[EMAIL PROTECTED] wrote:
On 9/17/08, André Warnier <[EMAIL PROTECTED]> wrote:
Justin Pasher wrote:
amiribarksdale wrote:
What is the "standard" way to determine whether a user is indeed logged
in to
a site and online right then? I have a web app where users log in and
get a
cookie. Part of it is the sessin cookie which expires at the close of
the
session, and part of it is a longer lasting authentication cookie. Am I
supposed to use the session cookie for this? Does it have to be stored
in
the db so it can be timestamped?
Amiri
Since HTTP is a stateless protocol, it requires a little creativity to
track "online" users. One way is to have a table in a database that keeps
track of a person based upon their username/IP address and the last time
they loaded a page. For example
* Client visits a page
* Add/Update a row in the table with the client's username/IP address and
set the timestamp to the current time
* To retrieve a list of "online" users, pull all rows in the database with
a timestamp within the last X minutes (for example, 10 minutes).
You could then periodically delete any rows from the table that are older
than X minutes or hours. This would help keep the size down. The username
for a client would be based upon a cookie or session information stored
within your page.
A more efficient table would contain all visitors with the timestamp
of the last visit rather than adding a row for each visit. You must
already have a table of all visitors so this only requires adding a
"LastVisited" field/column. The data could also be queried for
visitors that have not visited in the last 6 months.
Yes, that is why I said "add/update a row" the row and not just "add a
row". A new row for each page request could quickly lead to a bloated
table if someone wanted to be really mean to your site.
--
Justin Pasher
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
