Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    Jan 2010
    Posts
    36
    Thanks
    0
    Thanked 0 Times in 0 Posts

    to add session expiry time...

    when ever a user login, his information(name,password..etc) will be stored in sessions and also stored in users table.
    the table has following fields
    1.userid 2.password

    i would like to add session expiry time
    what i want to do is if a user login and does not do any thing for next 15 minutes i want to redirect the user to login page.

    how i can do this.any of your help will be appreciated

    thanks..

  • #2
    New Coder
    Join Date
    Jan 2010
    Posts
    36
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question

    PHP Code:
    $inactive 600;

     


    if(isset(
    $_SESSION['<strong class="highlight">timeout</strong>']) ) 
    {

                    
    $session_life time() - $_SESSION['start'];

                    if(
    $session_life $inactive)

            { 
    session_destroy(); header("Location: loginpage.php"); }

    }

    $_SESSION['<strong class="highlight">timeout</strong>'] = time(); 
    will this code work????

  • #3
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Its the right idea yes. I wouldn't use a key like that though, but I cannot tell if you're just trying to indicate that the 'timeout' is you're key, or if thats you're actual key. Just use 'timeout' in this case.
    This is the approach I would use with standard PHP sessions. After you're location redirect though, ensure that exit() is called - if it is not the timeout will be reset to the current time which could cause some issues. Without an exit, the user will be redirected but the remaining script will still execute. You can also look at forcing you're garbage collection if you're on PHP5.3, or by altering you're configuration information to force a collection 100% of the time. This I would not do for performance reasons, rather I'd leave them to clean up in their own time and just invalidate the session available.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #4
    New Coder
    Join Date
    Jan 2010
    Posts
    36
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks for the suggestion...
    can u pls make it more clear......

  • #5
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Pretty much the same thing, just with proper names:
    PHP Code:
    session_start();

    $inactive 600
    $time time();

    if(isset(
    $_SESSION['timeout']) && $time > ($_SESSION['timeout'] + $inactive))  
    {
        
    $_SESSION = array();
        
    setcookie(session_name(), '');
        
    session_destroy();
        
    header("Location: loginpage.php"); // Note that this *should* be an absolute http location (most browsers will not complain though)
        
    exit();


    $_SESSION['timeout'] = $time
    Something like this.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •