I'm finalising my project, and I want to find how I can restore the users last page when he logs in. Do I need to have a function that save the game, or is there a way I can redirect the user to the room/page he was when he logs in. As I recall, sessions get destroyed as a user logs out.
You should store every user movement inside your website into a database with a filed like lastPageVisited and add an updater to every page of your website that update that field with the current page.
Then you could recover that field with a simple query.
But the question is: is it really worth something?
Related
So i'm using session variables to take the id of the user everytime he logs in. Just now, i realized that one of the problems i'm gonna face is that everytime a new user logs in, the value of the session changes. Is it possible that the session value (ID of the specific logged in employee) is not changed even if another employee logs in?
The sessions in php are client specific (browser specific) if a user logs in in one browser and another in second, there will be no conflicts in the variable as the first user can see his session id only.
I need to know if there is an user logged in my website. For this purpose, I have only his session ID.
I got this id using: session->getId();
¿Is it possible?
Thanks in advance.
add a custom field to the session when the user logs in and then just check that field
Given that the web is essentially stateless, it is hard to know for sure if a particular user is logged onto a website.
One way to accomplish your goal is to keep a running log of all the users logged in, and the last visit time. Then you could query that log and if the users last visit time was less than 5 minutes ago, you could then say the user is logged onto your site. This will only tell you if the user is logged into your site, not if your site is the active tab in their browser.
Another way to get more "real-time" information as to the the active users of your site is to use something like SignalR which will allow you to do push to the browser. I've used SignalR in the past to send out system status messages to the browser and have it automatically update the page. The great thing about SignalR is it maintains an in-memory list of all the clients connected.
Currently when the user logs in my site, a (PHP) session is started and his database row is saved in his $_session. I do so because the size of user's data is small for now, and this way I do not have to ask the database for user's data every time I need it.
The problem is that, when I want to add or change something during the development and I touch the database, the session is not updated this way. The user have to logout and login again to update the session. This is good for now since the site is in development phase, but in production this is not desirable.
I wouldn't delete session files, because people are lazy and I would avoid to force them to re-login every time something change in database, and I do not want to reload the session every X minutes. My solution for now is a boolean column inside the user's table, false by default, that I set true when I change the database. Every time a session is continued, session data will be updated if that value becomes true. Anyway this way I have to do a (small) query every time an user continues a session. I do not know if this will be a problem in production.
Is there an alternative / better way to solve my problem?
If I understand the problem correctly, one way to handle this would be every time a user row in the DB is updated that user's session data could be updated as well in PHP.
If it is not the user updating the records (such as an administrator changing a user's permissions) most likely you would want to force a logout of the user. If it is the user updating the records (such as changing information in their user profile) simply updating those values in the session variables may be enough.
In both of these cases you probably also want to provide a message to the user letting them know what happened.
What I would like to do is essentially check whether or not a user has clicked a certain link on a page. The idea behind the functionality is that a user can click "Thanks!" on a post created on the website, but they can only submit one "Thanks!" per post.
I have no problem creating a simple click counter for the "Thanks!" button, and save the count to a database using PDO, but I am not sure how I can assign a click to the user who's session is active.Also, posts are constantly being added to the site, so I would need a system which would scale to more posts automatically.
Any guidance is appreciated, thanks!
Note: I know I have not put any example code, but I believe this is simple enough for a good programmer to grasp quickly.
EDIT
On further thought, the IP can not be used to distinguish users, as this website will be used by many people on the same IP.
Are the users logged in or anonymous? If they are logged in just save their user id in a session variable and upload it with their vote to a table in your database.
I do something similar using an Ajax request to a .php page that inserts a row with the session user ID and the vote.
If they are anonymous you can save their ip but that leads to problems with users who share the same ip address. Another (bad) option is to use cookies but users can obviously just clear their cookies and vote again.
i have a user login system which works off of sessions such that when the user logs in a session variable of user is populated with his/her username, then each page she loads checks this session, if it is not populated then the page is redirected to the login page. apon logout the session is destroyed.
But this still allows a user to open 2 different browsers at the same time and login. I want to stop this, such that if a user logs in and then trys to login using a different browser or pc, they get an error saying the user is already logged in.
So my first thought was to use a data base write, but then how do i know to unset that value if the browser is closed?
all my pages are php, and i use ajax and php scripts to update dynamic content.
So whats the best way to go about this?
they get an error saying the user is already logged in.
That's wrong approach, causing terrible user's experience.
Make it opposite: let that latter in, but make previous one logged out.
You only need to store current session ID in the user's table. If it doesn't match - ask for login.
If you find in DB that user is already logged in simply ask if he/she wants to go on and overwrite old session info. Another way may be adding a time-ticket to your database information (e.g. inserting time) and check how long is elapsed since inserted.
Regards
If I have understood your question properly, I think you can make use of cookie. Once user is logged in, you can create a cookie and set an expiry to browser session time. Before fetching data from DB, you need to check for cookie presence.
I would make another session variable that checks the browser type, if it is different call a view method to output what you said