[DAL]

I have lost control when it comes to logging out of my site. If a user selects logout then it take them to a page that asks to close the windows. This is fine, as this page in the background actually gives the user profile a recorded logout time. But the place where I have lost control is if they just close the window on IE. This wouldnt call the procedure to write a logout time. Is their any way that I can action a pl script at the time the user clicks "X" to close the IE browser window?


Also Going back to user login. How do I test if users are activly logged in? Im using env var and If I test say;

$Userid = $ENV{'REMOTE_USER'};

if ($Userid eq "Dave"){$Daveloggedin = "True"};
if ($Userid eq "John"){$Daveloggedin = "True"};

because the $ENV{'REMOTE_USER'}; is only local isnt it? Or does it pick up from the server and can have more than just my login at the time?

[Chas]

Quote:

Originally Posted by DAL

I have lost control when it comes to logging out of my site. If a user selects logout then it take them to a page that asks to close the windows. This is fine, as this page in the background actually gives the user profile a recorded logout time. But the place where I have lost control is if they just close the window on IE. This wouldnt call the procedure to write a logout time. Is their any way that I can action a pl script at the time the user clicks "X" to close the IE browser window?

Not really. The only thing I can suggest is that you log the time of every request made by the user. You can then use the last time as the logout time. But there is nothing you can do to check if a user just hits the X to close the window.

Quote:

Originally Posted by DAL

Also Going back to user login. How do I test if users are activly logged in? Im using env var and If I test say;

$Userid = $ENV{'REMOTE_USER'};

if ($Userid eq "Dave"){$Daveloggedin = "True"};
if ($Userid eq "John"){$Daveloggedin = "True"};

because the $ENV{'REMOTE_USER'}; is only local isnt it? Or does it pick up from the server and can have more than just my login at the time?

The %ENV hash is a global, not a local. If I were using .htacess/.htpasswd for authentication I would just check for the existance of the 'REMOTE_USER' hash key:

Code:

$ENV{'REMOTE_USER'} or return login();

If you need to keep a list of users, something like this will work:

Code:

# If the user is not logged in, send them to the login page
$ENV{'REMOTE_USER'} or return login();

# Add the user name to a hash to keep track of users.
$USER{$ENV{'REMOTE_USER'}}++

That will populate a user hash with user names that you can iterate through but then you come back to your original problem. What happens if they don't log out like good litte users? You can expand the hash to include a time stamp:

Code:

# If the user is not logged in, send them to the login page
$ENV{'REMOTE_USER'} or return login();

# Add the user name to a hash to keep track of users.
$USER{$ENV{'REMOTE_USER'}} = time;

Then when you iterate though the list you can compare the timestamp to the currect time. If it's more than say, 30 minutes, or how ever long you want a session to last, you just remove them from the hash:

Code:

sub online {
  my @valid_users;
  foreach my $user (keys %USERS) {
    if ($USERS{$user} > time - 60 * 30) {
      # The user is still logged in
      push @valid_users, $user;
    }
    else {
      #They haven't done anything in 30 minutes, give em the boot
      delete $USERS{$user};
    }
  }
  return @valid_users;
}

This is all untested code so you might have to fix a few things but that gives you the general idea.

I like to use forms and sessions for user auth instead of .htaccess/.htpasswd. I don't like the pop-up box. Check into CGI::Session if you want a more robust way to manage sessions.

~Charlie