|
|
Posted by Gordon Burditt on 03/04/07 01:09
>>> Is there any way to run a function or a code-block whenever the client-
>>> server communication breaks off. (ie power-off, browser-crash...)
>>
>> No. The best you can do is time out a session X time from the last
>> hit. Another kind of "improper sign-out" you won't see is clicking
>> on an ad and not coming back, clicking on the HOME button, typing
>> in a URL, etc. Know also that communication doesn't necessarily
>> stay up during a session. It may disconnect after completing each
>> page.
>>
>>> Why I need this is, I want to update a login-table to trace user's
>>> leave the portal without proper log-off or sign-out.
>>
>> Find something else to need.
>>
>>> Every time a user at proper sign-in, a flag is set & account is locked
>>> until he sign-out by updating in the login-table.At sign-out the flag
>>> is released & his account is ready to log-in again.
>>> Is my logic right?
>>
>> Why on earth would you need such a thing, besides trying to drive off
>> users?
>
>I'd even go so far as to say: the last one to log in clearly knows the
>password, if another one is currently logged in under the same credentials
>I log them out instantly.
I'll agree here: if you *must* insist on one login at a time, kill
the *old* session (which may have just suffered modem disconnectus),
not the *new* one. It also acts to discourage account sharing
(situation: pay site for pr0n or whatever). If you share your
account widely, *all* people trying to use it are likely to get
booted off often. It's harder to implement, though. One thing
that makes it a bit easier is to use a session save handler which
puts session data in a database, thereby making a search for people
logged in under the same account easier.
>People can get seperate logins a plenty, no
>reason to share, and another little security measure to, well, not
>prevent, but end a specific session hijack.
Depending on the design of the site, there are plenty of reasons
for the same user to try to pull up two different pages from the
site at the same time (for example, to look at two things you might
want and compare features side-by-side to decide which to buy), and
many times it is necessary made to log in twice to do that.
Navigation:
[Reply to this message]
|