Sometimes it would be nice to know who is actively logged into your Xinet Portal Server. Unfortunately there is not a current tool offered to retrieve this information...until now!

Using a simple php script it's actually possible to scrape the current php sessions that have been created and obtain a list of users that have active php sessions in Portal.

A little background on this....

On Portal servers php stores it session data inside of th session directory /tmp, this is specified by the session.save_path ini variable. All session files start with the prefix "sess_". Inside of a session file you will find a plethora of serialized text data, that php is managing with its session functions. Although this serialized information is highly unreadable, is is still possible to pick some key data out of it, without needing to go through a deserialization process.

So basically for each user logged in via Portal, a corresponding session file will be created inside of the /tmp directory. Contained within this file will be useful information including the username. So at this point all we need to to is create a php script that will read all the php session files located on the server and displays the count of usernames that it finds!

php code that does this looks like the following:

<?php

//create an empty array to house our users in
$users = array();


//loop through all of the sesssion files found in the php session temporary directory
foreach(glob('/tmp/sess_*') as $session_file){

    //get the contents of the sessions as a string
    $session_data = file_get_contents($session_file);
    
    //with a regex mine out the username contained within the session data
    preg_match('/USERNAME.*?"(.*?)";/', $session_data, $matches);

   //get the matched pattern out of the first grouping of the pattern
    $session_user = $matches[1];

   //if the found value is not empty then create the key for the array and/or increment the user count (users can be logged in multiple times)
    if ($session_user) $users[$session_user]++;
  }

//now that we have done the heavy lifting proceed to display the result with a simple foreach iteration over the users array that we have populated...

?>

<H1>Active Portal User Sessions</H1>

<UL>

<?php foreach($users as $username=>$count): ?>
<LI><?= $username ?>(<?= $count ?>)</LI>
<?php endforeach; ?>

</UL>

If You install this php code on your Portal Server you would get the following output.

This successfully displays all users currently logged into the Portal server.

As you can see, inspecting php sessions is a very useful technique for finding Xinet Portal user information, and using this technique it is possible to provide enhanced user tracking functionality.