Why would you care if the same user logged in again?
posted 10 years ago
I just want to track the in time and out time of all users. Thats why I am inserting 1 record while logging in. He the user closed the window. I can't track the out time. Also until the session expired the user can't re-login I mean the system won't allow. we designed like that.
I need a suggestion to trigger a event at the time of user closing the window. so that I will update the out time..
Meet Gaurav wrote: the system won't allow. we designed like that.
You designed poorly.
I agree: what's the reason for not allowing this? It seems pretty arbitrary, and potentially *very* annoying.
Trivial example: I work ten minutes from my apartment. I log in to your app. Without logging out, I go to work. I try to log in, and I can't. Arbitrary and capricious. If I can provide you my credentials, it shouldn't matter.
You could just set the session timeout to something very short, but that can be a little irritating too. Are you working on a website that has massive security restrictions?
posted 10 years ago
Yes, the site is designed more for security.. Is there any other option ?
My requirement is to log in time and out time of every users. If the users close the window ? How do I record out time ?
If suppose my session time out is 1 Hr. Even if the user closed the window after 5 mins and again logged in after 10 mins,.. This shows some bad data in the DB rite.. I mean 1 sessions at the same time.
Meet Gaurav wrote:If suppose my session time out is 1 Hr.
Why would you have a session timeout of 1 hour if your site is supposed to be secure?! That makes no sense.
Are you writing bank software? Government? Military? If not, what kind of information are you trying to protect?
If you cannot trust the users to be responsible and log out, you're pretty much doomed: what if the browser crashes? Or someone trips over the cord on my machine? Let alone that there's no great way to tell if the user closes the browser.
(You could use Ajax, but that would continuously refresh the session, which may or may not be what you want.)
I still believe your initial requirements have lead you down a road that dead-ends.