why am i still signed on?

[jpianoflorida]

hey nils..this is no big deal, just curious.

if i don't "logout", then many times even if I turn my computer off, and then turn it back on the next day, I find that i'm still "signed in" to piano street forum.    How does that happen?   I would think that signing off the internet would cut me of the forum.   Just curious.

[ihatepop]

Did you press 'remember me' when you signed in in the first place?

ihatepop

[jpianoflorida]

no..    how are you ilovepopandallkindsofmusic? lol

[ihatepop]

no..    how are you ilovepopandallkindsofmusic? lol

er...

Anyway, maybe this forum has a special function to enable you to remain logged in to the forum unless you sign out before shutting down.

BTW, I'm pretty glad with that. I'm not that worried about my account as I'm the only one who uses the computer at my home, anyway. My father has a notebook.

ihatepop

(My username 'ihatepop' only means that I don't like pop. Ok, so maybe I should'nt have picked that as a username, but that was the only thing that I could think of)

[jpianoflorida]

er...

Anyway, maybe this forum has a special function to enable you to remain logged in to the forum unless you sign out before shutting down.

BTW, I'm pretty glad with that. I'm not that worried about my account as I'm the only one who uses the computer at my home, anyway. My father has a notebook.

ihatepop

(My username 'ihatepop' only means that I don't like pop. Ok, so maybe I should'nt have picked that as a username, but that was the only thing that I could think of)

I just like joking with you..i hope you know that...I don't mean anything by it.   I'm always laughing when i joke with you about your user name.        by the way, didn't you make a trip to China? how was it?

[ihatepop]

by the way, didn't you make a trip to China? how was it?

er...could we discuss this in PM?

ihatepop

[preludium]

The forum software seems to use cookies to identify your logged in state. If you don't log off then the cookie isn't deleted and your browser sends it back to the server even after your computer is rebooted, because browsers keep cookies in a cache on the harddisk. The server would then recognize you as being logged in, in fact it wouldn't even have a chance to find out that your computer was switched off in between. Depending on the type and version of the browser you use there should be an option to delete cookies when you close the browser window.

Even if the forum software uses sessions (a kind of server side cookies, which should expire after some time) a cookie is required to match the session variable with your login data saved on the server, so deleting the cookies should help in this case as well.

[jpianoflorida]

thanks....here's the weird part, I will sign off on my computer in the studio.  Shut that computer down.     THen I sign on , on my computer in my house...that's when I find I'm still logged in.   It's not a big deal..and I really dont' care, I'm just trying to figure out some of this techical stuff! lol

[preludium]

Ok, that's a different thing. I suppose you see your user id as logged in but a "Welcome, Guest" at the top. This even happens if you used the logout button. The forum software seems to cache some information to reduce the stress on the underlying database. It synchronizes with the database later, which may look like a logout has no effect. It shouldn't be possible to post a message until you login again though, otherwise this would be a security issue.

If you visit the site after having logged off or with a different browser / a different computer then there is no way for the server to identify you. It just can't find out whether you're jpianoflorida or not, since the browser doesn't supply the session id or the cookie(s) required. If you logged off before, the login cache might not have been synchronized yet, so your user id is displayed as "online", but that's only a cosmetic thing and will change if you wait a bit longer. On the other hand, if you didn't log off then the server thinks you're still online and doesn't have anything to synchronize. There should be a timeout for this situation but I reckon it's quite long.

So to sum this up, the question should be whether you can post from a different machine or a different browser without logging in when you didn't log off on another one. This would be a security leak and should be handled by the administration. Anything else is due either a to performance optimization on the server or to the restrictions of the HTTP protocol, which doesn't allow the server to know that you closed the browser window without having logged off explicitely.