I have used an EventSource method to get online status of active users on my website. In this following JavaScript code is inserted in every page
var source = new EventSource("set_online.php");
Thus this code is executing set_online.php
file continuously.
On server side i.e. in set_online.php
following code executed
$query = "UPDATE my_db SET last_active = '{$current_time}' WHERE id = {$_SESSION["id"]}";
$result = mysqli_query($connection, $query);
Now I have two concerns about this:
- As Database is updating last_active continuously in realtime, will it affect server load?
- As connection is open as long as user is on website, will it create vulnerabilities?