Hello all
I have a question, Im working on a website that allows users to login and see other logged users.
When a user logs in his/her status is updated to 'islogged=true' and when he/she logs out its set to 'islogged=false' (islogged being a row in mysql database). This is working perfectly but now I want a users 'islogged' status to be reset to 'false' if he or she is afk for too long. Im currently using session to keep user logged in through out the site but I don´t understand how to set the expiration time. I tried the function session_cache_expire() it return the value 180 so I thought it meant that the session would be destroyed in 3 minutes, so I closed the browser for 3 minutes and opened it again but I was still logged in i.e the session was still there. Should I be using cookies instead or both?
Session or Cookie?
Moderator: General Moderators
Re: Session or Cookie?
For starters, I think you should separate the ideas of "logged in" and "active". Person stays logged in for however long (a day, a week, until further notice) but they're only active as long as they're browsing around the site every 3 minutes.
If you go that route then keep track of the last activity time; your user list would be all people with that time being more than 3 minutes ago.
If you don't do that, having the islogged field being a time instead of a yes/no would still help. That way you could also force people to be logged-out if they were inactive for 3 minutes (or more), regardless of whether their cookies are intact or the session is still going.
If you go that route then keep track of the last activity time; your user list would be all people with that time being more than 3 minutes ago.
If you don't do that, having the islogged field being a time instead of a yes/no would still help. That way you could also force people to be logged-out if they were inactive for 3 minutes (or more), regardless of whether their cookies are intact or the session is still going.
Re: Session or Cookie?
I suspect the problem is not the session, but the logic. Make sure that at the very beginning of a page load if a users session is not set, that islogged is explicity set to FALSE.
I agree with tasairis, he posted before I got to, but for the record, here's my suggestion:
Also, one way to approach this would be to record instead of simply true or false, record the last time that they viewed a page when logged in. Thus, search the database for timestamps within the last X minutes, instead of simply who is "true".
-OmniUni
I agree with tasairis, he posted before I got to, but for the record, here's my suggestion:
Also, one way to approach this would be to record instead of simply true or false, record the last time that they viewed a page when logged in. Thus, search the database for timestamps within the last X minutes, instead of simply who is "true".
-OmniUni
Re: Session or Cookie?
how about update the user status offline/online when he login and logout?
off course theres a possible if people is not logout, but that's the same case as leaving the browser opened.
off course theres a possible if people is not logout, but that's the same case as leaving the browser opened.