Yii Framework Forum: inject session data - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

inject session data or how to gently kick a logged-in user Rate Topic: -----

#1 User is offline   Raoul 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 643
  • Joined: 29-November 08
  • Location:Paris, France

Posted 10 October 2009 - 09:29 AM

Hi,
I'm trying to do the following : let's say that a logged-in admin user wants to force another logged-in user to logout out imediatly (kick him). The admin is not a rude person, and he would like to inform the kicked-user why he was kicked.
What would be the best solution to implement this 'polite kick' feature ?

I could implement the 'kick' part with no problem :
  • add a user_id column in the session table
  • select the correct row and just delete it from de session table : user will be logged-off !


My problem is with the 'gentle' part, or in other words, how to set a flash message to the kicked user ? Is it possible to inject a flash message directly into the session row of the user to be kicked ? I tried to decode/unserialize session data read from the session table, modify and update them, but up to now with no success...
Any idea is welcome.
Thanks

B)
0

#2 User is offline   Backslider 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 363
  • Joined: 23-July 09

Posted 10 October 2009 - 07:56 PM

I created a messaging system for a site and just used thickbox to pop up a message if the user had a new message. This is quite simple to implement.
We were all once expert at....... nothing.

yii-language-behavior

My Blog
0

#3 User is offline   manilodisan 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 80
  • Joined: 17-September 09
  • Location:Bucharest

Posted 11 October 2009 - 12:06 AM

Quote

# select the correct row and just delete it from de session table : user will be logged-off !


User will not be logged out, the session is recreated. See: http://www.yiiframew...l-user-session/

Quote

I created a messaging system for a site and just used thickbox to pop up a message if the user had a new message. This is quite simple to implement.


The user is no longer on site since it should be logged out so no messsages on a missing user_id. The answer is using a method which triggers the logout (we haven't figured out a way to kick a specific member out yet) and, after kicking him out assigning him a flash message. I'm not sure either if you can assign flash message to a given session id but this could be a very good implementation as it's obvious that is needed since we're two already just today asking the same question.
0

#4 User is offline   Backslider 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 363
  • Joined: 23-July 09

Posted 11 October 2009 - 12:27 AM

So, why not give the user his message and during that process use:

Yii::app()->user->logout();


Why make such a simple process complex?
We were all once expert at....... nothing.

yii-language-behavior

My Blog
0

#5 User is offline   Raoul 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 643
  • Joined: 29-November 08
  • Location:Paris, France

Posted 11 October 2009 - 04:47 AM

@Backslider : yes, this is a solution I thought about, but in my case, implemeting such a system only to be able to handle the "you've been kicked message" is too much. This would imply to create something like a system_message table , not refering to user by their id, but to logged-in users by their session id ...

Quote

So, why not give the user his message and during that process use:
Yii::app()->user->logout()
Why make such a simple process complex?


By doing so, you would not disconnect the kicked user, but the admin user who is performing the action.

@manilodisan : I read your post and I don't know what's the problem but I can garantee you that when I delete the session row for a logged-in user, this user is immediatly logged off. The session is recreated, but as a not-logged-in user. Here is how I initialize the session component :

		'session' => array(
		    'class'=>'CDbHttpSession',
		    'sessionTableName' => 'sessions',
		    'timeout' => 86400,
		    'connectionID' => 'db',
		    'cookieMode' => 'only',
		),


I've created a AR for the session table and a crud (thanks to yiic) to be able to manipulate sessions ... but still can't figure out how to modify these session data.
8)
0

#6 User is online   tri 

  • Elite Member
  • Yii
  • Group: Moderators
  • Posts: 1,651
  • Joined: 20-November 08
  • Location:Stockholm, Sweden

Posted 11 October 2009 - 06:50 AM

View PostRaoul, on 11 October 2009 - 04:47 AM, said:

...
I've created a AR for the session table and a crud (thanks to yiic) to be able to manipulate sessions ... but still can't figure out how to modify these session data.
8)


Reading this thread I had a thought about extending writeSession() and readSession() for storing custom fields like message (or message FK) and "logout pending". I the latter is set, display the message and kick out the user. Don't know if it's doable.

/Tommy
Don't forget to read The Definitive Guide to Yii (en) (sv) | The class reference has the details
0

#7 User is offline   Backslider 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 363
  • Joined: 23-July 09

Posted 11 October 2009 - 12:03 PM

View PostRaoul, on 11 October 2009 - 04:47 AM, said:

By doing so, you would not disconnect the kicked user, but the admin user who is performing the action.


No, it would not if done correctly.

I would create a table for the admin action, then on the user side check that table. If the user_id is in the table, then perform the message/kick action for the user. Again, very simple. Why is that "too much"?
We were all once expert at....... nothing.

yii-language-behavior

My Blog
0

#8 User is offline   Raoul 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 643
  • Joined: 29-November 08
  • Location:Paris, France

Posted 11 October 2009 - 05:14 PM

Hi Backslider,
you're right, I would do the same, and eventually I will.
My question was more some kind of technical curiosity : if it would be possible to modify DB session data for any user so the user gets logged-off with a flash message, then no need for additional table. I mean session data are here, in the DB session table !! ... if only I could use them !;)
Maybe I'm wrong, but if so, I'm interested to know why.
8)
0

#9 User is offline   manilodisan 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 80
  • Joined: 17-September 09
  • Location:Bucharest

Posted 11 October 2009 - 07:23 PM

Quote

I would create a table for the admin action, then on the user side check that table. If the user_id is in the table, then perform the message/kick action for the user. Again, very simple. Why is that "too much"?
Create a table when we have a sessions table for that? This adds one extra query to look up for an action which is only there very rarely (when the user is kicked by admin). The query is performed in the sessions table so you only need to look for a hook and if it's present, log the member out.

I'm extending CDbHttpSession with a new class, added a row in the session's table called 'killed' which gets the value of 1 when the admin kills a user session and, on the writeSession function of CDbHttpSession I select the killed value as well. If it's 1 I log the member out calling Yii::app ()->user->logout (). So far so good, it doesn't works. I can't find a way to log a member out.

If any of you had any luck please post updates.
0

#10 User is offline   Backslider 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 363
  • Joined: 23-July 09

Posted 11 October 2009 - 09:47 PM

View Postmanilodisan, on 11 October 2009 - 07:23 PM, said:

This adds one extra query to look up for an action which is only there very rarely (when the user is kicked by admin). The query is performed in the sessions table so you only need to look for a hook and if it's present, log the member out.


There is no "extra query". We place the hook in our new table (or your sessions table if you are needlessly querying that with every page). If the hook is there, log the user out with a redirect to your message page (if you like).
We were all once expert at....... nothing.

yii-language-behavior

My Blog
0

#11 User is offline   Raoul 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 643
  • Joined: 29-November 08
  • Location:Paris, France

Posted 12 October 2009 - 02:38 AM

View Postmanilodisan, on 11 October 2009 - 07:23 PM, said:

I'm extending CDbHttpSession with a new class, added a row in the session's table called 'killed' which gets the value of 1 when the admin kills a user session and, on the writeSession function of CDbHttpSession I select the killed value as well. If it's 1 I log the member out calling Yii::app ()->user->logout (). So far so good, it doesn't works. I can't find a way to log a member out.
If any of you had any luck please post updates.


I've added a user_id FK to session table and create an AR for session. Admin can get a list of all logged-in user, and to kick one of them, just delete his row in the session table : user is kicked ! ... but of course in this scenario, no flash message can be sent to the kicked user as the session is deleted...so the problem remains :(

8)
0

#12 User is online   tri 

  • Elite Member
  • Yii
  • Group: Moderators
  • Posts: 1,651
  • Joined: 20-November 08
  • Location:Stockholm, Sweden

Posted 12 October 2009 - 06:38 AM

View PostRaoul, on 12 October 2009 - 02:38 AM, said:

I've added a user_id FK to session table and create an AR for session. Admin can get a list of all logged-in user, and to kick one of them, just delete his row in the session table : user is kicked ! ... but of course in this scenario, no flash message can be sent to the kicked user as the session is deleted...so the problem remains :(

8)


Are we talking about flash message followed by immediate "logout", postponed to the next request from the user in question?

/Tommy
Don't forget to read The Definitive Guide to Yii (en) (sv) | The class reference has the details
0

#13 User is offline   Raoul 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 643
  • Joined: 29-November 08
  • Location:Paris, France

Posted 12 October 2009 - 10:55 AM

View Posttri, on 12 October 2009 - 06:38 AM, said:

Are we talking about flash message followed by immediate "logout", postponed to the next request from the user in question?

/Tommy


yes, the logout would have to be initiated by (let's say) an admin user who wants to kick a logged-in user. The kicked user could see a flash message telling him/her why he/she was kicked.

8)
0

#14 User is online   tri 

  • Elite Member
  • Yii
  • Group: Moderators
  • Posts: 1,651
  • Joined: 20-November 08
  • Location:Stockholm, Sweden

Posted 12 October 2009 - 12:03 PM

View PostRaoul, on 12 October 2009 - 10:55 AM, said:

yes, the logout would have to be initiated by (let's say) an admin user who wants to kick a logged-in user. The kicked user could see a flash message telling him/her why he/she was kicked.

8)


I still don't understand the problem. If the "logout pending" is conveyed (e.g. in an extended db session) to the next user request I guess it shouldn't be any problem to show the message and call logout() or delete the session record. The user may have to resend the request (I don't know).

/Tommy
Don't forget to read The Definitive Guide to Yii (en) (sv) | The class reference has the details
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users