Locking records in use from other users

[eluser]JoostV[/eluser]
Hi all,

I am developing a multi-user backend. When a user is working on a record, this record has to be locked to all other users, so their modifications do not overwrite one another. Of course, once the user has saved his modification, the record has to be unlocked again.

What is the best way to go about this?

I was thinking of using the session table for this. All users are logged in and their $_SESSION content is kept in the session database.
1. Store the record that every user is working on in the session database.
2. On every page load, retrieve the IDs for all records in use from the session database.
3. Deny editing access to the editing page for these records.

The application will be used by no more than 15 concurrent users.

Somehow, I have the feeling this solution is too complex. Any suggestions?

[eluser]edhrx[/eluser]
@joostv

This is something I tried in the past

I have table called record_buffer, with a load of fields in but the interesting fields
are form_id, record_id, uid, posted, is_free


When creating/editing a record a search is made in record_buffer for the record_id where the posted flag = 1..its being edited. This gives the user feed back with a message that
'Joe Bloggs is currently editing the record'

If the posted flag = 0 then it is a stale record.


When creating/editing a record a unique form_id is a hidden field and a record is made in record_buffer ( a stale record can be reused so the table won't grow a great deal). The form_id, uid, timestamp is saved and posted set to 1

Before saving we recheck the posted flag to prevent the user from saving twice.
We can do this because the posted flag is 0 for that form_id following a post


After saving the record the post flag is set to 0.

Thats the basics of how it worked

Ed.

[eluser]garymardell[/eluser]
What happens if someone starts to edit the file but then just closes the window? Will the record_buffer still exist.

[eluser]JoostV[/eluser]
@Ed,

Thanks for your quick reply.

So if I get this right:
1. You have an entry in record_buffer for every record ever created.
2. For every record, posted tells us if it is free for editing.
Might be a good idea to have a seperate table for this, instead of abusing the session table for it.

I am curious about what your solution was for:

1. What happens if a user logs out or closes his browser without saving? Wouldn't the value for posted still be 1, so nobody can edit this record anymore? Or do you also check elapsed time against the timestamp for this record in record_buffer?

2. Wouldn't it be more efficient to only keep records in record_buffer for records which are actually being edited and deleting them after saving instead of setting posted to 0? Or am I missing something?

[eluser]adamp1[/eluser]
I would go for an expire thing, and then maybe have a JS function which runs after the expired time to show them the page has gone out of date. Like banks do when using their online features.

[eluser]edhrx[/eluser]
@joostv

The app I was writing was quite active could have 500 - 2000 edits a day. I agree that we could have just deleted the records from the record_buffer but I wanted to contain the table growth. When I monitored the number of records in the record_buffer it never went above 50 as the stale records were being reused.

I was also using the obsession lib from the wiki so the session data was saved in a table. This allowed me to use the knowledge of a session which had a record_locked to 'guess' if it really was locked..ie someone was really editing it.

Ed.

[eluser]JoostV[/eluser]
@edhrx

Makes sense. Thanks.