Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    New Coder
    Join Date
    Nov 2012
    Location
    United Kingdom
    Posts
    39
    Thanks
    3
    Thanked 1 Time in 1 Post

    Session timer & idle timer

    Hi,

    Over the past few months i've been learning PHP & i've learnt quite a far bit but recently someone asked me to test my skills and code my own social network site for a small community.

    I've got the design & everything sorted i just want to now how to make user's idle in user_sessions.

    Here's my table:
    PHP Code:
    CREATE TABLE IF NOT EXISTS `user_sessions` (
      `
    idint(11NOT NULL AUTO_INCREMENT,
      `
    hashvarchar(255NOT NULL,
      `
    user_idvarchar(255NOT NULL DEFAULT '0',
      `
    last_activityvarchar(255NOT NULL,
      `
    ipvarchar(255NOT NULL,
      `
    locationvarchar(255NOT NULL,
      `
    idleenum('0','1'NOT NULL DEFAULT '0',
      `
    loggedinenum('0','1'NOT NULL DEFAULT '0',
      
    PRIMARY KEY (`id`)
    ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=
    hash = md5(session_id())
    user_id = userid
    last_activity = time(), last time they was active on forum
    and so on.

    I need to know how to make it so when users are online but idle for more than 5 mins or so it goes to idle, i'm not to sure if it's anything to do with Javascript or jQuery.

    Because the way i look at it once the user has been inactive for more than 5 mins once they click a link or something my CMS will log them out and i don't want that, i want it to set it to idle, until they either leave the domain or they logout.

    If anyone can help will be much appreciated thanks.

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    That's kind of a toughie, since the whole HTTP "thang" is based on stateless scripting-- user requests a page, you process it, send back output, and the transaction is complete. There's no persistant connection between client and server.

    But, there are some things you can do. But first, why in hell would your CMS be kicking people out after only 5 minutes' inactivity? That's silly. Unless you're moving large sums of money around, or work for the military or CIA, I see no reason for that level of security. Can you change that?

    Anyway, you have a good thing going with that last_activity column in your table, but you have to make it a datetime or timestamp data type. The reason is so you can easily perform addition and subtraction on it using built-in MySQL functions. The one you'll find to be handy is timediff().

    Using timediff, anytime you need to determine the amount of time it's been since a user did anything, you select the user info and calculate timediff(now(), last_activity). Along with that, you will of course need to update that database row every time someone does something. So basically every page in your system will need to call an update query on that column.

  • Users who have thanked Fumigator for this post:

    Clawed (12-03-2012)

  • #3
    New Coder
    Join Date
    Nov 2012
    Location
    United Kingdom
    Posts
    39
    Thanks
    3
    Thanked 1 Time in 1 Post
    5 minutes was just a tester time, it will be normanlly 60 minutes untill it will sign you out, but i wanna set idle timer on 5 minutes, then if inactive for more than 60 minutes they will get auto logged out when they next click a link.

    But i also want it to clear the session if there not online.

    For example if someones idle but still on the domain i want it to say there still online but idle.
    Else if someones gone offline or gone to a different domain but there still idle i want it to clear the session.

    Currently for last_activity its time()

    But like i said before i think its something to do with jQuery or js that picks up if the users mouse is moving but still has been on a page for more than 5 mins.

    I'm really stuck.
    I'm sure it's jQuery or js.
    It's like what vBulletin does.

  • #4
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    As I mentioned before, HTTP is stateless-- as soon as a user retrieves a page he/she has requested, that's the end of the experience. Technically, at that point, the user is no longer "on your domain".

    Yes, you could capture mouse movement using Javascript or jQuery. But then what? What good does that do you? Are you really going to issue an AJAX call back to the server to update your database every time a client moves the mouse? That's way too much traffic to push through. Your server will be swamped with mouse movement updates, thousands and thousands every minute (assuming you have a substantial user base). And what does that buy you? You will know if someone is sitting on your webpage, moving his mouse... but... Why do you need to know that?

    If I were you I would focus more on the question "How long has it been since a user requested a page?" Using that info, you can make some assumptions on whether a user is inactive or not. Has it been 10 minutes since the last request? Do you have any pages in the system that take more than 10 minutes to read? OK then, go ahead and assume the user is inactive if the last_activity is older than 10 minutes. Why make it any more difficult than that?

    And again, I really don't understand why you'd want to log a user out after 60 minutes, or 3 hours, or 3 days. Who cares if he's got a session open that long? What consequence does that have? Unless you're the CIA, it doesn't really matter. I become extremely annoyed at my online banking because it's got a 20 minute timer. I understand they are protecting my account by making sure I didn't log in at a library somewhere and then walk away from the computer, but COME ON MAN-- 20 minutes is too short a time, and that's for a website that contains sensitive info that I want to protect! A social media website doesn't need that level of user protection. I'm pretty sure Facebook lets you go inactive for hours or days and doesn't kick you off.

    I'll be gettin' off my soapbox now...

  • #5
    New Coder
    Join Date
    Nov 2012
    Location
    United Kingdom
    Posts
    39
    Thanks
    3
    Thanked 1 Time in 1 Post
    Yea i get what you mean.

    Quote Originally Posted by Fumigator View Post
    And again, I really don't understand why you'd want to log a user out after 60 minutes, or 3 hours, or 3 days. Who cares if he's got a session open that long?
    It's not that i want to log them out, it's the fact that if a user is inactive for more than 10/60 minutes i need it to update the database sessions.

    It's like vBulletin & Facebook system.
    When people are inactive for more than 5 mins on Facebook it sets them idle but they still appear online, in a way it's the same with vBulletin.

  • #6
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    Those sites are tricking you into thinking they are keeping close track but I assure you they are not. They are using a technique similar to the one I've described. You want to actively keep track of user's sessions and update a database field at a given moment in time when someone becomes idle but that's just wasted effort in my opinion-- you can achieve the same exact results by passively checking when the need arises.

    So yes, you could set a Javascript timer to make an Ajax call every 5 minutes, which would determine if the client has done anything on the website, and if not then update the user's status to "idle". And then anyone who is friends with that guy, when they inquire about his status, you can rely on that database value to tell you.

    Or, you can determine if he's idle by performing a timediff() on the last_activity column. At any moment you can decide if a user is idle. It's really the same thing, but this way you don't have to constantly update the database, you don't have the overhead of an Ajax call every 5 minutes, and it's one moving part you don't have to worry about it breaking.

  • #7
    New Coder
    Join Date
    Nov 2012
    Location
    United Kingdom
    Posts
    39
    Thanks
    3
    Thanked 1 Time in 1 Post
    Quote Originally Posted by Fumigator View Post
    Those sites are tricking you into thinking they are keeping close track but I assure you they are not. They are using a technique similar to the one I've described. You want to actively keep track of user's sessions and update a database field at a given moment in time when someone becomes idle but that's just wasted effort in my opinion-- you can achieve the same exact results by passively checking when the need arises.

    So yes, you could set a Javascript timer to make an Ajax call every 5 minutes, which would determine if the client has done anything on the website, and if not then update the user's status to "idle". And then anyone who is friends with that guy, when they inquire about his status, you can rely on that database value to tell you.

    Or, you can determine if he's idle by performing a timediff() on the last_activity column. At any moment you can decide if a user is idle. It's really the same thing, but this way you don't have to constantly update the database, you don't have the overhead of an Ajax call every 5 minutes, and it's one moving part you don't have to worry about it breaking.
    Ok thankyou very much for you're time, much appreciated, i will look into this sometime later on.

  • #8
    Junsee
    Guest
    save the timestamp to a session at the top of the page.

    then each time a person clicks a link or travels to a new area, then recalculate the timestamp.

    workout the difference and if its overtime then kick them out.

  • #9
    New Coder
    Join Date
    Nov 2012
    Location
    United Kingdom
    Posts
    39
    Thanks
    3
    Thanked 1 Time in 1 Post
    Quote Originally Posted by Junsee View Post
    save the timestamp to a session at the top of the page.

    then each time a person clicks a link or travels to a new area, then recalculate the timestamp.

    workout the difference and if its overtime then kick them out.
    Sorted it all not, just gotta build a mouse movement ajax lib.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •