Jump to content

Making a session expire problem... *SOLVED*

pocobueno1388

By pocobueno1388
in PHP Coding Help

 Share

Recommended Posts

pocobueno1388 Regular Member

pocobueno1388

Posted
Posted
I am trying to make it so that if a user on my site is not active for 30 minutes, it will automatically log them out.
I tried using [tt]session.gc_maxlifetime[/tt]. So either it doesn't work, or I am not using it correcty.

If somone could show me how to use it, or what I could use instead, please let me know. Also, it would be helpful if you could just add it to this code, because I don't know where to put it.

[code]session_start();
$sid=$_SESSION['playerid'];[/code]

Thanks XD
Link to comment
Share on other sites
Woolf Newbie

Woolf

Posted
Posted
Well, there are a couple of ways to do this. I'm going to suggest the easiest way first, however, it is up to you how you use it.

Your idea of using 'session.gc_maxlifetime' is correct, however, how are you setting it? Here's how it should be done. At the top of your script(s) file, enter the following line:
[i]ini_set('session.gc_maxlifetime', '1800');[/i]

ini_set lets the PHP script know that we're setting a variable to override the default variable as set in your hosts' php.ini file. 'session.gc_maxlifetime' is the name of the variable you're overriding, in this case it's the time of which a session should last. The '1800' is the time (in seconds) in which the session should last.


An alternative way, if the first way does not work, is to set a session called 'last_active' on every page. The value should contain the current time. Then, on each page, you can grab the last_active session and compare it with the current time. If the last_active session is more than thirty minutes, you can destroy the session with session_destroy().

If you're going to use the alternative way, let me know... I'll explain it in more detail.
Link to comment
Share on other sites
pocobueno1388 Regular Member

pocobueno1388

Posted
  • Author
Posted
Tell me if there is anything wrong with the code now that I added what you told me too.

[code]
<?php

include "config.php";

ini_set('session.gc_maxlifetime', '5');

session_start(); // Maintainsessionstate


$sid=$_SESSION['playerid'];

if(empty($sid)){

print "You must be logged in to view this page. <a

href='index.php'>Login here.</a>";
exit;
}
$ip = "$HTTP_SERVER_VARS[REMOTE_ADDR]";
mysql_query("update players set ip='$ip', last_login=NOW()

where playerID='$sid'");

?>

[/code]

this is just the top part of my header.php script. It is called on every page with an 'include'.

[code]
ini_set('session.gc_maxlifetime', '5');[/code] Isn't seeming to effect anything. I set it to '5' just to test it...but it's not working. Any suggestions?
Link to comment
Share on other sites
pocobueno1388 Regular Member

pocobueno1388

Posted
  • Author
Posted
You don't think the '5' will make a difference?

It still won't work, here is the code now:
[code]
<?php


ini_set('session.gc_maxlifetime', '5');

include "config.php";

session_start(); // Maintainsessionstate

$sid=$_SESSION['playerid'];

if(empty($sid)){

print "You must be logged in to view this page. <a

href='index.php'>Login here.</a>";
exit;
}
$ip = "$HTTP_SERVER_VARS[REMOTE_ADDR]";
mysql_query("update players set ip='$ip', last_login=NOW()

where playerID='$sid'");

?>
[/code]

If the '5' doesn't make a difference, am I just going to have to wait the 1800 seconds to find out if it works?
Link to comment
Share on other sites
Woolf Newbie

Woolf

Posted
Posted
Sorry, I meant that I didn't think it would make a difference where the ini_set was, not the five.

Anyway, I looked it up and gc_maxlifetime is not what you're looking for. And after thinking it through, it probably wouldn't work the way you would expect anyway.


Anyway, let's try this.

[code]<?php


include "config.php";

session_start(); // Maintainsessionstate

//No session set (first time user visited)
if(!isset($_SESSION['last_active'])){
//Set the Session
$_SESSION['last_active'] = time();
}

//Session set, but user not active for more than thirty minutes
elseif($_SESSION['last_active'] < time()-1800){
print "Your session timed out.";
exit;
}

//Session set, and the user has been active for under thirty minutes
elseif($_SESSION['last_active'] >= time()-1800){
//Update session with current time
$_SESSION['last_active'] = time();
}


$sid=$_SESSION['playerid'];

if(empty($sid)){

print "You must be logged in to view this page. <a

href='index.php'>Login here.</a>";
exit;
}
$ip = "$HTTP_SERVER_VARS[REMOTE_ADDR]";
mysql_query("update players set ip='$ip', last_login=NOW()

where playerID='$sid'");

?>[/code]

That should, in theory, work. Let me know how it goes.
Link to comment
Share on other sites
pocobueno1388 Regular Member

pocobueno1388

Posted
  • Author
Posted
That would work great, but there is one problem. I set it to expire in 10 seconds, and it worked. But then I tried to log in again, and it said that my session was expired. So it isn't reseting or something...how do I fix this?

By the way, thank you sooo much for your help XD
Link to comment
Share on other sites
Woolf Newbie

Woolf

Posted
Posted
Silly me! I forgot to destroy the session. Here,

[code]<?php


include "config.php";

session_start(); // Maintainsessionstate

//No session set (first time user visited)
if(!isset($_SESSION['last_active'])){
//Set the Session
$_SESSION['last_active'] = time();
}

//Session set, but user not active for more than thirty minutes
elseif($_SESSION['last_active'] < time()-1800){
print "Your session timed out.";

//Destroy the session
$_SESSION['last_active'] = '';
exit;
}

//Session set, and the user has been active for under thirty minutes
elseif($_SESSION['last_active'] >= time()-1800){
//Update session with current time
$_SESSION['last_active'] = time();
}


$sid=$_SESSION['playerid'];

if(empty($sid)){

print "You must be logged in to view this page. <a

href='index.php'>Login here.</a>";
exit;
}
$ip = "$HTTP_SERVER_VARS[REMOTE_ADDR]";
mysql_query("update players set ip='$ip', last_login=NOW()

where playerID='$sid'");

?>[/code]
Link to comment
Share on other sites
Woolf Newbie

Woolf

Posted
Posted
Hmm, it's probably because I essentially did not 'destroy' the session (because I do not know if you have any other session variables), instead, I just made it 'blank'. And in the first if variable where it sets the last visit, I told it to check if it was set, well.. it was, it was just empty.

Anyway, I've changed it so that it will create a new last_visit session if the session is empty, and it will not give you any time out errors or anything unless the session is not empty.

[code]//No session set (first time user visited)
if(empty($_SESSION['last_active'])){
//Set the Session
$_SESSION['last_active'] = time();
}

//Session set, but user not active for more than thirty minutes
elseif(!empty($_SESSION['last_active']) && $_SESSION['last_active'] < time()-1800){
print "Your session timed out.";

//Destroy the session
$_SESSION['last_active'] = '';
exit;
}

//Session set, and the user has been active for under thirty minutes
elseif(!empty($_SESSION['last_active']) && $_SESSION['last_active'] >= time()-1800){
//Update session with current time
$_SESSION['last_active'] = time();
}[/code]

Replace the old section with the code above.

Let me know if that works.
Link to comment
Share on other sites
pocobueno1388 Regular Member

pocobueno1388

Posted
  • Author
Posted
The session won't time out now =( Here is the code I have in:

[code]
<?php


include "config.php";

session_start(); // Maintainsessionstate

//No session set (first time user visited)
if(!empty($_SESSION['last_active'])){
//Set the Session
$_SESSION['last_active'] = time();
}

//Session set, but user not active for more than thirty minutes
elseif(!empty($_SESSION['last_active']) && $_SESSION['last_active'] < time()-10){
print "Your session timed out.";

//Destroy the session
$_SESSION['last_active'] = '';
exit;
}

//Session set, and the user has been active for under thirty minutes
elseif(!empty($_SESSION['last_active']) && $_SESSION['last_active'] >= time()-10){
//Update session with current time
$_SESSION['last_active'] = time();
}


$sid=$_SESSION['playerid'];

if(empty($sid)){

print "You must be logged in to view this page. <a

href='index.php'>Login here.</a>";
exit;
}
$ip = "$HTTP_SERVER_VARS[REMOTE_ADDR]";
mysql_query("update players set ip='$ip', last_login=NOW()

where playerID='$sid'");

?>
[/code]
Link to comment
Share on other sites
Woolf Newbie

Woolf

Posted
Posted
You are most certainly welcome. Please let me know if you need any more help with anything.

P.S. If you wish, you may edit the original post title and place a [solved] (or [resolved].. whatever works for you) in front of it, to signify that your issue has been resolved. Just helps us out a little. :)
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.