How to push a notification to an online web application user? [closed]

Question

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 9 years ago.

Improve this question

I'm working on a college project where I have to made a chat that contains invitation options with ACCEPT/REJECT between registered users only. If an invitation is accepted, then open the chat otherwise send a message to the sender.

I've completed the whole project except this invitation option. I know that I can use COOKIE for this (with setInterval), but I need something more secure idea to do this.

In my current PHP invite function, (for example: invitation sender: a@a.com, invitation for: b@b.com) I used to verify the b@b.com user (registered or not) and send back the JSON with verification. If user is registered, then open a chatbox on self-end only (a@a.com) and can send message to b@b.com. The b@b.com user will only gets these message when it opens the chatbox with invitation sender : b@b.com, for: a@a.com.

I have no idea to how to send an invitation directly to b@b.com with option and get back the clicked event (accept/reject) to `a@a.com.

Currently there is a single idea in my mind: cookie with setInterval. But there is a demerit of this idea is, both users page continuously checks the cookie, it means more load on bandwidth and more process on user-end and most of all, it's not secure. And I'm already user 3 setInterval functions into my project : status check, new msgs check and chat options.

So, can anybody suggest a better approach?

Answer 1

This is rather a broad question, but I'll try to offer some basic design guidance. I expect that a user will enter their email address and the email address of the other person, and click on a "log on" button.

What happens next depends on your design, but this is what I would do. This involves AJAX operations, which is fine for the purpose.

1. The details are submitted to the server, and a row in a user table is created. The user gets an ordinary session cookie by default, so you just need session_start at the start of each page. A row in a conversations table is also created.
2. We'll assume that the user is now in a connected but not chatting state.
3. Using jQuery or similar, a call is made periodically to the server to see if the application status from their side needs updating. To start with, this will determine whether the other user is available. Let's say this call is made every 10 seconds, to avoid excessive load, and every time a call is made, the user table is updated with a last_seen_at timestamp.
4. You run a script on your server that examines live conversation rows and sees if both parties are online. If they are, and the conversation is not marked as started, then update the row and then notify the users when they next request an update.
5. When your browser application receives a notification of some kind (in the reply to a periodic AJAX request) it will need to redraw its screen. The life-cycle is: start -> log-on -> waiting -> chat -> log-off. You'll need to work on the JavaScript to do this.
6. Some of the fields in my suggested table structure below are used to capture the state of the chat, so your PHP application doesn't have to remember things itself. For example if conversation.accepted_by_user_id is null, the conversation is waiting for the second user to accept the chat request. If message.received_at is populated but message.sent_at is null, it means the message needs to be transmitted to the second user when they next send an update request.
7. Where users or conversations get too old, they can either be marked as stale or deleted entirely.

Side note: we have made no attempt to check that the users own the email addresses they have specified, or whether they even exist. But, for the most part, it doesn't matter - all we need is for the two parties to have a unique string that they can both remember.

Suggested tables:

user (
    id (pk) int,
    email varchar, // user's email address
    email_to varchar, // the email address of who they wish to chat to
    session_id varchar,
    last_seen_at timestamp
)
conversation (
    id (pk) int,
    started_by_user_id int, // foreign key
    accepted_by_user_id int, // foreign key (null if not yet accepted)
    from_notified_at timestamp,
    to_notified_at timestamp // timestamp (null if not yet accepted)
)
message (
    id (pk),
    conversation_id int, // foreign key
    is_forward boolean, // true = a->b, false = b->a
    message_text varchar, // actual text of message
    received_at timestamp, // when it was sent in a server message
    sent_at timestamp // when it was picked up in a server message
)

You were worried about the security of cookies. If you use session cookies it means that only the user that initiates a session can use the session ID given to it by PHP (there are a couple of exceptions: the theft of a cookie by a malicious third party via script injection or the capture of data by eavesdropping. You can use SSL and read up on XSS if you are worried about those things, but I would say it is beyond the scope of a college course).

Long story short, you've chosen a non-trivial project! Good luck with it, and if there is something you don't understand, break it down into a smaller pieces, until the pieces are each programming problems.

Now, you can do this project with sockets, but you should learn to walk before you start running. I would suggest you try it this way first (since it is easier but still hard enough) and then if you can do that, move on to sockets.