Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 10 of 10
  1. #1
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts

    Session expiration?

    Ok, question.

    On server side you can create a session expiration so that when people are idol too long it will kick them out of the site.

    My question is, can you do that in html using meta tags?

    I was not sure if that was possible.

    Thanks

  • #2
    Regular Coder
    Join Date
    Jul 2005
    Location
    Nottingham NH
    Posts
    208
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Yes. A short term session cookie will do just that.

  • #3
    Regular Coder
    Join Date
    Jul 2005
    Posts
    352
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I have the same problem and how do you do that using
    A short term session cookie ...

  • #4
    Regular Coder
    Join Date
    Jul 2005
    Location
    Nottingham NH
    Posts
    208
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It performs automatically if you use a session cookie instead of a perpetual long-term cookie. I think it stays active for thirty minutes. Something like this should work for you.

    Code:
    <?php  
                               // here is where the session info is stored
                               // session begins at login
       if(!isset($_SESSION)){
        session_start();  // start
    } 
                               // List users
        $_Users = array( 
          'User1',
          'User2',
          'User3', );
                               // List passwords
        $_Passwords = array( 
          'password1',
          'password2',
          'password3', ); 
    
                               // confirms "Loggedin"
    if (isset($_POST['Submitted']) && $_POST['Submitted'] == "True") { 
      if (in_array($_POST['Users'],$_Users) && in_array($_POST['Passwords'],$_Passwords)) { 
            $_SESSION['Loggedin'] = "True"; 
             $_SESSION['Users'] = $_POST['Users'];
        }
    }
                               // this is where you want to redirect 
                               // upon logout or expiration
                               // I used login.php as a page
        if (@$_SESSION['Loggedin'] != "True") { 
        header ('Location: login.php');   
    }
                               // unset session, manual logout
    if (isset($_GET['mode']) && $_GET['mode'] == "logout") {  
        unset($_SESSION['Users']);
        unset($_SESSION['Loggedin']); 
    	header ('Location: '.$_SERVER['PHP_SELF']);
    } 
    ?>
    This doesn't include the login form or logout link itself, nor does it show the session info on each secure page (gloabl header for site wide) but it's pretty complete albeit fairly simplistic. Hopefully I didn't mess it up. I'm pretty new to PHP.

    Mike

    EDIT: Warning, this allows cross users. Users and passwords being interchangeable. To avoid that you'd need different sessions, probably based on user info. However, this does require a perfect match of BOTH users and Passwords to begin the session (login).
    Last edited by Green Beast; 08-27-2005 at 06:19 PM.

  • #5
    Regular Coder
    Join Date
    Jul 2005
    Posts
    352
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thanks

  • #6
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Wouldn't that be server side though? Or is that still a client side code?

  • #7
    Regular Coder
    Join Date
    Jul 2005
    Location
    Nottingham NH
    Posts
    208
    Thanks
    0
    Thanked 0 Times in 0 Posts
    That would be server side. If can be partially client side by changing the header redirect to a meta refresh/redirect, but that be be disabled right in the browser. Keeping the whole thing server side ensures that when the session is over the user go back to the login page.

    What's the application in this case? What are you trying to do?

    Mike

  • #8
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    All I want to happen, is if the user waits more than 3 mins. the page refreshes. Is there a meta code or any kind of code that will do that? If so, what is it?

  • #9
    Regular Coder
    Join Date
    Jul 2005
    Location
    Nottingham NH
    Posts
    208
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Ah, I see. Will something like this work? It won't refresh on inactivity, but it should refresh the page if someones on it. I guess it would be helpful to learn more about the application.
    Code:
    <!-- Can be disabled by disabling JS -->
    <html>
    <head>
    <script type="text/javascript">
    <!--
    function refreshPage() {
    history.go(0);
    }
    // -->
    </script>
    </head>
    <body onLoad="setTimeout('refreshPage()',180000)">
    
    <!-- I think this is right... 180000 = 3mins... *I think* -->
    
    </body>
    </html>
    or...

    Code:
    <!-- Can be disabled by removed meta refresh in security -->
    <head>
    <meta http-equiv="refresh" content="30">
    </head>
    Then there is the basic PHP redirect (included as a part of that other script). That would likely be best, just have to remove the logout portion and target the page their on upoin refresh instead of sending them back to the login.

    Mike

  • #10
    Regular Coder
    Join Date
    May 2005
    Posts
    220
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Hey thank you!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •