Timing a session

[John Fligg]

I have a User table so when someone logs on we know about it as the table is accessed to get the password etc. So we know the time they logged in.

If there is a logout button and they press it we can record the time they logged out.

But what if they just turn their device off? Our code is never actioned.

Is there a way of detecting that the session has finished so whatever (whether they logout manually) or turn off the power we can record the time the session ended?

I am assuming there is a session variable I can use somehow.

Reason for this - well just realised what I to stop someone giving away their login id and have 10 people in a company accessing the system and cloclking up page fecthes. We are charging per login id to ocver our bandiwdth costs per user. So if they give away their login details and 10 people access the system this means potentially the bandwidth has been multiplied by 10 but we are only getting one fee.

So I had thought about monitoring the time they use the system and base the access to a "fair monthly usage". But to do that I must be able to check the time logged on (no problem) and the time logged out however they do that.

Thanks

John

[ccordes]

You can try putting code in the Delete Session method of the Web handler
Before the session is deleted, you can get the user id and do whatever updates you need to.
use self.gsv('whatever') instead of p_web.gsv before the parent call.
This method is called when the session times out so even is they walk away, you can mark the session closed by time-out.

HTH
chris

[John Fligg]

Thank you. That is very much what I was thinking.

John

[Bruce]

bear in mind that you bandwidth is measured in pennies per _gigabyte_.
(22c per gig on Rackspace's current plan). Thus 1 user, 10 users, whatever you charge them will be _way_ more than your bandwidth costs (unless you are serving video, or MP3's or something).

Ultimately, yes, you can log the number of page views a user requests (much better than measuring "time") but if your bandwidth costs are not a tiny, tiny fraction of your income then you're just charging way too little.

cheers
Bruce

[John Fligg]

Yes thinking of $35 a month but starting at $20. Just wanted to make sure that if I had someone with 20 employees with one user buying an ID and sharing it 19 times we were not going to get hammered with a lot more bandwidth than planned for.

But my application is pretty simple. Currently just forms with no images.

John

[kevin plummer]

I think when the user logged in I would want to make sure that user was not already logged in with a different session id.

[Bruce]

Hi John,

ok, let's assume 50K per pageview. That's a complete thumbsuck number, but it'll do for now. So that's 200 per meg, 200 000 page viiews per gig. That's about Spread over a month that's about 6500 page views per day. About 4.5 per minute. Of every single minute. For the whole month.

That'll run you 22c. Let's bump that up to 22 per minute - or one every 3 seconds. Day and night. That's less than a buck.If you get the _odd_ user doing this I'd be surprised. Spread over a few hundred users, it's a complete non-issue.

So I think your original concern of a business spreading it around their employees is somewhat unwarranted.

>> I think when the user logged in I would want to make sure that user was not already logged in with a different session id.

There are times when logging in, as the same user, from multiple browsers, at the same time, can be really useful - so be careful of making assumptions here.

If this is really a big deal then just make the experience more "personalised". For example recording the name of the person in places where they can see it etc.

From a pricing point of view you can make it attractive - say $35 for the first user, $9 for each user, at the same company, after that.

Cheers
Bruce

[John Fligg]

<vbg> I called Rackspace and they told me to work it at 50k per page also so I came to the same conclusions.

Also I am stamping the login id into every record so at some stage in the future, if they just want to see thir records ina  multi user setup i can filter browses etc.

[ccordes]

I watch the logout vs timeout because my clients want to know what their people are doing and how they leave. Mostly logging without having to decipher log entries.