Jump to content

Recommended Posts

Hey guys,

 

I need help with ending sessions.

 

1.) I wan't to end session when a user closes his web explorer

2.) I wan't to end sesion after some time of users inactivity

 

Can you help me out with this.

 

I have managed to do a logout.php which is called when users pushes a button. But I need to do it automaticlly when one of this two cases happens.

 

Help!!!!

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/
Share on other sites

when a user exits there browser there php session cookie should automatically be deleted. as for a period of inactivity you could add smoe lines like this to the tops of all your pages

<?php
$inactivity = 3600; //1 hr = 60 mins = 3600 seconds
$time = time();
if(($time-$_SESSION['last_active'])>$inactivity){
    //log user out
}else{
    $_SESSION['last_active'] = $time;
}
?>

 

Scott.

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588860
Share on other sites

Number 1 happens automatically. When all the browser windows are closed the sessions are destroyed as well.

 

Number 2...

I'll walk you through it, then if you need further help just say so.

Firstly you'll need a database, you've probably already got one. Then you'd need a column in the user database called "timeout" or something similar.

Then when they login you would set timeout to the current time() + however many minutes you want to sign people out. Then everytime the user reloads the page or goes to a new page you would CHECK to see if the "timeout" field is less than the current time(). If it is, sign them out and destroy sessions. If it's not less than, update the "timeout" field to the new time() + however many minutes.

 

Hope that makes sense. If you wont some example code just say so. But at least try to turn what I've written into something. :)

 

Good luck.

 

Edit: Or you can use sessions instead of a DB like Scott. ;)

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588862
Share on other sites

OK, I see what you're saying.

 

I'm putting in DB the session_id which I'm calling for some things to identify the user and the session. And now I need that is automaticlly set to 0 when loged out (for both cases). That is the problem.

 

I can even restart the computer, and the user will still be logged in.

 

Here is a peace of code for the logout I'm executing:

 

<?php
include ("admin/servis/include/session.php");
session_destroy();



$upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'";
$rezultat = mysql_query($upit,$veza) or die (mysql_error());

header("Location:index.php");

?>

 

Any ideas???

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588864
Share on other sites

A session is just a "container" that holds data between page visits or refreshes of a single page. Don't rely on any thing external to your code to control if a visitor is logged in or logged out (doing things like a setcookie() to delete the session cookie is a waste of processing time and a waste of bandwidth) and don't rely on how sessions operate (session cookie being dropped by the browser or session garbage collection running) to log someone out. Only rely on a specific piece of data on your server to control and determine if someone is logged in or logged out.

 

This is what budimir is attempting to do with the UPDATE query. As long as the query is being executed and updates the correct row and the rest of the code on the site is checking and making use of that data, this should work.

 

budimir, have you looked in the database to see if the session_id column in the correct row has been set to '0'? If the WHERE clause is not TRUE, the query will execute but won't match any rows and nothing will be updated. Are $korisnicko_ime and $lozinka being set correctly? Have you echoed $upit to make sure it contains what you expect?

 

If the column in the database is being updated, than that would mean that the rest of the code on your site is either re-logging them in, due to a logic error, or it is not properly checking the session_id column in the database.

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588900
Share on other sites

Hey PFMaBiSmAd,

 

I have checked the variables $korisnicko_ime and $lozinka and they are being set correctly. Also I have echoed all of the querys to make sure that all the variables have the correct values. In the DB session_id is always stored in the correct field.

 

But still, when I shut down the web explorer or after sometime, the data in DB isn't set to 0.

 

I still can't see what's wrong. When I hit logout.php the session is destroyed and the in DB is set to 0.

 

????

 

What could be wrong here.

 

check_login.php

 

<?php
session_start();

$start=time();
$_SESSION['time_start'] = $start;

include ("admin/servis/include/db.php");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM korisnici WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'";
$result=mysql_query($sql) or die (mysql_error());

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"

$upd = "UPDATE korisnici SET session_id='".session_id()."', aktivan = 'ON' WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'";
mysql_query($upd) or die (mysql_error());

header("location:index_glavni.php");
exit;
}
else {
echo "Upisali ste krivo Korisničko ime ili Lozinku!";
}

?>

 

login_success.php

 

<? 
session_start();
include ("admin/servis/include/session.php");

$session_id = session_id();

$upit = "UPDATE korisnici SET session_id = '$session_id', aktivan = '0' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'";
$rezultat = mysql_query($upit,$veza) or die (mysql_error());

if(!session_is_registered(myusername)){
header("Location:logout.php");
} else {
header("Location:index_glavni.php");
}
?>

 

logoutd.php

 

<?php
include ("admin/servis/include/session.php");
session_destroy();



$upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'";
$rezultat = mysql_query($upit,$veza) or die (mysql_error());

header("Location:index.php");

?>

 

session.php

 

<?php
session_start();
$session_id = session_id();

include("db.php");

$upit = "SELECT * FROM korisnici WHERE session_id = '$session_id' && aktivan = 'ON'";
$rezultat = mysql_query($upit,$veza) or die (mysql_error());
$row = mysql_fetch_array($rezultat);
$user_id = $row["id"];
$ime = $row["ime"];
$korisnicko_ime = $row["korisnicko_ime"];
$prezime = $row["prezime"];
$userData["status"] = $row["status"];
$lozinka = $row["lozinka"];
$status = $row["status"];
$aktivan = $row["aktivan"];

if (!$user_id){
header("Location:../../logout.php");
}

     $_SESSION['session_time'] = time(); //got the login time for user in second
     $session_logout = 2000; //it means 15 minutes.
     //and then cek the time session
     if($session_logout >= $_SESSION['session_time']){
        //user session time is up
       // update status
   $upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'";
   $rezultat = mysql_query($upit,$veza) or die (mysql_error());
   //destroy the session
      session_destroy();
     //redirect to login page
     header("Location:../../../index.php");
    }
?>

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588923
Share on other sites

Start by putting an exit; statement immediately after every header("location: ....) redirect. Your code is continuing to execute after you send the header to the browser and I believe (since we don't have access to your system or your database, nor have you posted all of your code, it would be hard for us to test your code) this could be setting the session_id in the database.

 

Also, don't use session_is_registered() (which I see in your code)  or session_register() (which I don't see in your code.) These only work when register_globals are on and they have both been completely removed in php6. You are also not supposed to mix using the $_SESSION array with session_is_registered()/session_register().

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-588951
Share on other sites

OK,

 

I have put exit; after every header redirect. Also I have removed session_is_registered() - this is a peace of code I forgot to remove after I did a clean up of session_register().

 

But still nothing is happening when the browser is shut down or there is a user inactivity.

 

Is there any other way to do this than the way I'm doing it.

 

??

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-589070
Share on other sites

Here is my check_login.php

 

<?php
session_start();

include ("admin/servis/include/db.php");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM korisnici WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'";
$result=mysql_query($sql) or die (mysql_error());

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
$upd = "UPDATE korisnici SET session_id='".session_id()."', aktivan = 'ON' WHERE korisnicko_ime='$myusername' and lozinka='$mypassword'";
mysql_query($upd) or die (mysql_error());

header("location:index_glavni.php");
exit;
}
else {
echo "Upisali ste krivo Korisničko ime ili Lozinku!";
}

?>

 

And here is my session.php

 

<?php
session_start();
$session_id = session_id();

include("db.php");

$upit = "SELECT * FROM korisnici WHERE session_id = '$session_id' && aktivan = 'ON'";
$rezultat = mysql_query($upit,$veza) or die (mysql_error());
$row = mysql_fetch_array($rezultat);
$user_id = $row["id"];
$ime = $row["ime"];
$korisnicko_ime = $row["korisnicko_ime"];
$prezime = $row["prezime"];
$userData["status"] = $row["status"];
$lozinka = $row["lozinka"];
$status = $row["status"];
$aktivan = $row["aktivan"];
$sesija_id = $row["session_id"];

if (!$user_id){
header("Location:../../logoutd.php");
exit;
}

$_SESSION['session_time'] = time(); //got the login time for user in second
$session_logout = 90; //it means 15 minutes.
//and then cek the time session
if($session_logout >= $_SESSION['session_time']){
       //user session time is up
       // update status
   $upit = "UPDATE korisnici SET session_id = '0', aktivan = 'OFF' WHERE korisnicko_ime='$korisnicko_ime' and lozinka='$lozinka'";
   $rezultat = mysql_query($upit,$veza) or die (mysql_error());
       //destroy the session
       session_destroy();
//redirect to login page
header("Location:../../../index.php");
exit;
}
?>

 

Why is not loging out, when I close my browser????

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594308
Share on other sites

can you please stop bumping the thread. And when you run the browser again, are you restoring the page .

e.g. firefox says restore previus session, and this sets all the sessions as they where when it was closed.

 

No, I'm not doing that! I start clean FireFox and session is still in. Same thing happens with the IE7.

Link to comment
https://forums.phpfreaks.com/topic/114514-solved-end-session/#findComment-594347
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.