As for the auto-logout I have a suggestion. I have the same set-up for one of my sites. I have a session MySQL database and I track the id of a user once they login and then that record is updated with a timestamp each time a page is reloaded. So at any given time you can calculate the inactivity of a user via the database and show a online status.
I then have a cron job that runs every 5 minutes and it deletes records from my session database as records expire i.e. more than 30 minutes etc. My PHP pages behind the login then run a check on every load for a current session database entry based on the user id. Their PHP session may still be valid but if the database record does not exist the user is sent to the login page via a header redirect.
Dan T
On Mar 15, 2005, at 11:06 AM, Vaibhav Sibal wrote:
Hi I wanted to implement an auto-logout feature for my project so that if a terminal is left unattended for say 10 minutes, it should automatically logoff the user. Apart from this, there is another problem that I am encountering with my authentication scheme, the scene is as follows : (1) I am using a $_SESSION variable to transfer the username across pages, what happens is that I cannot login more than one user from the same machine since if i try the same the SESSION[username] variable's value gets changed to the most latest login name. How do i get around this ?
(2) Secondly, What happens is, when the user logs off from the system, there are two things that happen at that time, first is that the session variable is killed manually. The second is that the logged in status of the user is updated in the database. So what happens is that when the user is logged on the system, the database shows the user logged in status as 1 otw it shows it as 0. Now the problem is that if by chance the user closes the current browser window without actually logging off, the session variable gets killed automatically but the database is not updated accordingly. Please suggest some way around this also.
I would be really happy if you guys can help me with this.
Thanks in advance
Vaibhav
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
