when table purge

[jimfog]

I have set up code that whenever I user returns the site a new cookie is created(persistent) and the tokenis stored in the corresponding table in the database. Suppose that someone comes 2-3 times/day in the site,multiply that with number of registered users andthe tables gets written many times,becoming large quickly. SO...how often should I erase table rows you think?Do you think-for example- that from the moment I create a token to the table I should delete the previous one-belonging to the same user obviously? Is there a rule of thumb in this? As a second though, maybe I just need update the token in the place of the previous one

Edited October 10, 2012 by jimfog

[birbal]

are you storing the token in seperate tables (multi platform remember me?) or you are setting the token to coressponding user row.(single platform remember me)? for the first case you will update when user is from same machine (eg detect by ip,browser combination) else add new entry. for the second case update the token everytime

Edited October 10, 2012 by birbal

[jimfog]

I am in the case where I have a separate table for the token/username, as such I will proceed with your recommendation. As a side note-one last simple question-I do not want to open a separate post for it only:Do you think(for whatever the reason) I should also store in the db table the timestamp of when the cookies was set? Do you think is necessary?

[birbal]

you can store that if you want some kind of expiration of token. eg a user makes a login with remember me where your system can remember a user for 7 days. besides of setting 7 day expiring in persistant cookie you are going to need to track the time also to detect if user is using old token (you can also delete old cookies by time which is older than 7 days). you cant trust only cookies.

[birbal]

I am in the case where I have a separate table for the token/username

is that table only stores only token and username? in that case you can move the token to user table. if you want to do multi platform remember me you have to keep track of device specific data (like ip and user agent combo) with token and password in separate table/ without device specific it will be same as single platform remember me.

[jimfog]

Ok then, lastly everything comes doe to this question: Do you think I should use multi-platform functionality?You might say now that this depends on the app.Mine, is a scheduling application, what would you recommend for such an application?

[birbal]

It would not be bad, user can be linked to more than one device. as these days people have more gadgets (mobile ,tabs)to connect with net other than only desktop. user will be able to check,make,manage schedules on the fly. It will also be a good learning experience. cookie based remember me is fine with less sensitive application you can also start with single platform and then extend later to multi platform if your project is time constrained to complete. it will not be that hard to change it later.

Edited October 15, 2012 by birbal