Jump to content

Set Expire Time on session

Dillon

By Dillon
in PHP Coding Help

 Share

Recommended Posts

Dillon Newbie

Dillon

Posted
Posted

Hello, I have a website which contains a login section. When the user logs into the website, it creates a session, and inserts into the database "true" at their name to show that they are logged in. Is there a way to make the session expire after 2 hours after the user logs in? And also make the database field "False", so they are not logged in anymore? I am having an issue when the users dont click the "logout button" and just close their web browser... They stay logged in by the database record, and the session dosent expire... Does anyone have suggestions how to fix this? Thanks!

 

-Flightfanatic

Link to comment
https://forums.phpfreaks.com/topic/187147-set-expire-time-on-session/
Share on other sites
premiso Regular Member

premiso

Posted
Posted

Using session_set_cookie_params should allow you to make the session last longer.

 

You should also be able to change this in the php.ini if you are able to so you do not have to have that code in there before the session_start each time.

 

 

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

To update the value in your database to automatically log someone out, you need to execute a query that tests the 'last active time' each logged in member and changes the 'logged in' status to FALSE in the table for any rows that have a 'last active time' farther in the past then a limit you pick.

 

You can either execute this query using a cron job/scheduled task or if neither of those methods are available and you already have 'who's online' code that gets executed on each page visit, you can modify that code to update the 'logged in' status as one of the things it does.

 

It should not matter if the session exists or not because you should be checking the 'logged in' status in the database table (assuming you have or want the ability for an administrator to have overriding control in case a member is spamming your web site...) A session, if it exists, should just identify the visitor, not determine if he is logged in or not.

Dillon Newbie

Dillon

Posted
  • Author
Posted

Oh ok, I have it update the database when the user clicks the logout button, but if they just close their browser window, they stay logged in. I tried updating the php.ini file where

"session.gc_maxlifetime = 1440", I tried changing that to 60 but it didnt do anything... I might just leave my login part the way it is. I am getting way over my head with this stuff.

 

-Flightfanatic

ignace Advanced Member

ignace

Posted
Posted

Alternatively you can store your session's in the database along with the username. If a record exists the user is indicated to be online. Store his last_click_at and last_click_url and you can even indicate at what he is currently looking if a user is idle for to long (last_click_at + max_idle_time < now()) remove his record.

 

Alternate options by using a database:

- remote logoff

- check double logon

 

You can store session's in your database by using session_set_save_handler

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.