Limiting time on one page via php

Lchris006

Hi there Everyone,

I am writing a chat script for a client and would like to know how i could limit someones time spent on one page (kids spend way too much time on there lol), the problem is the page refreshes and cookies are unsecure, so it would have to log the ip i guess, does anyone know how i could do this

Thanks

Chris

vasah20

I'd suggest timing using Javascript on the client side. That will force a log off of the client after X amount of minutes.

In addition to this, you could store a hidden form variable containing a timestamp of when the user first signed on. Once the user submits, you could compare that 1st timestamp with a current timestamp. If the time elapsed is too long, again you can automatically log the person off.

You can make this entire thing even more secure by using a timestamp/SID combo. Just store it in a mysql database, and issue a query along the lines of:

$sid = session_id();
$ip = $_SERVER['REMOTE_ADDR'];
$res = mysql_query("SELECT logged_in_at FROM 
users_logged_in WHERE session_id = '$sid' AND ip = '$ip' AND 
logged_in_at BETWEEN DATE_SUB(NOW(), INTERVAL 30 MIN) AND NOW();");

Or something like that...

The only reason you would check both SIDs and IP addresses is there's a chance two people behind the same proxy would use your application. If that happens, they're going to have the same IP address. The only measure against this is to use SIDs. (personally, I would just use session ids instead of IP addresses, but whatever works.)

That should be enough to get the ball rolling.