|
pliny has asked for the wisdom of the Perl Monks concerning the following question:
Help!
I need some way to check to see if a user that has been
logged into my site has left.... When they log in,
a text file is updated with their username and a timestamp..
my goal here is to make something similar to the "other users" section here at perlmonks...
I don't want to have to make my users logout, so is there any way to check for their absence???
Thanks a bunch,
PLiny
|
(Ovid) Re: Tracking user exits
by Ovid (Cardinal) on Sep 06, 2000 at 09:11 UTC
|
Short answer: you can't. The only thing you can do is see when they last logged in or, if they have static IP or if you are tracking by cookies, you can also see the last time they have requested a resource, but that's about it.
Regarding Perlmonks, I heard someone mention that what it does is see who has made a request in the last two minutes (maybe taking the tail of the Web access log or something?) and then lists those users in the Other Users box. Perhaps when you make a request it updates a timestamp in the user record in the database? Then it would be a simple SQL statement like SELECT userID WHERE lastVisit > blah, blah, blah.
In short, you can't know when someone has left. You can only know when they last arrived.
Cheers,
Ovid
Update: Hmmm... seems like puck has been paying more attention than I :) | [reply] |
|
|
Since there's a field in the user information page called "Last here" I suspect that the SQL statement is probably how things are done round here...
| [reply] |
Re: Tracking user exits
by puck (Scribe) on Sep 06, 2000 at 09:10 UTC
|
How about everytime a user loads a page it updates that users "active" file. If a users "active" file hasn't been updated for x minutes expire it. The expiration can either be a cronjob which runs every 5 or so minutes or part of the code which generates the list of "active users".
That's how I'd do it... However, there may be better ways to do it. This is something which I might consider adding to a system I'm going to start working on RSN. | [reply] |
|
|
I was thinking about this a bit more last night and another method which would be faster than using a DB is shared memory.
This would probably only work if you're using mod_perl or you have a script that is always running which prunes out the expired connections. I think this method might be a bit nicer than using the file system as well.
I haven't tested it to see what the performance is like, but it could be good.
| [reply] |
Re: Tracking user exits
by nop (Hermit) on Sep 06, 2000 at 14:23 UTC
|
It sounds like you want to see who is still active on the site. A piece of the solution could be tracking when people leave the site via an outbound link. You can track people leaving via an outbound link by rewriting every link off the site: replace
<a href="http://www.yahoo.com">
with a
<a href="/cgi-bin/sendto.pl?id=4041">
sort of thing, where 4041 maps to Yahoo. Then the sendto script can log the user, the time, and where they departed to.
(This strategy is how the portals -- MSN, AOL, etc -- track the traffic they send to their advertising sites.)
You could do these rewrites statically (embed sendto links in your static or dynamic pages), or I suppose you could do them on-the-fly with a mod-perl filter.
If the person leaves your site by just turning off their computer, by typing a new URL into the browser, or using their favorites, you wont be able to see it with this approach. So this doesn't completely solve your "who is still active" question, but I thought I'd toss out the idea. | [reply] |
|
|
I've discussed a CGI exit script in
my
WebTechniques Perl column, including why it is necessary, and how to
set up the site for it.
Oddly enough, I also use my CGI "exit" script to track links I place on slashdot
and other public arenas to see if anyone follows them. For example, on slashdot,
I may code in a story like:
For more information about my legal case, visit
<a href="http://www.stonehenge.com/cgi/go/http://www.lightlink.com/for
+s/">the
friends of randal schwartz website</a>.
which then shows up as a link like:
For more information about my legal case, visit
the
friends of randal schwartz website.
And clicking on that link (try it) takes you to www.lightlink.com/fors/, while first noting it on my server, so I can see if this link I've so carefully
typed was of interest to anyone, or if I was just wasting my breath. Obviously,
I don't need to code inward links to my site this way... only links from a
public site to some other public site. It's a nice way of knowing if I'm just babbling. {grin}
-- Randal L. Schwartz, Perl hacker | [reply]
[d/l] |
Re: Tracking user exits
by cianoz (Friar) on Sep 06, 2000 at 15:25 UTC
|
I suppose you track users with cookies:
(or at least with a session id somewhere...)
Suppose the cookie expires in $expire seconds
(with $expire quite short - say 15 minutes:
so $expire = time() + 15 * 60)
each time the user connects $expire = time() + 15 * 60
you write the expire time along with the session ID in your database
at any time you can check if a session is expired (and the user is logged out)
by scanning the session database
this can be triggered by a cron job or by user connections.
(obviously you obtain logout time with a resolution of 15 minutes in this case)
look at the implementation of the Session_OnEnd event
in Apache::ASP for a good (IMHO) example.
| [reply] |
RE: Tracking user exits
by bastard (Hermit) on Sep 06, 2000 at 23:33 UTC
|
Here are a few ideas beyond the ones already listed:
- Frames - (yeah, i know...) use a frameset wrapper with a hidden frame that refreshes itself every so often to verify the users presence (this may require more careful treatment of offsite links)
- Push images - this might load the server a bit, but as long as the image is being received by the browser, the user is there (IIRC it works on netscape, i'm not sure about the others, it users some sort of multipart mime type)
BTW- i'd personally use the 1-2 minute last access timeout system described in a few of the other posts, but if you need finer grained control, the ones here might work. | [reply] |
Re: Tracking user exits
by jeorgen (Pilgrim) on Sep 06, 2000 at 20:25 UTC
|
Speaking about communicating to the user what is happening:One on-line bank I use logs me out if I don't do anything for a while, and shows a message to that effect in the browser window. I do not know how they actually do that, but one way could be to use some session time stamp, preferrably on the server side, and then combine that with a content-refresh meta tag or http header with a time set to the time out of the session. So if a user keeps a web page open for t seconds, the page will reload and a message will appear that he's been logged out (if the session info indicates that so should be done).
/jeorgen | [reply] |
|
|
Use a 'javascript' refresh.
One reason why, if a user hits cancel, the meta refresh gets canceled, while a javascript/one doesn't if you just call your function without using any events like so
<script language=javascript>
<!--//
var counter=1000;
var urla="http://pathto/logout.cgi";
function stoperror(){ return true; }
window.onerror=stoperror;
function countdown()
{
if(counter==0)
{ window.location=urla; }
counter--;
setTimeout("countdown();",995);
}
countdown();
//-->
</script>
"cRaZy is co01, but sometimes cRaZy is cRaZy".
- crazyinsomniac | [reply]
[d/l] |
|
|
Of course, anyone who has been reading the CERT alerts for the past few years already has Javascript (and perhaps Java) disabled while surfing the Wild Wild Web, so
this solution won't work.
In fact, there are provably more people with Javascript turned off today
than ever before. So we'll have to increasing provide solutions for problems
that do not use Javascript. Get used to it!
-- Randal L. Schwartz, Perl hacker
| [reply] |
|
|
|
|
|
|
