Reputation: 515
Logging every user out of a Web application
I am helping develop a web application for one of the departments in the company I work for.
I was asked to look into a way to log off every user that might be on the application at once, so that if updates to the Web App are pushed out, people aren't working with an old version of it.
My problem is that as I am not very savvy with PHP, JQuery, AJAX, etc. which is what we're using, I have not known exactly what to look for.
We have a timer script running every couple seconds in the background, so I was thinking that I could add an admin button that updated a field in the database which this script could check every so often, and if the field was set, the logoff script could be executed. But this seems like a hack to work around the issue.
The guy I'm working with suggested I look into custom SESSION handlers.
What do you guys think? Any ideas?
Any help would be appreciated. Even if it's an idea on what to start searching for.
Thanks in advance!
EDIT: I should mention that this is a one-page web app. The user is not following any links or leaving the page.
Upvotes: 0
Views: 489
Answers (3)
Reputation: 515
What I ended up doing was the following:
I added a field into one of out database tables and checked its value every time our browser tick came through (about every minute or so). If the field is set when the tick comes through, their page is refreshed, thus logging them off the application and destroying their session (We destroy the session when someone leaves the page).
The users cannot log back in until that field has been reverted to '0'
The admin account can change that field with the click of a button. Therefore their field in the database remains as a '0'
It might be kind of a hack, but it's what I could come up with even after everyone's help. The only issue is that it takes a bit to log everyone off. Problems of pulling vs pushing I guess.
And yes, an email will be sent out some time before logging everyone off so they don't lose work.
Thank you all for your help!
Upvotes: 0
Reputation: 3310
Use a custom Session save handler which stores the sessions in database or file. When you want to destroy all sessions, you can clear the storage (be it database, or file).
Start from - http://php.net/manual/en/function.session-set-save-handler.php
Upvotes: 0
Reputation: 1055
Make an entry for logged in users in your database of choice, maybe memcached if performance is a criteria.
Upvotes: 1
Related Questions
- How to LOG OUT all active logged in users in php from admin side
- PHP Automaticly log off users in session
- Automatically logout when leaving the page (PHP)
- PHP Session Logout
- PHP sessions logging in and logging out
- php user logging out with or without AJAX
- PHP log out with AJAX call
- Login/Logout using PHP sessions?
- How to automatically log out user when browser closes?
- How to track logged out users in database table in php?