I have a script on top of my protected page which will redirect the user to a certain page if the session has ended!
The problem is, upon logging in, I have updated the user status from Offline to Online. So, my point would be to automatically update their status, that means change from Online to Offline if their session has ended!

I have no idea how that flow will be?
Any guidance?
Thanks...

You would want to create a log_online table or something similar rather than just update one column in a users table.

When a user logs on, you add their user details to the log_online table (user id and time of last activity) then, when you want to see which users are online, you check only for users whose last activity was within the last 10 minutes and remove any other users from the table.

I get the idea, but with the code that I have, where it will clear the user session and force the user to log in back to the system.
That means their status is still "Online" because they have skip the logout page where the system will update their status from "Online" to "Offline" again.



So how about that?

No that's doing exactly what I said not to do

Create an entire new table call it something like log_online with a few columns online_id, user_id, last_activity

When the user logs on, store them in the log_online table to mark to the rest of the site that they are online and everytime the user moves pages, update the last_activity time in this table.

Also, set a session variable to hold the user's last activity time and when they move pages, check it each time to see how long ago they last were active. If it is greater than 10 minutes ago, delete their session and their entry from the log_online table and the re-route them

Wow, that sounds a bit confusing to me! How do you learn that Rakuli
Well let me try squeeze up my brain for that great tips, thanks mate!

LOL - you sort of pick things up and come up with your own ways of doing things...

Once you've made the new table you process would look something like this... I don't know asp very well so I'll just show you the SQL I would use.

User logs in, grab their details:


Store a session variable and now add their details to the new table



Now every time a user moves pages, check how long ago their last activity was (by checking the session variable)

If it was less than the allowed time update the users online table:



And update the session variable with the current time.

If it was a longer time than allowed, delete this record from the table



And destroy their session and send them to the login page.


I you want to have a page or admin view where you see everyone who is online you simply delete all the records that are too old and pull out all of the others



This will mean that if a user simply leaves your site and doesn't visit a page, they will be deleted from the online table when you view who's is on your site.

Wow, I am going to print this page and try to think for a solution back at home, thanks very much mate for the tips.
By the way, I have already leave my ASP world and right now I am in line with all of you guys in PHP

After a brief reading through your idea, I have this issue that I might need to ask you later
Now every time a user moves pages, check how long ago their last activity was (by checking the session variable)

Here is a website tutorial on Online User Counter I found just about the same idea you gave to me
It's in PHP but it what important is the idea... it can easily be converted to any language once you know the method!

Thanks mate..