All geek questions in one place

Find the number of open sessions

I am looking for a simple (without a database) method for listing the number of users on a site. The easiest way I can come up with is to count the number of open sessions.

This code should work:

$number_of_users = count(scandir(ini_get("session.save_path")));

Of course, this is not due to security restrictions in this directory (as it should be!). Does anyone know another way to access this number without changing directory permissions.

Note. I am looking for an option that does not include databases or reduces security in PHP sessions.

Note: . For those who come up with this question, I ended up using cronjob (works every minute) from the root, which did something similar to:

ls /var/lib/php5/ | wc -l > /var/www/sessioncount

Make sure the file /var/www/sessioncountis read by the apache user. Then you can just read the file in PHP:

$number_of_users = file_get_contents("/var/www/sessioncount");
+3
source share
4 answers

In this case, Easy does not mean the absence of a database. Also relying on a session to see how many users are active is not reliable.

If you want to go this route, you can do a cronjob, which is started by a safe process every few minutes, and saves this account to a file or db that PHP reads.

But I recommend switching to the database route.

+4
source 
<?
// you must set your own accessible session path atop every page.
session_save_path("/home/some/other/location/"); # SECURITY VIOLATION!!!
session_start();

function session_count() {
  $filter = "sess_";
  $files = scandir(session_save_path());
  $count = 0;
  foreach ($files as $file) {
    if(strpos($file,$filter)===0) {
      $count += 1;
    }
  }
  return $count;
}

echo session_count();
?>
+5
source

- , . . PHP GD.

-, , - :

mkdir liveusers

PHP script ( vlive.php, ) (, * nix, system(), passthru() exec (), ). , , IP + SessionID concat'd :

<?php 
exec("touch ". $_SERVER['DOCUMENT_ROOT']."/liveusers/". md5($_SERVER['REMOTE_ADDR'].session_id())); /* SECURITY RISK */

JPEG, (). 1x1 pixel.jpg - /images/directory, - :

$NewImage = imagecreatefromjpeg($_SERVER['DOCUMENT_ROOT']. "/images/pixel.jpg");
header("Content-type: image/jpeg");
imagejpeg($NewImage);
?>

PHP, HTML-, :

<img src="/vlive.php" alt="Imagination!" />

PHP , . , "" .

, , , , , touch, , , .

:

PHP script ( readvlive.php):

<?php 
$livenum = system("find ".$_SERVER['DOCUMENT_ROOT']."/liveusers/ -type f -amin +10 | wc -l");
echo "Live Visitors: ". $livenum;
?>

HTML-, :

<?php include($_SERVER['DOCUMENT_ROOT']. "/readvlive.php"); ?>

, , , 10 . ...

, , , , . PrototypeJS (Google it), AJAX, <head></head>

<script src="/js/prototype.js" type="text/javascript"></script>

</body>.

<span id="live_users_count">&nbsp;</span>


<script type="text/javascript">
    <!--
    Event.observe(window, 'load', function() {
        if($('live_users_count')) {
            new Ajax.Updater('live_users_count','/readvlive.php'); 
        }
   }
-->
</script>

.. . , find, APC - . APC 3.1.4:

<?php
if(apc_exists('livenum')){
    $livenum = apc_fetch('livenum');echo $livenum;
} else {
    $livenum = system("find ".$_SERVER['DOCUMENT_ROOT']."/liveusers/ -type f -amin +10 | wc -l");
    apc_add('livenum',$livenum,30); 
}
?>

APC 3.0.13 :

<?php
if($livenum = apc_fetch('livenum')){
    echo $livenum;
} else {
    $livenum = system("find ".$_SERVER['DOCUMENT_ROOT']."/liveusers/ -type f -amin +10 | wc -l");
    apc_add('livenum',$livenum,30); 
}
?>

APC 30 , 10 , find . .: P

crontab..

script (/root/deloverhead.sh):

#!/bin/sh
find "/path/to/liveusers/ -type f -amin +60 -exec rm {} \;

Crontab (every hour):

0 * * * * /root/deloverhead.sh >/dev/null 2>&1

Have fun, sorry, I can explain things weird .: P

+2
source

You cannot access this directory from a PHP script without creating a security risk.

The easiest way to achieve what you want is to use a database. Just save the ip and timestamp, and then SELECT based on the timestamp to get the number of active users on your website.

0
source

Source: https://habr.com/ru/post/1705300/

More articles:


All Articles