RE: [Phplib-users] One User logged in at the same time...
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
RE: [Phplib-users] One User logged in at the same time...
|
From: Brian P. <bp...@ct...> - 2001-11-06 20:58:00
|
These two variables:
var $gc_time = 1440; ## Purge all session data older than
1440 minutes.
var $gc_probability = 1; ## Garbage collect probability in
percent
determine how often a garbage collection routine is called and which old
session records are deleted (with the gc function).
function gc() {
srand(time());
if ((rand()%100) < $this->gc_probability) {
$this->that->ac_gc($this->gc_time, $this->name);
}
}
gc() gets called in the start function of the session class. The probability
variable is used so that the gc() function will only be "working" a small
percentage of the time (by default).
-----Original Message-----
From: darcy w. christ [mailto:da...@el...]
Sent: Tuesday, November 06, 2001 2:49 PM
To: php...@li...
Subject: Re: [Phplib-users] One User logged in at the same time...
No, you are right. i was being sloppy. in fact, what was i thinking?
still, there might be a way. If you added a timestamp to your session
and make sure the timestamp is updated everytime the user continues in a
state of authentication, it would be possible to know if a user is
logged on beyond the authentication timeout. i've built in a javascript
refresh into my site, so that the page is refreshed after the
authentication timeout, just to force a logout.
question: how and when are session records removed?
Jens Benecke wrote:
>
> On Tue, Nov 06, 2001 at 02:40:22PM -0500, darcy w. christ wrote:
>
> > i have not done this, but it's certainly possible. One thing you could
> > do is create a new table for logging who has been authenticated. i have
> > done this by adding this function to my auth class.
> > (...)
> > But if you did this where the user is being authenticated and you put
the
> > last_insert_id() into the table, you would be able check both the
session
> > table and this auth log table for someone logged in. Does that make
> > sense?
>
> I don't think this works as advertised. How do you know when a user logs
> off? That's the whole problem. You can of course keep a log of all logged
> in users, but this doesn't help if you don't know when users
>
> - go to another site (i.e. log off, practically speaking)
> - close their browser window (i.e. log off)
> - computer crashes (i.e. they loose session cookie anyway)
> - etc.
>
> so you don't know when to allow a second user in.
>
> Or did I miss the point?
--
~darcy w. christ
Elegant Communications Inc.
416.362.9772 x222 | 416.362.8324 fax
_______________________________________________
Phplib-users mailing list
Php...@li...
https://lists.sourceforge.net/lists/listinfo/phplib-users
|
