Joomla! Community Magazine™

Download
Launch
3 minutes reading time (526 words)

Do you logout from websites when you’re finished using them?

1023 Hits
October-logout

Before we talk about Joomla, ask yourself how often you logout of websites after you’ve finished with them?

I would suggest that most people who have to login to a website to transact some business (e.g. buying products online, doing your banking or using discussion forums) never bother to logout. They simply close the browser tab/window when they’re done and let the server that hosts the website expire the session. Unless you’re using a device that others may have physical access to, there’s a minimal security risk by just clicking a “close this window” gadget.

As far as logging into the backed of my Joomla websites is concerned, as a general practice I logout when I’m done before I close the browser tab/window.  I’m not sure why I do this but it’s just my way of operating. I’m not as thorough, though, when I’m logging into the frontend of a Joomla website.

Often, it seems, problems arise when logging in if the session wasn’t properly terminated or problems arise when logging out.  We’re usually oblivious to these problems until someone else reports them. “Hey, website owner, I tried to login but I couldn’t” or “Hey, website owner, when I logged out I got an error message.

Embarrassing, isn’t it, when someone else finds a problem that you were not aware of because you didn’t test it yourself!

I’ve been involved in many topics on The Joomla Forum™ where people discuss problems with logging in and logging out. I confess that I don’t have most of these problems but, then again, I also have to say that I don’t use the same kinds of environments used by others. For example, only a couple of days before writing this article there was a discussion on the forum about logging out using a version of PHP that I don’t use, a template that I don’t use … on a multilingual site; I don’t have any multilingual websites. I’m therefore not very useful in such situations.

However, it still leaves me with questions about whether people test the “normal activities” of logging in and logging out with new releases of Joomla.  The testing instructions simply say

Test all the things you normally do on your website. Check the backend and frontend.

There’s also a checklist of items to test.

So, when it comes to testing new versions of Joomla, it’s not a case of install the new version and see if it installs OK and doesn’t fall over within five minutes.  It’s a case of “Test, Test, Test” and not leave it to your users to write, “Hey, website owner, your website is full of bugs.”

This article is based on the author's previously published work posted at the Joomla forum.

0
  Facebook   Twitter   LinkedIn   Pinterest
Tags:
Best Practices Did you know...?
How to create a reading bar in your Joomla website

About the author

Michael Russell

Michael Russell

Michael Russell

A Joomla hobbyist and active contributor on The Joomla! Forum™.  In a nutshell, his career in Information Technology spans over 40 years, nearly all of that working in various Australian Government departments and agencies.  For the last 15 years of that time, he’s had a keen interest in developing intranet sites and this naturally evolved into the Internet space. His experience covered most activities in the IT field:  systems analysis and design, programming, testing, project management, customer relationship management, knowledge management—you name it and he’s probably had something to do with it (or he managed teams of people who had the subject-matter skills).  He retired from the workforce in January 2007 and, if he thought he was busy when he was working, he’s been busier now than ever—mostly he’s busy having a great time!  When he’s not thinking about world events, Australian politics or making sure he’s not far away from coffee, Michael is involved in helping people make the best use of Joomla.

Most people will recognise Michael by his handle "sozzled".

 

Comments 2

Already Registered? Login Here
Alan N
Alan N on Friday, 21 October 2022 08:54
Remember Me

Thank you Michael - your article made me think about something that has just cropped up!

To this day I always end up logging people out in the admin control panel.

The other day though, I had a message from a site user saying that they were a bit worried that there was an edit button allowing them to edit whatever they want, not just on the one article. They'd never seen it before and were more than a bit concerned.

We have never used frontend editing and although the necessary access levels are in place, we've always used the backend.

I was sure it was a simple case of logging them out from the backend myself which I did. But they later came back and said they could still see the edit button. I tried this several times to no avail.

I then remembered that a few days prior to this issue I had sent a link to a registered page for review and they had logged into it. Is this a bug, is it a server thing, what's changed recently I ask myself - it's never cropped up while we've used Joomla?

Next port of call was the Joomla forum. After a bit of digging around I spotted a thread about the "Remember Me" plugin.

From that moment I realised what was going on and added a login module to the page and asked them to logout. The issue went away and the plugin is disabled.

I learned a few things from that experience:

  • Ease of use often outweighs procedure or training.
    • To test for what people might do, not just what you want them to. An issue is not necessarily a problem. The problem is more often that we don't understand Joomla! functionality After using Joomla! for 10 plus years my knowledge of Joomla!, beyond what I do with it is actually less than it ought to be. To people that don't know, good information and a friendly reception helps engage and retain Joomla! users. Issues that are shared in forums and between colleagues become opportunities to learn, not problems.


I, like Michael, logout when finished, but also I never use remember me options and always refuse the browsers prompt to save the login details. This is perhaps more because I'm used to logging out those that haven't and checking in articles checked out by users taking the easy option to get out.

0
Thank you Michael - your article made me think about something that has just cropped up! To this day I always end up logging people out in the admin control panel. The other day though, I had a message from a site user saying that they were a bit worried that there was an edit button allowing them to edit whatever they want, not just on the one article. They'd never seen it before and were more than a bit concerned. We have never used frontend editing and although the necessary access levels are in place, we've always used the backend. I was sure it was a simple case of logging them out from the backend myself which I did. But they later came back and said they could still see the edit button. I tried this several times to no avail. I then remembered that a few days prior to this issue I had sent a link to a registered page for review and they had logged into it. Is this a bug, is it a server thing, what's changed recently I ask myself - it's never cropped up while we've used Joomla? Next port of call was the Joomla forum. After a bit of digging around I spotted a thread about the "Remember Me" plugin. From that moment I realised what was going on and added a login module to the page and asked them to logout. The issue went away and the plugin is disabled. I learned a few things from that experience: [list] [*]Ease of use often outweighs procedure or training. To test for what people might do, not just what you want them to. An issue is not necessarily a problem. The problem is more often that we don't understand Joomla! functionality After using Joomla! for 10 plus years my knowledge of Joomla!, beyond what I do with it is actually less than it ought to be. To people that don't know, good information and a friendly reception helps engage and retain Joomla! users. Issues that are shared in forums and between colleagues become opportunities to learn, not problems. [/list] I, like Michael, logout when finished, but also I never use remember me options and always refuse the browsers prompt to save the login details. This is perhaps more because I'm used to logging out those that haven't and checking in articles checked out by users taking the easy option to get out.
Cancel Update Comment
Brian Teeman
Brian Teeman on Friday, 21 October 2022 13:47
Are you using the same joomla

Joomla will automatically log you out after a defined period of inactivity. So I have really no idea at all what you are referring to here. It seems like you are making a dig at the contributors who give of their time to test joomla of which you, by your own admission, are not.

0
Joomla will automatically log you out after a defined period of inactivity. So I have really no idea at all what you are referring to here. It seems like you are making a dig at the contributors who give of their time to test joomla of which you, by your own admission, are not.
Cancel Update Comment

By accepting you will be accessing a service provided by a third-party external to https://magazine.joomla.org/