PHP- how to run something when session times out?

lozina

Lifer
Sep 10, 2001
11,709
8
81
I need to enhance a login system to record login date and logout date for each user. the login of course is easy, and the logout is easy too if the user presses a provided "logout" button, but what about when the user's session times out? how can I detect session timeout for a user and record the date in my table ?
 

Crusty2

Junior Member
Jul 16, 2007
3
0
0
I would store a cookie on their computer with the relative session info, ie when they signed on and when their session expires. Then the next time they attempt to access your site just access the cookie and see if they are passed the expire time, if so process the logout and record keeping.
 

Aikouka

Lifer
Nov 27, 2001
30,383
912
126
Here's what I was thinking...

Store whenever the user refreshes their timeout timer. Then compare the time out period + last refresh time. If that is smaller than the current time, then that'll be their official log off time. Now, when you do this check is completely up to you, you could make a nightly cron job to do it, do it whenever you check the logs (I assume you might want to view this in a php page?)

EDIT:

Originally posted by: Crusty2
I would store a cookie on their computer with the relative session info, ie when they signed on and when their session expires. Then the next time they attempt to access your site just access the cookie and see if they are passed the expire time, if so process the logout and record keeping.

Only problem I could see with this is someone might clear their cookies.
 

Crusty2

Junior Member
Jul 16, 2007
3
0
0
If someone were to clear their cookies you would be able to detect that, and log them out immediately and then do all the processing as normal.
 

jjones

Lifer
Oct 9, 2001
15,425
2
0
Crusty, if they clear cookies, he won't be able to identify who would need to be logged out.

What may work for you, if you don't need to know the exact time but could instead work within a window of time, is to set the log in and log out at the same time, recording the log out time 30 minutes later than the log in. When the user logs in, set a session cookie with the log in time plus 30 minutes. As they navigate the site, use a function on each page to determine if they have exceeded the 30 minutes window, and if they have, then update your log out to be 30 minutes later than current time and reset the session tracking cookie to current time plus 30 minutes.

I hope that makes sense. I have an ear infection bugging hell out of me, so I don't know for sure. :p
 

Crusty2

Junior Member
Jul 16, 2007
3
0
0
Well, if they cleared their cookies then they would have to login again.... When they tried to login it would notice that they don't have ANY cookies and check to see if the db still thinks they are logged in....
 

lozina

Lifer
Sep 10, 2001
11,709
8
81
thanks for all the replies guys, sounds like some good solutions i will try to work them in tonight!