser, the user does.
>This is not the perfect solution, because it's doesn't have the
ability to log the logout if browser crash or user leave it open while
the session time out expires.
So, any improvement would be apreciated.
It's thinking like yours that increases the percentage of users
who turn off Javascript.

Oct 13 '08 #3
On Oct 13, 6:50*pm, Jerry Stuckle <jstuck...@attglobal.netwrote:
HTTP is a stateless protocol, and there is no way to tell when someone
leaves your page. *And your idea will fail if, for instance, they have
javascript disabled.
This functionality were implemented on a CMS which needs JS to be
enabled to work properly. So, on those situations it'll work for my
needs.
Why do you want to force your users to run through hoops, anyway?
Completer user login log control. They are not my users, however, and
I agree that this is not a very relevant information. But, by seeing
on the web other people trying to get this acomplished, I decided to
publish it.
If you absolutely need such functionality, use java applets.
I couldn't.
I'm not trying to control the user's browser, I'm just trying to have
the ability to know when he left, simply as the time he arrived.
I have seen this done with popups on unload.. this is annoying. But
using assinc calls I have not seen any problems - YET, IMO
>
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstuck...@attglobal.net
==================
Oct 14 '08 #4
Thiago Macedo wrote:
On Oct 13, 6:50 pm, Jerry Stuckle <jstuck...@attglobal.netwrote:
>HTTP is a stateless protocol, and there is no way to tell when someone
leaves your page. And your idea will fail if, for instance, they have
javascript disabled.
This functionality were implemented on a CMS which needs JS to be
enabled to work properly. So, on those situations it'll work for my
needs.
And will lose 5-15% of your potential customers.
>Why do you want to force your users to run through hoops, anyway?
Completer user login log control. They are not my users, however, and
I agree that this is not a very relevant information. But, by seeing
on the web other people trying to get this acomplished, I decided to
publish it.
You can't control user login. And attempting to do so will just lose
you more potential customers.
>If you absolutely need such functionality, use java applets.
I couldn't.
It's the only way to have the control you want.
>
I'm not trying to control the user's browser, I'm just trying to have
the ability to know when he left, simply as the time he arrived.
I have seen this done with popups on unload.. this is annoying. But
using assinc calls I have not seen any problems - YET, IMO
No, you won't see any problems, because you will never see those
potential customers who left.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Oct 14 '08 #5
Thiago Macedo schreef:
I could not find on the web a complete solution for this task.
This is not the perfect solution, because it's doesn't have the
ability to log the logout if browser crash or user leave it open while
the session time out expires.
So, any improvement would be apreciated.
1. Make the system frameable, by creating a frameset page with an
unique frame - the system. So the user could navigate through the
pages without "leave" the website.

<frameset rows="*" framespacing="0" border="0"
onunload="unloadLogOut();">
<frame id="fmeSys" name="fmeSys" src="index.php" frameborder="0"
scrolling="auto" />
</frameset>

2. Save this frameset page (default.html). Note the onunload event of
frameset object. It calls the following function.

<script language="javascript">
function unloadLogOut() {
var xmlHttp;
try {
// Firefox, Opera 8.0 , Safari
xmlHttp = new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {
return false;
}
}
}
xmlHttp.open("GET","logout.php",true);
xmlHttp.send(null);
}
</script>

3. The logout.php script is where you update the logout time and
session_destroy().

mysql_query("UPDATE log SET dt_logout = NOW()
WHERE id_user = $_SESSION[id_user]
AND id = $_SESSION[id_access]");
session_destroy();
Best regards,
Thiago
Hi Thiago,

Your server cannot know if the user closes the browser/browser
crashes/etc. without additional technology (like Jerry said: eg Java
applets)

So you cannot know reliably when/if this happens.

A better approach for you logon/logout logging mechanism would be:
1) Write your own sessionhadler.
http://nl3.php.net/manual/en/functio...ve-handler.php

2) When a session is destroyed (by deliberate logging out OR because of
sessiontimeout) simply log the time in your table log.

I have build a few sites that use that approach when I need to close
things when a session is over and the user didn't log out as (s)he is
supposed to.

Regards,
Erwin Moller

--
Oct 14 '08 #6
On Oct 14, 7:55*am, Erwin Moller
<Since_humans_read_this_I_am_spammed_too_m...@spam yourself.comwrote:
Thiago Macedo schreef:
I could not find on the web a complete solution for this task.
This is not the perfect solution, because it's doesn't have the
ability to log the logout if browser crash or user leave it open while
the session time out expires.
So, any improvement would be apreciated.
1. Make the system frameable, by creating a frameset page with an
unique frame - the system. So the user could navigate through the
pages without "leave" the website.
<frameset rows="*" framespacing="0" border="0"
onunload="unloadLogOut();">
* <frame id="fmeSys" name="fmeSys" src="index.php" frameborder="0"
scrolling="auto" />
</frameset>
2. Save this frameset page (default.html). Note the onunload event of
frameset object. It calls the following function.
<script language="javascript">
function unloadLogOut() {
* * var xmlHttp;
* * try {
* * * * // Firefox, Opera 8.0 , Safari
* * * * xmlHttp = new XMLHttpRequest();
* * } catch (e) {
* * * * // Internet Explorer
* * * * try {
* * * * * * xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
* * * * } catch (e) {
* * * * * * try {
* * * * * * * * xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
* * * * * * } catch (e) {
* * * * * * * * return false;
* * * * * * }
* * * * }
* * }
* * xmlHttp.open("GET","logout.php",true);
* * xmlHttp.send(null);
}
</script>
3. The logout.php script is where you update the logout time and
session_destroy().
mysql_query("UPDATE log SET dt_logout = NOW()
* * * * * * * * * * * *WHERE id_user = $_SESSION[id_user]
* * * * * * * * * * * * *AND id = $_SESSION[id_access]");
session_destroy();
Best regards,
Thiago

Hi Thiago,

Your server cannot know if the user closes the browser/browser
crashes/etc. without additional technology (like Jerry said: eg Java
applets)

So you cannot know reliably when/if this happens.

A better approach for you logon/logout logging mechanism would be:
1) Write your own sessionhadler.http://nl3.php.net/manual/en/functio...ve-handler.php

2) When a session is destroyed (by deliberate logging out OR because of
sessiontimeout) simply log the time in your table log.

I have build a few sites that use that approach when I need to close
things when a session is over and the user didn't log out as (s)he is
supposed to.

Regards,
Erwin Moller

--
Thank you, Jerry and Erwin, for the good replys.
I agree with your approach. A little bit more expensive for me, but
finally do the job.

I understand your appointments, Jerry, but on my case I really need to
do that, and the user won't worry about. But surely, I'll take this on
consideration on more open (public) systems.
Regards,
Thiago
Oct 14 '08 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: NWx | last post by:
Hi, I have the following question: I have an app that uses user login/logout to identify users When user logon, I register logon time in a session variable When user logoff using the logout...
0
by: js | last post by:
In my project I have both ASPX and classic ASP. Four things in question are the entry page(Main.aspx), the logon page(logon.ASP), .Net Session, legacy ASP Session. The Main.apsx contains a Logon...
4
by: Chumma Dede | last post by:
Hi, Is there any way in asp.net 1.1 to force a user to logout from an existing session on machine1, if that same userid logs in with a new session on another machine, say machine2? We are...
5
by: kplkumar | last post by:
Hi I am doing a manual timeout, irrespective of whether the user is active or not I will time them out after 3 hours. I also make sure the page is not cached so that they can't go back to the...
6
by: somaskarthic | last post by:
Hi This is somas here. I asked query about detecting the browser close event using javascript. I want to detect the event only when the X button in the top right corner is clicked and not else...
1
by: gnewsgroup | last post by:
I am using forms authentication for a web application. Like many other member web application, my web application prints out Welcome! John Doe (Logout) on the top right corner of each...
2
by: Derek Fountain | last post by:
I've got a function that builds a webpage containing a flash animation. As the page goes to the browser, the browser sees the link to the embedded FLV file and opens a new connection to retrieve...
2
by: dmc2409 | last post by:
Well, I am more a desigber than developer. Need to solve the folloving problem. I have a page on, lets call it Firstserver. It opens Page1, Page2 and Page3 on Secondserver through a frame on the...
3
by: Mufasa | last post by:
Folks, I'm having problems with my session timeout. People using my website leave it just sitting there while they do other things. They have logged in ( using Forms Authentication ) and will be...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.