-1

Below is a part of my website flow, I have some question, grateful for any advice.

User visit the page >
if not visited (isset session[id]) before,
1. give a temporary id store in session[id].
2. Create a folder named session[id] store in server.

After user finish activity then leave the page.
1. after 1 hours, remove folder in dir.


Q1. After user leave, sometimes the folder will be successful remove, but sometimes not, Why?
How to set after 1 hours remove folder?

Test in (Mamp localhost , Safari, Firefox) different situation : 1. click window close button 2. direct quit browser program 3. same window forward to other website. 4. cut off internet signal. (Mamp localhost , Safari, Firefox) 

window.onbeforeunload = confirmExit;
function confirmExit(){         
    $.ajax({
        type: "POST",
        url: "index.php",
        data: 'remove_session='+'remove_session', // trigger php remove folder and row in table
        success: function(html){
        }
});
};

Q2. Is there a better way detect user came before or not? and user not on the website?

vibskov
  • 275
  • 4
  • 16

2 Answers2

1

Not sure how your site is setup or what you are actually storing, but you could maybe just keep data client side (cookie/local storage)?

If you just want to clean up old folders try adding a timestamp to your user sessions and once an hour clean up any folders not accesses since x time.

Robert Hoffmann
  • 2,366
  • 19
  • 29
  • Not sure how this works in php but I suppose if hose folders are created by php and not you then the folders should disappear on the session timeout. If however it's you that creates those folders then you probably need a cleanup function that you run once in a while, but will need a way of tracking which folders to delete. Which should be pretty simple if you know when a user was last seen and delete those older than x time. – Robert Hoffmann Mar 31 '13 at 23:57
1

After user leave, sometimes the folder will be successful remove, but sometimes not?? Why? and how to avoid this happen?

(It's not like you have explained much of how this concept is implemented but I'm assuming you are not using cronjob)

This happens because, to run you script, your server needs a requested to be made. It means that if the user leaves and no requests are made after, then you are not going to be able to remove the folder (yet).

To fix this issue you most likely need a Cron job. You can find numerous tutorial and information both on Google and here.

Is there a better way detect user came before or not?

Your current system uses sessions which cannot be totally trusted as part of the dangerous group of the user inputs (sessions are implemented with cookies). But you would need some sort of tracking; the options that comes to my mind are:

  • Store guest informations in the database (IP, MAC, etc)
  • Create a login system (store last login timestamp)

Then, once you have the last visit timestamp I think you can figure it out.

and user not on the website?

This is a very discussed topic. There are tons of StackOverflow questions that you can easily find.

The short story is: if you can use Javascript then you can get a pretty decent precision (down to ~5 seconds span, less is discouraged), if you don't then you are going to set a number of minutes (let's call it X) after which a user is defined AFK/*Offline* (most of the time is 10-15 minutes).

The basic idea is the following (timeout function for Javascript, per request otherwise):

  • store timestamp of the last request made to the server from the user into last_seen
  • when needed get last_seen and compare it to time().
  • if difference is < X (where X is the time defined above) the user is on, otherwise is off

Note: with Javascript, for example, if you set the timeout function to send a request every 5 seconds, you can easily check the timing with X = 10 seconds (having a ~10 seconds precision).

Shoe
  • 74,840
  • 36
  • 166
  • 272
  • 1. Thanks for the clue I'm googling cronjob. 2. I can't find way to get user MAC address in php, do you know how to? and IP address can't trust because if user is connecting via a proxy, will get the proxy's address. 3. I'm trying to detect user not on the website and remove their stored data in server. if I run a javascript timeout function send a request every 5 seconds, user leave(close the window) during the 5 second, the server won't catch the request. – vibskov May 01 '13 at 19:44
  • 2. [Sure](http://stackoverflow.com/questions/1420381/how-can-i-get-the-mac-and-the-ip-address-of-a-connected-client-in-php). 3. That's what you need cronjob for. – Shoe May 01 '13 at 19:47
  • Thanks for reply, 2. if I'm rent hosting, still can use that function to get Client MAC address? just use the code in first page? don't have to set other thing in hosting? – vibskov May 01 '13 at 19:53
  • @vibskov, it really depends by too many things. Why don't you try? – Shoe May 01 '13 at 19:55
  • I tried it before post question. I change `$arp='arp -n $ipAddress';` for linux, add `print $macAddr; print_r($macAddr);` add the function in index.php and no other code. can't get anything. – vibskov May 01 '13 at 20:27
  • @vibskov, If you are not planning on creating an authentication system then you can't really be sure. I think retrieving the MAC address is as reliable as an IP address, therefore that's possibly the only viable option. But if I were you then I would create a login system and base it on there. – Shoe May 02 '13 at 02:05
  • I have a login system, but I'm trying to let user experienced the service first, then they can choose login/signup or leave. – vibskov May 02 '13 at 09:18