I've got a user login/logout function on a website i'm developing and i'm using the standard php session control functions (session_start() and $_SESSION[] etc)

what I would like is some way of knowing which users are logged in to a session, kind of like the who is online on the front page of zgeek. I want the adminstrators to see a list of all the users and see who is online.

The tricky part is that if the user closes their browser (and thus 'ends' the session) I'd like to know about it. I don't want to simply rely on the user clicking on the logout button because 9 times out of 10 they won't and i'll forever think they're online.

any ideas? (I'm using php and mySQL)

i really dont know too much about it, but in regards to this part:

The tricky part is that if the user closes their browser (and thus 'ends' the session) I'd like to know about it. I don't want to simply rely on the user clicking on the logout button because 9 times out of 10 they won't and i'll forever think they're online.

i believe the only way you could do that to some extent would be to use some kind of session time-out after a certain period of inactivity.

99.9% of web apps have session timeouts, cookie expiries etc. Look at all your internet banking apps as an example. Usually the more users you cater for the shorter the timeout to reduce server load.

You could have an ajax function call made to a function that terminates the session on during the onClose() event if they close the window. Thats probably overkill but it could do the trick if you *have to* have that functionality.

Cheers guys. What i've ended up doing is a bit of a hack, (I was hoping to somehow use the session details stored on the server.)

I've got a file called session.php which is called (included) at the start of every page to authenticate the user. In session.php a field 'lastActivityTimeStamp' of the row corresponding to the user in the user table of the main database gets updated with the current server time. The session cookies are set to expire after 5 min of inactivity, and since every page called will call session.php and thus update the database; all i do to check if users are online is query the user table for users with 'lastActivityTimeStamp' values less than the current time-5minutes.....

(^ I've included the above in case someone else wants to know how I did it)

I had a look ajax function calls, but the added complexity over what I had implemented wasn't worth the benefits.

Did you hack it good?

i hacked it good!