Sessions

Hi,

My site works on sessions. Currently when a user logs in, I store all
information in a database table. Whenever the user does something, I
check the database to see if the session is active. If so, I update
the date and time and then update the other tables. If the seesion is
not active, I ask him to enter his password again. A cron job runs
every 30 mins to clean up the inactive sessions.

The problem with this approach is that it puts a huge load on the
database server as for every activity I have to check one table and
based on its value, I perform other operations. What could be a more
effective way of handling this ? I cannot rely on the session file
created when I start a session because if a user closes the browser
window without logging out, I should be able to mark that session as
closed.

Thanks
Pankaj

Re: Sessions

On jan. 21, 14:33, Pankaj wrote:
> Hi,
>
> My site works on sessions. Currently when a user logs in, I store all
> information in a database table. Whenever the user does something, I
> check the database to see if the session is active. If so, I update
> the date and time and then update the other tables. If the seesion is
> not active, I ask him to enter his password again. A cron job runs
> every 30 mins to clean up the inactive sessions.
>
> The problem with this approach is that it puts a huge load on the
> database server as for every activity I have to check one table and
> based on its value, I perform other operations. What could be a more
> effective way of handling this ? I cannot rely on the session file
> created when I start a session because if a user closes the browser
> window without logging out, I should be able to mark that session as
> closed.
>
> Thanks
> Pankaj

CREATE TABLE `session` (
id not null auto_increment primary_key,
...
phpsessid ...,
...
login datetime
);

ok... Sry... This is a very stupid sample... I don't know what you
want logging...
And now... If the user visit the site you check `session`.`login`
field.... login-current time... if negative Get her/his password...
And...
session_start();
session_cache_expire(time() + 60 * MINUTE_LIMIT);

I think... nuff sed...

Re: Sessions

On jan. 21, 14:33, Pankaj wrote:
> Hi,
>
> My site works on sessions. Currently when a user logs in, I store all
> information in a database table. Whenever the user does something, I
> check the database to see if the session is active. If so, I update
> the date and time and then update the other tables. If the seesion is
> not active, I ask him to enter his password again. A cron job runs
> every 30 mins to clean up the inactive sessions.
>
> The problem with this approach is that it puts a huge load on the
> database server as for every activity I have to check one table and
> based on its value, I perform other operations. What could be a more
> effective way of handling this ? I cannot rely on the session file
> created when I start a session because if a user closes the browser
> window without logging out, I should be able to mark that session as
> closed.
>
> Thanks
> Pankaj

oh... and... into the table... UID... One User One Sessid... if the
session is... time out...at the next UserLogin... You update her/his
rowin the session table ^_^ is not in this manner duplicating and it
is not necessary to deal with the unnecessary entries very much.

Re: Sessions

>
> oh... and... into the table... UID... One User One Sessid... if the
> session is... time out...at the next UserLogin... You update her/his
> rowin the session table ^_^ is not in this manner duplicating and it
> is not necessary to deal with the unnecessary entries very much.

I still have to update the table everytime I have to perform an
operation any other table. My site typically has 300 users at any
given instance and I need to check and update this table around 300
times in 10 secs before I can work on any other table. This causes an
unnecessary delay and load.

Re: Sessions

On 22 Jan, 06:33, Pankaj wrote:
> > oh... and... into the table... UID... One User One Sessid... if the
> > session is... time out...at the next UserLogin... You update her/his
> > rowin the session table ^_^ is not in this manner duplicating and it
> > is not necessary to deal with the unnecessary entries very much.
>
> I still have to update the table everytime I have to perform an
> operation any other table. My site typically has 300 users at any
> given instance and I need to check and update this table around 300
> times in 10 secs before I can work on any other table. This causes an
> unnecessary delay and load.

That's not a huge amount of traffic - if your DB schema is set up
properly there should be little difference compared with using files
for sessions.

> Whenever the user does something, I
> check the database to see if the session is active. If so, I update
> the date and time and then update the other tables.

If you're using PHP sessions and a database bound session handler....

The session should always be stored at the end of each request - if
you're writing the session data manually for each request then you're
doubling the workload. Also, the session will be loaded automatically
as soon as you call session_start() from your code - if (!
count($_SESSION)) then the user doesn't have a current session - no
need to refer to the database again.

C.

Re: Sessions

Pankaj wrote:
> Hi,
>
> My site works on sessions. Currently when a user logs in, I store all
> information in a database table. Whenever the user does something, I
> check the database to see if the session is active. If so, I update
> the date and time and then update the other tables. If the seesion is
> not active, I ask him to enter his password again. A cron job runs
> every 30 mins to clean up the inactive sessions.
>
> The problem with this approach is that it puts a huge load on the
> database server as for every activity I have to check one table and
> based on its value, I perform other operations. What could be a more
> effective way of handling this ? I cannot rely on the session file
> created when I start a session because if a user closes the browser
> window without logging out, I should be able to mark that session as
> closed.
>
> Thanks
> Pankaj
>

I still don't understand why you're going through all this trouble. Why
aren't you just storing the data in the session itself? That's what
it's there for.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Re: Sessions

Jerry Stuckle wrote:
> Pankaj wrote:
>
>> I cannot rely on the session file created when I start a session
>> because if a user closes the browser window without logging out, I
>> should be able to mark that session as closed.
>
> I still don't understand why you're going through all this trouble. Why
> aren't you just storing the data in the session itself? That's what
> it's there for.

Indeed. PHP tidies up session files after a specified period of inactivity
in much the same way as he's described his own code doing.

--
Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 23 days, 21:19.]

CSS to HTML Compiler
http://tobyinkster.co.uk/blog/2008/01/22/css-compile/