Piyush Gupta
2006-Dec-13 14:30 UTC
hi friends i had a serious issue for my project actualy as u
hi friends i had a serious issue for my project actualy as u all know whenever we login a entry is added in the sessions tableof our database and it re3amins there till we log off but in case the user clicks the close icon nof the browser (eg, IE or mozilla )then in that case the session entry reamins intact my issue was to delete the entry in either case whether the browser is closed or the user logs off or to delete the entry when the user types the url again, the session entry should get regenerated if u have the solution to my query plz do help me and mail me at mba.piyushgupts-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org i am eagerly waiting ur reply -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Max Muermann
2006-Dec-13 22:45 UTC
Re: hi friends i had a serious issue for my project actualy as u
On 12/14/06, Piyush Gupta <rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> > hi friends i had a serious issue for my project actualy as u all know > whenever we login a entry is added in the sessions tableof our database > and it re3amins there till we log off > > but in case the user clicks the close icon nof the browser (eg, IE or > mozilla )then in that case the session entry reamins intact > > my issue was to delete the entry in either case whether the browser is > closed or the user logs off >You can''t do that. Http is a stateless protocol - there is no durable connection between the browser and the server. You cannot tell the difference between the browser being closed and reopened, or the network connection dropping out for a while, or the user simply waiting a long time between requests. That''s what a session timeout is for. Normally, you will set the timeout to some value that makes sense to your business (shorter timeouts for things like online banking, longer timeouts for less critical things). You need to educate your users to use the logout button if they do not want to be exposed to security risks through session hijacking. But, again, you cannot detect when a user closes the browser. That said, you can set your session timeout to a very short value (say 3 minutes or so) and add some javascript to all your html pages that issues a "keep-alive" request to the server every minute or two (via XmlHttpRequest). This way, the session will stay alive as long as the user has a) a working network connection and b) javascript enabled in the browser. This is an ugly hack though, which I would not recommend. Sounds to me like your requirements have been written by business people without a working understanding of web technology. It''s your job to educate them ;) Cheers, Max> or to delete the entry when the user types the url again, the session > entry should get regenerated > > if u have the solution to my query plz do help me and mail me at > mba.piyushgupts-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org > > i am eagerly waiting ur reply > > -- > Posted via http://www.ruby-forum.com/. > > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---