amc
Posts: 22
|
Posted: 01/11/2013, 5:42 PM |
|
Hi,
I'm building an application in which users have to be logged in. I want to know which users are logged in.
To do this, I save a TRUE in the User database, for that user, when log in and FALSE when log out. I don't know if there is a easier / better method to do it....
The problem arises if some user tries to get a page without permission to do it (writing a restricted URL in the browser, for example). CCS logs out this user automaticaly and I don't have the chance to intercept that action and save FALSE for that user. Then it seems he is still logged in.
Thanks
|
|
|
Lucius
Posts: 220
|
Posted: 01/12/2013, 2:09 PM |
|
What you describe is not really a reliable way to do this, for example:
- user doesn't log out but closes browser - is he really logged in or not?
- something happens like you describe above that doesn't trigger logout registering function
There are some ways you can track them though, server side and client side.
Server side - action on a form, page change etc trigger an update on user "last_activity" timestamp in the DB. If the "last_activity" is longer than X minutes you can consider the user as logged out.
Client side - this is another approach, most likely most accurate. Create a includable page that has a JavaScript code that "registers" user events with some server-side service, for example that he is active or he has closed the browser. You can even in such way track if he has the window with your webpage active (focused). Add this includable page to all pages in your project and that's all.
Of course there might be other approaches, all depends on how much accurate you want to be.
|
|
|
|