I have a build a website where users need to login to, and the authentication is based on SESSION variables and DB.
To simplify, let me describe it like this: I have simple users who belong to groups, and I have group managers. All of them own a subscription. When a group manager decides to upgrade a service, it is done for all his users immediately. I would need to update all subscriptions and I would need to go and charge for each subscription individually.
So. What I need to do is go to the DB, and start going one by one:
1. charge
2. receive status from cc company.
3. update the DB entry accordingly.
4. repeat for next simple user
The thing is, that when a group manager is updating the service, I would need to fire a batch process, which might take a while to complete, but if the group manager closes the browser for some reason (presses the stop button, power goes out, zillion other reasons the connection goes out), the action wouldn't complete. And users will be left untreated.
I thought the way to go about this would be to start a shell command with a PHP script. I would send the parameters to the script like system("php batch.php?ID=$group_id?process=all") which in turn would probably get the job done.
My issue is, that I am used to authenticating my users and the data throughout the website, as said, by SESSION parameters etc. But in this case (calling a system command), I cannot really go and check who actually fired that script. It could be a user, it could be the script I intended.
I would like to prevent users accessing that script, and I want that script to be completed after it has been issued.
How can I accomplish that ? Any other suggestions ?
Thanks!