I need to write a script that enables me to monitor the length of time a user is online. For example, that user has 10 hrs worth of access, I then need to monitor all his access times and compute for the number of hours/minutes left before I freeze his account... or until he makes a "reload" to earn new hrs of credit.
I make use of CGI::Session to maintain "state" for any transactions. As the user clicks from one link to another, I monitor the time interval in-between each clicks and decrements the user's no. of hours available accordingly.
However, if for some reasons the user simply closes the browser after "n" minutes from the last click, I have no way of finding out the "n" minutes, therefore I can't update the "user's no. of hours available."
How should I address this problem? Users might intentionally terminate their sessions without logging-off... simply to cheat.
I was thinking of using a variable in my session that expires after "10 mins" for example. As the user makes his next log-in, I could check for the presence of an orphan session. If I can find one, I could then decrement the "user's no. of hours" by 10 mins automatically, ... then delete this orphan session, ... then finally start a new session.
Is that going to be fair? If the session is illegally terminated less than "10 mins", he would be charged automatically for "10 mins" which is a bit unfair. However, If a session is illegally terminated greater than 10 mins (let's say 15 mins), he is only charged for 10 mins worth.
In reply to How should a timed session be implemented? by soon_j
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |