Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Re: delete users

by DaWolf (Curate)
on Dec 06, 2004 at 12:18 UTC ( #412633=note: print w/replies, xml ) Need Help??

in reply to delete users


This looks as a flat text file to me, so I don't know if I exactly understood your question, but I really wanna help you, so let's start.

If you were just representing a database, this would be easy, just do a simple SQL query:

DELETE FROM your_table_name WHERE USERNAME = 'desired_user';

If I was right at the first time and you just use a flat text file, take a look at Deleting a line out of text file for a start. That sould guide you fine.

For your second question the answer is a little bit longer:

Since your developing a system that has a web interface, a problem arise:

What if the user just close the browser (by pressing ALT F4 or just clicking on that dreaded top right 'X' ;))? Since it's a hard thing to trigger an event when the user does this (I won't expand too much here since this is more a JavaScript thing) the user session (assuming that there is one) would remain opened and this is a security breach.

So, the solution I've found out (and IMHO is the most used out there) is to do the following:

  1. When the user logs in store his session id and the current date and time on the database (or flat file).
  2. Each and every page entered by the user should do a check if the user data exists and update the database updating the date and time.
  3. Run a cron job that checks every XX minutes if the date and time of the user session is active and if is not (his date and time are over the XX minutes interval) delete his data from the db. So, the next page will see that the user data doesn't exist anymore and will redirect the user to (probably) the login page, so he starts the process all over again.

Your logout routine (for the logout link) should just destroy the user session and delete his data from the database.

There are a lot of issues on this question, but I hope I helped a little. Feel free to contact me if you have any questions.

Best regards,

Replies are listed 'Best First'.
Re^2: delete users
by bradcathey (Prior) on Dec 06, 2004 at 13:13 UTC

    Another way to handle the logging in and out is by setting a cookie:

    1. When the user logs in, use CGI to write a cookie containing their user name, possibly a code for their priviledges, and then an expire time.
    2. Each time you return to a server-side script, check the cookie. If it has expired, route them to the log in screen. If it has not expired, reset it and send them on their way.
    3. When they voluntarily log out, set the cookie's expire time to zero and return them to the log-in screen.

    It boils down to what you are most comfortable with, though the DB method has the advantage of allowing you to know who is logged on at any one time.

    "Don't ever take a fence down until you know the reason it was put up." G. K. Chesterton

        True facts. But usually log-in/out scenerios used are in a controlled environment, and it can simply be stated that for access to the system, cookies must be enabled (like so many websites). In fact, there are lots of sites that don't work properly, be it good or bad, with Java-the-Script turned off.

        I would like to see your commands for the cron job. Thanks.

        "Don't ever take a fence down until you know the reason it was put up." G. K. Chesterton

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://412633]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (6)
As of 2021-04-14 12:19 GMT
Find Nodes?
    Voting Booth?

    No recent polls found