Paper Trail ("first usage" timestamp for first login (following registration) required)

Hello,
In order to comply with some jurisdictions, I must have a clear "paper trail".

(1) Presenters register at presenters_registration.php which is simply a styled SecurityAssist page where I collect "Basic Login Details" (first, last, username, password)

(2) Since I need further info and a timestamp, then upon success for above, they go to a fuller presenter_switchboard_data_update_initial.php where I collect fuller details addresses, etc. Upon hitting submit I assign them a code based on their name (would be RBO1 for you); and also insert a timestamp into the database to show when this was done.

(3) Above timestamp not really satisfactory, because it is recording when they submitted data, and not when they first logged in to use fuller site.

(4) And now, of course, upon submitting information, and when I send them back to the login page to do a first login for which I can collect a REAL timestamp, security assist is marking them as "already logged in". So these people are not having their sessions cleared and being forced to login all over again, and so that for these first login people, I can then overwrite the above timestamp in (2) for a REAL first timestamp of when they actually logged in for the first time to use the site.

I have tried a variety of strategies, such as creating a dedicated login page JUST for these users, rather than a bunch of if-then statements in the more usual login page, but nothing seems to be working.

Essentially, I need to devise a specific code for every presenter (so a Roy Boulton would now get RBO2); and also log their first entry into the site after having given their information, and to demonstrate (again, required in some legal jurisdictions) their "true consent" by actually using the site.

Could you please advise if I am using the right method? Or else what I need to do to the login page so after people have submitted their data in my above presenter_switchboard_data_update_initial.php page they are forced to login and I can collect the timestamp I require.

I hope I have stated this clearly!!!!

I attach the two pages concerned

Thank you very much,
KAB

Instead of describing the entire application you are building and asking me how to do it (which I'd have to write a book to detail out), please just ask a single question about a single issue where you are getting stuck.

Do you want to know how to clear a session? How to log someone out programmatically? If you want help building the entire thing then we would have to use a premier support ticket. If you can identify the current issue you are having, then I can try to describe how to get past it so you can keep going on your own, but I can't write an entire tutorial for you through the forums.

Hi

I apologise.

I have one small issue.

I need to completely clear a session.

I need a set of logged-in users, whose data has just been inserted into the database, to be forcibly cleared out and taken to the login page so they can login again, and I can record the timestamp. This is only necessary for those specified first time full users. It is not necessary to record timestamp for all.

The "clear session" directive I currently have in place does not seem to clean them out. When those users arrive at the login page, they seem still to be logged in.

I would also prefer not to send them to my actual logout page; I just want them cleared and forced to login for the timestamp.

(I made the mistake of believing I needed to describe the entire operation so you could see what was going on, and so determine the best approach, but I now see that was not necessary).

Thank you.

Thank you.

Hi

If by "How to log someone out programmatically?" you mean the software logs them out without them logging themselves out, then yes please, that is what I want to do.

It is the only wrinkle remaining in what I have successfully built for everything else I require.

Thank you,

Hello,

I have again tried everything I know.

(A)
Clients begin at page1.php attached, which is a perfectly standard SecurityAssist Registration page. That initial login info is placed in the database upon hitting submit.

(B)
They then arrive at page2.php, another perfectly standard WebAssist page that gathers further personal information. This is stored in a database along with a unique code devised for them, along with a timestamp.

(C)
They then arrive at page3.php, a standard SecurityAssist login page.

My problems are now two:
(1) The directives I am giving do not seem to properly log them out so they are forced to relog in. They arrive at that page with a "successful" message.

(2) But unfortunately, as soon as they try moving to any other page, an "invalid=true" message appears in the URL, and clients get stuck in an infinite loop of entering login details which are accepted in that they are sent to my "switchboard" page as per a succesful login; and yet any link they they click or attempt to do anything immediately sends them back to the login page, which continues to mark them as successfully logged in. Thus clients are both logged in and not logged in, and I do not know how to fix this issue.

I hope I have on this occasion been clear. If you require the URLs to the specific pages, they are in the private area.
Thank you.

Give me a call and I can go through this with you. I have a hard time understanding what you are trying to do and why, so I think a phone call is appropriate.

Thank you

Hello,

I wanted to educate myself about the the $_SESSION['insert_check'].session variable you introduced me to. So I wathed the database closely while stepping through the consecutive registration.php, data_update_initial.php, and login.php pages.

The registration.php inserts the login data properly into the database, the ID value being incremented above the current last record.

But hitting the submit button on the update_initial.php that loads next to update the record with further information unfortunately seems to overwrite the ID field with a '0'. I had not noticed this earlier, being simply happy that the pages loaded in the successive way I had wanted. I just resolved to come back and study everything more closely so I could follow the logic.

I am now not sure how to ensure that the correct ID number is preserved.

(There are no $_SESSION['SecurityAssistID'] values on the page, and so no 'double' error or whatever it was that previously arose).

Thank you once again,
KAB

Please attach the update page and I'll take a look at how or why it is updating the session variable.

Thank you.