budimir Posted July 13, 2008 Share Posted July 13, 2008 Hey guys, I need help with ending sessions. 1.) I wan't to end session when a user closes his web explorer 2.) I wan't to end sesion after some time of users inactivity Can you help me out with this. I have managed to do a logout.php which is called when users pushes a button. But I need to do it automaticlly when one of this two cases happens. Help!!!! Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/ Share on other sites More sharing options...
DeanWhitehouse Posted July 13, 2008 Share Posted July 13, 2008 first off, when they close the browser the session is ended, and the session is automatically ended after 30mins i think, without it being started again , there may be a way to change this in the php ini file. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588859 Share on other sites More sharing options...
ratcateme Posted July 13, 2008 Share Posted July 13, 2008 when a user exits there browser there php session cookie should automatically be deleted. as for a period of inactivity you could add smoe lines like this to the tops of all your pages <?php $inactivity = 3600; //1 hr = 60 mins = 3600 seconds $time = time(); if(($time-$_SESSION['last_active'])>$inactivity){ //log user out }else{ $_SESSION['last_active'] = $time; } ?> Scott. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588860 Share on other sites More sharing options...
JasonLewis Posted July 13, 2008 Share Posted July 13, 2008 Number 1 happens automatically. When all the browser windows are closed the sessions are destroyed as well. Number 2... I'll walk you through it, then if you need further help just say so. Firstly you'll need a database, you've probably already got one. Then you'd need a column in the user database called "timeout" or something similar. Then when they login you would set timeout to the current time() + however many minutes you want to sign people out. Then everytime the user reloads the page or goes to a new page you would CHECK to see if the "timeout" field is less than the current time(). If it is, sign them out and destroy sessions. If it's not less than, update the "timeout" field to the new time() + however many minutes. Hope that makes sense. If you wont some example code just say so. But at least try to turn what I've written into something. Good luck. Edit: Or you can use sessions instead of a DB like Scott. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588862 Share on other sites More sharing options...
budimir Posted July 13, 2008 Author Share Posted July 13, 2008 OK, I see what you're saying. I'm putting in DB the session_id which I'm calling for some things to identify the user and the session. And now I need that is automaticlly set to 0 when loged out (for both cases). That is the problem. I can even restart the computer, and the user will still be logged in. Here is a peace of code for the logout I'm executing: <?php include ("admin/servis/include/session.php"); session_destroy(); $upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'"; $rezultat = mysql_query($upit,$veza) or die (mysql_error()); header("Location:index.php"); ?> Any ideas??? Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588864 Share on other sites More sharing options...
ratcateme Posted July 13, 2008 Share Posted July 13, 2008 im not to sure about your code but if you restart your pc the internet browser is closed and the session is destroyed. Scott, Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588868 Share on other sites More sharing options...
DeanWhitehouse Posted July 13, 2008 Share Posted July 13, 2008 try adding session_unset(); aswell Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588870 Share on other sites More sharing options...
JasonLewis Posted July 13, 2008 Share Posted July 13, 2008 The sessions SHOULD be destroyed as all the windows have been closed, that is, the process stopped. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588871 Share on other sites More sharing options...
PFMaBiSmAd Posted July 13, 2008 Share Posted July 13, 2008 A session is just a "container" that holds data between page visits or refreshes of a single page. Don't rely on any thing external to your code to control if a visitor is logged in or logged out (doing things like a setcookie() to delete the session cookie is a waste of processing time and a waste of bandwidth) and don't rely on how sessions operate (session cookie being dropped by the browser or session garbage collection running) to log someone out. Only rely on a specific piece of data on your server to control and determine if someone is logged in or logged out. This is what budimir is attempting to do with the UPDATE query. As long as the query is being executed and updates the correct row and the rest of the code on the site is checking and making use of that data, this should work. budimir, have you looked in the database to see if the session_id column in the correct row has been set to '0'? If the WHERE clause is not TRUE, the query will execute but won't match any rows and nothing will be updated. Are $korisnicko_ime and $lozinka being set correctly? Have you echoed $upit to make sure it contains what you expect? If the column in the database is being updated, than that would mean that the rest of the code on your site is either re-logging them in, due to a logic error, or it is not properly checking the session_id column in the database. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588900 Share on other sites More sharing options...
budimir Posted July 13, 2008 Author Share Posted July 13, 2008 Hey PFMaBiSmAd, I have checked the variables $korisnicko_ime and $lozinka and they are being set correctly. Also I have echoed all of the querys to make sure that all the variables have the correct values. In the DB session_id is always stored in the correct field. But still, when I shut down the web explorer or after sometime, the data in DB isn't set to 0. I still can't see what's wrong. When I hit logout.php the session is destroyed and the in DB is set to 0. ???? What could be wrong here. check_login.php <?php session_start(); $start=time(); $_SESSION['time_start'] = $start; include ("admin/servis/include/db.php"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $sql="SELECT * FROM korisnici WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'"; $result=mysql_query($sql) or die (mysql_error()); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $upd = "UPDATE korisnici SET session_id='".session_id()."', aktivan = 'ON' WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'"; mysql_query($upd) or die (mysql_error()); header("location:index_glavni.php"); exit; } else { echo "Upisali ste krivo Korisničko ime ili Lozinku!"; } ?> login_success.php <? session_start(); include ("admin/servis/include/session.php"); $session_id = session_id(); $upit = "UPDATE korisnici SET session_id = '$session_id', aktivan = '0' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'"; $rezultat = mysql_query($upit,$veza) or die (mysql_error()); if(!session_is_registered(myusername)){ header("Location:logout.php"); } else { header("Location:index_glavni.php"); } ?> logoutd.php <?php include ("admin/servis/include/session.php"); session_destroy(); $upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'"; $rezultat = mysql_query($upit,$veza) or die (mysql_error()); header("Location:index.php"); ?> session.php <?php session_start(); $session_id = session_id(); include("db.php"); $upit = "SELECT * FROM korisnici WHERE session_id = '$session_id' && aktivan = 'ON'"; $rezultat = mysql_query($upit,$veza) or die (mysql_error()); $row = mysql_fetch_array($rezultat); $user_id = $row["id"]; $ime = $row["ime"]; $korisnicko_ime = $row["korisnicko_ime"]; $prezime = $row["prezime"]; $userData["status"] = $row["status"]; $lozinka = $row["lozinka"]; $status = $row["status"]; $aktivan = $row["aktivan"]; if (!$user_id){ header("Location:../../logout.php"); } $_SESSION['session_time'] = time(); //got the login time for user in second $session_logout = 2000; //it means 15 minutes. //and then cek the time session if($session_logout >= $_SESSION['session_time']){ //user session time is up // update status $upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'"; $rezultat = mysql_query($upit,$veza) or die (mysql_error()); //destroy the session session_destroy(); //redirect to login page header("Location:../../../index.php"); } ?> Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588923 Share on other sites More sharing options...
PFMaBiSmAd Posted July 13, 2008 Share Posted July 13, 2008 Start by putting an exit; statement immediately after every header("location: ....) redirect. Your code is continuing to execute after you send the header to the browser and I believe (since we don't have access to your system or your database, nor have you posted all of your code, it would be hard for us to test your code) this could be setting the session_id in the database. Also, don't use session_is_registered() (which I see in your code) or session_register() (which I don't see in your code.) These only work when register_globals are on and they have both been completely removed in php6. You are also not supposed to mix using the $_SESSION array with session_is_registered()/session_register(). Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588951 Share on other sites More sharing options...
budimir Posted July 13, 2008 Author Share Posted July 13, 2008 OK, I have put exit; after every header redirect. Also I have removed session_is_registered() - this is a peace of code I forgot to remove after I did a clean up of session_register(). But still nothing is happening when the browser is shut down or there is a user inactivity. Is there any other way to do this than the way I'm doing it. ?? Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-589070 Share on other sites More sharing options...
budimir Posted July 19, 2008 Author Share Posted July 19, 2008 Hey guys, I still haven't solved this problem, can someone help! Can't see what's wrong! Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594236 Share on other sites More sharing options...
budimir Posted July 19, 2008 Author Share Posted July 19, 2008 Here is my check_login.php <?php session_start(); include ("admin/servis/include/db.php"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $sql="SELECT * FROM korisnici WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'"; $result=mysql_query($sql) or die (mysql_error()); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ $upd = "UPDATE korisnici SET session_id='".session_id()."', aktivan = 'ON' WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'"; mysql_query($upd) or die (mysql_error()); header("location:index_glavni.php"); exit; } else { echo "Upisali ste krivo Korisničko ime ili Lozinku!"; } ?> And here is my session.php <?php session_start(); $session_id = session_id(); include("db.php"); $upit = "SELECT * FROM korisnici WHERE session_id = '$session_id' && aktivan = 'ON'"; $rezultat = mysql_query($upit,$veza) or die (mysql_error()); $row = mysql_fetch_array($rezultat); $user_id = $row["id"]; $ime = $row["ime"]; $korisnicko_ime = $row["korisnicko_ime"]; $prezime = $row["prezime"]; $userData["status"] = $row["status"]; $lozinka = $row["lozinka"]; $status = $row["status"]; $aktivan = $row["aktivan"]; $sesija_id = $row["session_id"]; if (!$user_id){ header("Location:../../logoutd.php"); exit; } $_SESSION['session_time'] = time(); //got the login time for user in second $session_logout = 90; //it means 15 minutes. //and then cek the time session if($session_logout >= $_SESSION['session_time']){ //user session time is up // update status $upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'"; $rezultat = mysql_query($upit,$veza) or die (mysql_error()); //destroy the session session_destroy(); //redirect to login page header("Location:../../../index.php"); exit; } ?> Why is not loging out, when I close my browser???? Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594308 Share on other sites More sharing options...
DeanWhitehouse Posted July 19, 2008 Share Posted July 19, 2008 can you please stop bumping the thread. And when you run the browser again, are you restoring the page . e.g. firefox says restore previus session, and this sets all the sessions as they where when it was closed. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594334 Share on other sites More sharing options...
budimir Posted July 19, 2008 Author Share Posted July 19, 2008 can you please stop bumping the thread. And when you run the browser again, are you restoring the page . e.g. firefox says restore previus session, and this sets all the sessions as they where when it was closed. No, I'm not doing that! I start clean FireFox and session is still in. Same thing happens with the IE7. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594347 Share on other sites More sharing options...
DeanWhitehouse Posted July 19, 2008 Share Posted July 19, 2008 ok, have you cleared the cache, and all the cookies/sessions saved in it? Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594353 Share on other sites More sharing options...
budimir Posted July 19, 2008 Author Share Posted July 19, 2008 Yes, I have even restarted my computer to be sure! Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594367 Share on other sites More sharing options...
DeanWhitehouse Posted July 19, 2008 Share Posted July 19, 2008 restarting the computer doesnt delete cookies. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594369 Share on other sites More sharing options...
budimir Posted July 19, 2008 Author Share Posted July 19, 2008 I've done that too. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594376 Share on other sites More sharing options...
DeanWhitehouse Posted July 19, 2008 Share Posted July 19, 2008 solved ? Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594387 Share on other sites More sharing options...
budimir Posted July 19, 2008 Author Share Posted July 19, 2008 Yes, in a little bit diferent way than I wanted. I'm loging out everyone after 3 hours. Still nothing hapening when I close web browser. Can't figure out why. Quote Link to comment https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594395 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.