master82 Posted June 13, 2006 Share Posted June 13, 2006 In my database I have a table called active - [userid, sessionid, ip, started, expire].When a user logs in a session is created, its id recorded with user id, ip, the time it was created and an expiry time (I dont place any values into the session itself).I have a script that deletes expired sessions from the table but need to make another script that I can use as an include on all my web page to do the following:[list][*]check the session id[*]see if it exists in the active table[*]- - - if so, update/replace started (to time()) and update expire (time()+900)[*]- - - If not, redirect to login page (login.php)[/list]Its basically a script to see if the user has already logged on in the last 15 mins.Heres my really bad attempt...[code]<?phpinclude("connect.php");session_start();$sessionid = session_id();$sql = "SELECT userid FROM active WHERE sessionid = '$sessionid'";$result = mysql_query($sql,$conn) or die("No session matched");if (mysql_num_rows($result) == 1) {$userid = mysql_result($result, 0, 'userid');$log = time();$expire = $log + 900;$ip = $_SERVER['REMOTE_ADDR'];$Sql = "REPLACE INTO active (userid, sessionid, ip, logged, expire) VALUES ('$userid', '$sessionid', '$ip', '$log','$expire') WHERE sessionid = '$sessionid'";$results = mysql_query($sql,$conn) or die("Unable to replace");}else{header("Location: login.php");}?>[/code]Anyone able to create this script or point me in the right direction? Quote Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/ Share on other sites More sharing options...
joquius Posted June 13, 2006 Share Posted June 13, 2006 sure this is what i use:[code]<?clean_sessions (); // your function for cleaning expired sessionsif (mysql_result (mysql_query ("SELECT `ip` FROM `active` WHERE `sessionid` = '$session_id'"), 0) == $_SERVER['REMOTE_ADDR']){ mysql_query ("UPDATE `active` SET `expire` = '".time()."' + 900 WHERE `sessionid` = '$session_id'"); echo "yay";}else{ header ("location: /login.php");}?>[/code]remember the deletion function already removed the expired functions so you don't need to check if it is expired again. Quote Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/#findComment-44977 Share on other sites More sharing options...
master82 Posted June 13, 2006 Author Share Posted June 13, 2006 I've done that, but now I get this at the top of each page:Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 7 in Drive:\something\something\something\something\something\session.php on line 6Warning: Cannot modify header information - headers already sent by (output started at Drive:\something\something\something\something\something\session.php:6) in Drive:\something\something\something\something\something\session.php on line 12Any idea what the problem is? Quote Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/#findComment-44983 Share on other sites More sharing options...
joquius Posted June 13, 2006 Share Posted June 13, 2006 these are guidelines, you want to make sure the $ are correct as well as matching db fields. you can also do thismore valid[code]$sql = "SELECT `ip` FROM `active` WHERE `sessionid` = '$session_id'";if (mysql_query ($sql) && mysql_result (mysql_query ($sql), 0) == $_SERVER['REMOTE_ADDR']){ mysql_query ("UPDATE `active` SET `expire` = '".time()."' + 900 WHERE `sessionid` = '$session_id'"); echo "yay";}else{ header ("location: /login.php");}[/code] Quote Link to comment https://forums.phpfreaks.com/topic/11860-check-session-id-to-log-in/#findComment-44997 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.