membership login

Anon

ok i got a question... not exactly sure how to go tackle it.

I'm making a membership/login site.
My question is how do i log them out?
How do i show to the other members online that a particular person is logged out.

Anon

Howdy

The way I do it is when the client logs in the script sets a cookie (using sessions). On all inner sites that they must be logged in to view/etc, it checks for the session variables and if they exist, it allows them in, if not, it kicks them back to the login page. To log them out, I just use something like:

<pre>
function logout() {
session_destroy(); #Destroy the current session vars
printf("%s, you are now logged out.", $this->user);
}
</pre>

Thats from one of my mini auth libs (class), just call logout().. :-)

HTH.

ceph

Anon

Right... I understand all the parts that you have mentioned and i had that in mind as well.
When they are logged on they are marked as logged in in a db table
The only thing I was stuck on is what happens if they never click on the logout button. Then they will always appear as logged on in a db field.
I'm not sure how to write a timeout code.. well not write it.. but i guess execute it to check if he is still logged in.

am i making sense?

jrottman

If you had searched before posting you would have found this. The only way to "guess" how many people are on is to record the time they logged in, and if they dont view another page after 5 minutes or so, they are considered logged out. All those sites you see that say how many users are logged in are not telling the truth. What they should say is How many users have viewed a page in the last 5 or so minutes.

Jason Rottman
Webmaster
Project Manager
www.stardefenders.com

Anon

yeah... makes sense. how bout this... does this make sense it has holes in it but hear me out.
check out time.com: when you close the window a pop up appears.
well what if that pop up appears and runs a script and logs the user out then quickly closes?
I will search and see if there's such a javascript to pop up a window when the client changes websites through the url address as well.

so theoretically i can be done.

Anon

the better approach (i think) is to just put your users on an "idle timer" ie, if they don't load a new page within, say, 600 seconds, log them out.

i've written a library that provides all that functionality (plus a bunch of other features). take a look at it if you want, or use it. http://freshmeat.net/projects/php_lib_login/