Ask Apache if a session still exists, from an ID

Question

I would like to know how to check if an PHP session is still alive, thanks to a given ID. That or anything which could give me access to the active session's list.

I have found some related information on the internet, but couldn't really get a proper answer.

To tell you a bit about the background, I am writing a website which allows users to modify content (let's say articles, for instance). And since I don't want them to modify the same resource at the same time, I had to think about a protection's system.

So the idea was that each opened resource would be locked and associated with a session ID. When finished, the user would free it. But of course nothing prevents him from just closing the window, letting the content locked in writing.

Therefore I have to be able to check if a session is still alive, and if a lock is still legitimate.

Answer 1

There's a pretty simple solution for your problem:

When opening the page, store the userid and the current timestamp in some columns used for locking the element. On the page, include some JavaScript to call some script every minute that updates the timestamp - so as long as the user is on this page the timestamp will never be older than 1 minute. Simply prevent other people from editing the same element unless the timestamp is older than 1 minute (and a few seconds).