You could put the code to update the session on every page plus a time stamp and if the user has not been active for lets say 15 mins their session would be removed form the DB table.
Mike
yea i have been studying how i could adapt this tutorial to security assist and also to make it work with a cronjob
whois-online.php
if i ever get it done and have some extra time ill post the how to do it