master82 Posted June 13, 2006 Share Posted June 13, 2006 In my database I have a table called active - [userid, sessionid, ip, started, expire].When a user logs in a session is created, its id recorded with user id, ip, the time it was created and an expiry time (I dont place any values into the session itself).I have a script that deletes expired sessions from the table but need to make another script that I can use as an include on all my web page to do the following:[list][*]check the session id[*]see if it exists in the active table[*]- - - if so, update/replace started (to time()) and update expire (time()+900)[*]- - - If not, redirect to login page (login.php)[/list]Its basically a script to see if the user has already logged on in the last 15 mins.Heres my really bad attempt...[code]<?phpinclude("connect.php");session_start();$sessionid = session_id();$sql = "SELECT userid FROM active WHERE sessionid = '$sessionid'";$result = mysql_query($sql,$conn) or die("No session matched");if (mysql_num_rows($result) == 1) {$userid = mysql_result($result, 0, 'userid');$log = time();$expire = $log + 900;$ip = $_SERVER['REMOTE_ADDR'];$Sql = "REPLACE INTO active (userid, sessionid, ip, logged, expire) VALUES ('$userid', '$sessionid', '$ip', '$log','$expire') WHERE sessionid = '$sessionid'";$results = mysql_query($sql,$conn) or die("Unable to replace");}else{header("Location: login.php");}?>[/code]Anyone able to create this script or point me in the right direction? Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/ Share on other sites More sharing options...
joquius Posted June 13, 2006 Share Posted June 13, 2006 sure this is what i use:[code]<?clean_sessions (); // your function for cleaning expired sessionsif (mysql_result (mysql_query ("SELECT `ip` FROM `active` WHERE `sessionid` = '$session_id'"), 0) == $_SERVER['REMOTE_ADDR']){ mysql_query ("UPDATE `active` SET `expire` = '".time()."' + 900 WHERE `sessionid` = '$session_id'"); echo "yay";}else{ header ("location: /login.php");}?>[/code]remember the deletion function already removed the expired functions so you don't need to check if it is expired again. Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/#findComment-44977 Share on other sites More sharing options...
master82 Posted June 13, 2006 Author Share Posted June 13, 2006 I've done that, but now I get this at the top of each page:Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 7 in Drive:\something\something\something\something\something\session.php on line 6Warning: Cannot modify header information - headers already sent by (output started at Drive:\something\something\something\something\something\session.php:6) in Drive:\something\something\something\something\something\session.php on line 12Any idea what the problem is? Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/#findComment-44983 Share on other sites More sharing options...
joquius Posted June 13, 2006 Share Posted June 13, 2006 these are guidelines, you want to make sure the $ are correct as well as matching db fields. you can also do thismore valid[code]$sql = "SELECT `ip` FROM `active` WHERE `sessionid` = '$session_id'";if (mysql_query ($sql) && mysql_result (mysql_query ($sql), 0) == $_SERVER['REMOTE_ADDR']){ mysql_query ("UPDATE `active` SET `expire` = '".time()."' + 900 WHERE `sessionid` = '$session_id'"); echo "yay";}else{ header ("location: /login.php");}[/code] Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/#findComment-44997 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.