I'm a little beginner to PHP and currently doing a project work that involves the task of displaying sessions that are currently live. But, I read in the documentation that sessions were stored in tmp folder and will be automatically expired when the browsing session ends. So, what can I do — I also googled and found that it can be stored in Databases and then we can get the count?
Was that possible? If so, please give me the methods for that.
Update: Also, please give the way such that entry in the database must be automatically removed when the session ends
I would suggest you define / let your stakeholders define what information you are after. If it is the technical webserver-number of current active sessions than you can keep on looking at what you are doing, but if you are looking for "number of users on the site" for instance, you should step away from the PHP-concept of sessions. They are something else.
Instead, as saving all this can be somewhat tricky, take a look at the "realtime" functionality on google analytics, maybe that'll be enough.
If that isn't, you need to make a database, register each load and update the loading-time on each action, so you can check out if someone was active during a certain period
Related
I have a PHP application custom_appli in /var/www/httpdocs.
Wordpress is installed on the same server in /var/www/httpdocs/new_cms/wordpress.
I need to retrieve user->ID using SESSION of custom_appli.
I have tried to insert :
require( './new_cms/wp-snapshots/wp-blog-header.php' );
global $user;
$user = wp_get_current_user();
echo "ID :".$user->ID;
writing wp-load instead of wp-blog-header doesn't change anything no matter whether I use include or require_once.
Could you please give me a link or advice on how to obtain user from SESSION?
Thanks in advance
Details and info are sparse, but here's how I would do it (I know about 5 methods, these are the least painful):
As mentioned, wp_get_current_user() gets you close, but that is generally only usable on the page for the user as in "on load" only. So from the WP served page you can get user ID (and all other info) and the session and have something that is usable. There are many ways to use that data to solve your problem, not really smooth all the time. Session data is etherial, beware.
Another way to go about it is to use wp-load.php and wrap it in middleware. this script bootstraps WP and allows queries and similar in the "bootstrapped" wordpress environment providing the applications internal API. I would consider adding wp-load to custom_appli "in the right way" and use that as middleware between the 2 applications. You will still need to identify the user as in many cases.
Without more information it is hard to guide you, but I can tell by your needs and the code already in the post that you are setting up for possible problems with dependencies, possible name-spacing collisions($user is something that could bite you as a global), and a myriad of other ways to loose time. If custom_appli needs a user ID, send it the user from WP on page load or similar.
When/why do you need that info? What is the flow?
You can also traverse a lot via session ID info too (depending on configuration).
FWIW I have passed user information successfully from 2 freestanding applications on different servers, it was very hard to do correctly, but it is possible.
Update after clarification
As mentioned "wordpress-user and cusstom-appli have same users" is possibly a replication of functionality, specifically running 2 tables(?) or logic. Just some feedback.
Basically you are wanting to hook the "logged in" status of a WP user. I see no mention of:
FK/relationships built on user (easy but a little more work)
ACL/permission based access on custom appl
No serializing of data or similar to the WP user (user in general)
Any of the above might have me change the solution. Here is a pretty clean prototype I wrote for you that is about 15 lines of code.
It follows some code from wp and essentially:
Makes sure PHP session is initialized via the theme functions.php
Uses the WP login (authentication) success to add a var to the session
On logout unsets the var (!IMPORTANT!)
Also makes sure the session is set when not logged in or the key is not present
Is easy to pick up outside of WP via session (custom_appl.php)
I tested this and it worked fine locally on one of my installs, I don't see any reason why it would give you problems. I would harden this a little more, but this is only a prototype showing how to use the key tools in PHP and WP.
wp_get_current_user() is a function in wp-includes/pluggable.php, which is loaded by wp-settings.php. I'm not sure how exactly WordPress bootstraps itself but I'd try to include wp-settings.php if anything.
I'm writing an app using Zend Framework and I need to be able to logout users on demand. The app will receive a request containing some kind of ID's that are mapped to SessionIds and it will end/expire those sessions. I know how to do the mapping, but what then? How do I end a session having its ID?
I see that there is Zend_Session::setId(), but I don't think this does what I want to do.
I have an idea to just delete files that are associated with given session, since they are named sess_[sessionId], but I guess that is an ugly way to do it.
You can save session info to the database. It would be related by session id.
Then create a plugin that checks if the DB row still exists. If not, then execute Zend_Auth::getInstance()->clearIdentity()
The method that logs the user out would delete the session from DB.
Depending on the structure of your sessions and what exactly you are trying to clear, there are a number of ways to destroy, expire and unset Zend_Sessions. Please refer to http://framework.zend.com/manual/1.12/en/zend.session.html for further information.
If in the future you could provide more detail and perhaps a bit of code illustrating your issue I'm sure the community would be more then happy to provide a better answer.
Good Luck.
So let's say user did something on my website, for example uploaded some images or whatever, and he left without logging out and never came back or let's say he did come back after few months.
So my question would be, is there some kind of way for example to delete his uploaded files after session have expired, let's say after 30 mins (keep in mind that user never reloaded page), so that would need to run entirely on server side without user interfering at all.
EDIT Thank you all for your wonderful answers, it gave me quite a few great ideas, i wish i could accept all of your answers :)
Good question! My first idea was to use a database based solution. If you don't already, you'd keep track of all active sessions in a table sessions which contains, among other things you may need, the session_id and the last_visited_time. This entry would be updated every time a user visits your site:
UPDATE sessions WHERE session_id = "<current session id>" SET last_visited_time = NOW()
The second part of the mechanism would be a cronjob that scans the the sessions table for sessions whose last_visisted_time hasn't been updated lately (in whatever time interval you'd like) and deletes the files for that session.
One way would be to call
$thePath = session_save_path();
and iterate over all saved session file, unserialze each and check them for the specified timeout property.
Unfortunately, you need to scan the whole directory to find all session files, which are older than a defined period of time. You'd use start() to figure out the age of a session file.
On a well-maintained server, each virtual host should have a separate directory for its session data. A not-so-well-maintained might store all sessions in a unified shared directory. Therefore, ensure that you don't read or delete other virtual hosts' session data.
Better Approach using a database
Therefore I propose to save session data to your application's backend database. Using SQL, it would be trivial to find all outdated session files.
The documentation for session_set_save_handler() provides a sample, which explains this whole process quite nicely based on objects.
I like all the answers above, but a different solution would be to name the uploaded files in a way that you know they are "temporary", for example prepending their name with a timestamp. This way, a periodic process would clean any such files, unless your program decides that they should be kept after all, renaming them accordingly.
I am initially seeking guidance to make sure I go in the right direction. From there I will come back with the code and ask for further assistance. I realize it isn't cool to say "hey I dont know what I am doing so I want you to do it for me."
So, here is my situation. I would say my php skills are amateur, and I am looking to increase them by working on projects for myself so I can learn through practice and application. I have created a webpage which contains a form that is used to update a XML file (I am playing around with flatfile DBs at the moment). All works well, the file is updated and the users is brought back to the page and the updated file is displayed. What I would like to do is allow the user to receive an update while they are browsing the website that the XML file has been updated, as well as alert them to the file update if they are returning to the website after having left.
My thoughts are that this would be done by using php session variables, one when they first access the website and another when the XML file is updated by a user. For the one when they access the site I thought a variable with a unique ID and timestamp as well as a timestamp of the files lastmodified value. I realize that this requires keeping storage of the session values since the value will have to be compared to something or else it will always appear as the most recent version, hence no changes.
Now that I think about it I guess you wouldn't need a session variable created on file update since the comparison will be based on the lastmodified value.
Just want to know if I am on the right track or completely off-base.
Any input is greatly appreciated.
Storing the lastModfided value
For your specific case I hope i understood you right. You want to say "notify the user if he wasn't the last one to work on the file" right?
That should be easily doable using the session as after writing you could store the last modified date of the file in the session and them compair that when the user comes back. I don't see any issues with that approach.
If you have you users log in I'd much rather tie the notification to their accounts.
Your session files will be deleted if the user is way for to long and a new one will be created if he uses a different browser. So it would be a really instable way of giving notice.
For the notifications no matter where he is on the site
If your database is updated in the background and you then could like to create a notification for the user I'd advice again using the php session for that.
While you are able (using some rather ugly hacks) to edit the session files they are not a stable enough basis to implement a notification system.
If you just work of session cookies then I'd still just store a "notify this session id if the guy shows up again" somewhere and check those notifications on every page load.
I know this is not as performant/nice/cool but it shouldn't really matter and save you a lot time dealing with.
Hope i understood you right and it makes sense to youu
Is there a way to find out on session being started. Like for instance the session start event in the global.ascx file of .net. The requirement is to find the no. of visits the user has done on the site.
Instead of checking each time during posts or gets to the server. Is there something in php to find out if the session is a new one. Zen framework is also used for the app.
Zend_Session::isStarted() and Zend_Session::sessionExists() will tell you if the session is already started. To find out when it was started for the first time, you could store the timestamp it was created, by adding it to the session on the very first startup. Just check if a key started_at already exists in the Session and if not add it and/or notify some other class about it to do something.
You can actually mimic what is done by global.ascx file through php and also there are a number of scripts available online for tracking online users you need to google about that.
you can use memcache for that purpose, or simply hack with a file(mentioned on Safraz answer) on the disc, or use a table on your database for that purpose.
Memcache appears to me the best solution since it is easy to setup and they already provide counter with increment/decrement. The only drawback of this solution your won't be able to reset the counter easily.