Jump to content

is this true about sessions?

newb

By newb
in PHP Coding Help

Recommended Posts

redarrow Advanced Member

redarrow

Posted
Posted
Also you need to use unset() and session_destroy();

not like advised just session_destroy as above last two posts said.

a session and cookie work together so when the user has cookies off the session it self takes over,

when a user leves the website the session will destroy and afther a while unset() it self in millisecons.

what are you trying to do please.

are users logedin?

[b]EDITED BY WILDTEEN88: DO NOT DOUBLE POST USE THE MODIFY BUTTON ([IMG]http://www.phpfreaks.com/forums/Themes/default/images/icons/modify_inline.gif[/img])[/B]
Orio Member

Orio

Posted
Posted
If you want to make the session expire, let's say, if someone is idling for a hour do this-
On every page add:
[code]<?php
session_start();
if($_SESSION['birth']+(60*60)<time()){
session_destroy();
die("Please log in again");
}else{
$_SESSION['birth']=time();
}
?>[/code]

If someone refreshes the window after more than one hour of idling he's out.

Orio.
newb Advanced Member

newb

Posted
  • Author
Posted
[quote author=Orio link=topic=105855.msg422975#msg422975 date=1156714749]
If you want to make the session expire, let's say, if someone is idling for a hour do this-
On every page add:
[code]<?php
session_start();
if($_SESSION['birth']+(60*60)<time()){
session_destroy();
die("Please log in again");
}else{
$_SESSION['birth']=time();
}
?>[/code]

If someone refreshes the window after more than one hour of idling he's out.

Orio.
[/quote]

thanks will try that :D
newb Advanced Member

newb

Posted
  • Author
Posted
[code=php:0]
<?php
session_start();
if ( $_SESSION['birth']+(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now AND logged_in = 0 WHERE alias='$ses_user'");
session_destroy();
die("Please log in again");
} else {
$_SESSION['birth']=time();
}
?>
[/code]

can that work?
redarrow Advanced Member

redarrow

Posted
Posted
[code]
<?php
session_start();
if ( $_SESSION['ses_user']+(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now AND logged_in = 0 WHERE alias='$ses_user'");
session_destroy();
die("Please log in again");
} else {
$_SESSION['ses_user']=time();
}
?>
[/code]
newb Advanced Member

newb

Posted
  • Author
Posted
i dont think it works. here's my code:
[code]
<?php
session_start();
// Session Definitions
$ses_user = $_SESSION['username'];
$session_id = session_id(); 
$now = time();

if ( $_SESSION['username']+(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now, logged_in = '0' WHERE alias='$ses_user'");
session_unset();
session_destroy();
$_SESSION = array();
echo "You have been logged out due to inactivity. <br /><a href='modules.php?name=cpanel'>Log back in</a> - <a href='index.php'>Go to index</a>";
} else {
$_SESSION['username']=time();
}
?>
[/code]

it just echo's this at the very top left of the page:
[quote]You have been logged out due to inactivity.
Log back in - Go to index[/quote]

any idea why?

[b]edit[/b] oh and even with the right username and password information, i cant login.
redarrow Advanced Member

redarrow

Posted
Posted

try this ok.
[code]
<?php
session_start();
// Session Definitions
$ses_user = $_SESSION['username'];
$session_id = session_id(); 
$now = time();

if ( $ses_user +(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now, logged_in = '0' WHERE alias='$ses_user'");
session_unset();
session_destroy();
echo "You have been logged out due to inactivity. <br /><a href='modules.php?name=cpanel'>Log back in</a> - <a href='index.php'>Go to index</a>";
} else {
$ses_user=time();
}
?>
[/code]
newb Advanced Member

newb

Posted
  • Author
Posted
ok,
[code]<?php
    if($error == '')
    {
        $data = mysql_fetch_array($result);
  $_SESSION['username'] = $data['username'];
        $libmysql->query("UPDATE `$table_users` SET last_seen='$date', logged_in = '1' WHERE alias='$ses_user'");
          echo '<meta http-equiv="Refresh" Content="0; URL=modules.php?name=cpanel&action=profile">';
          die();
      }
      else
  {
      echo 'The following errors were returned:<br />'.$error.'<br />';
    }
}
?>
[/code]
radar Regular Member

radar

Posted
Posted
[code][code][code][/code]See thats where he's having the problem his $_SESSION['username'] is obviously the username and not a timestamp created from time()....

so if you switch it back to the $_SESSION['birth'] and declare it by doing
session_register('birth');
$_SESSION['birth'] = time();
you would then be able to use the original code of:
[/CODE]
<?php
session_start();
if($_SESSION['birth']+(60*60)<time()){
session_destroy();
die("Please log in again");
}else{
$_SESSION['birth']=time();
}
?>
[/CODE]

I do it like this..

[CODE]
<?php
// all of this at the beginning of code after a database connection has been made.
$sql = "SELECT * FROM users WHERE alias = '$username'";
$sql = mysql_query($sql);
$row = mysql_fetch_assoc($sql);

if ($row['last_activity'] <= time()-3600) {
$query = mysql_query("UPDATE users SET logged_in = '0' WHERE alias='$ses_user'");
session_unset();
session_destroy();
echo "You have been logged out due to inactivity. <br /><a href='modules.php?name=cpanel'>Log back in</a> - <a href='index.php'>Go to index</a>";
} else {
$query = mysql_query("UPDATE users SET last_activity = time() WHERE alias='$ses_user'");
}
?>
[/CODE]

what that code should do is first set up an array of everything in the users table for the user -- that way you can use it anywhere throughout the page.. or if your using a templating engine anywhere throughout the site...

Then it will check to see if the last_activity is equal to or less than current time minus 3600 seconds (1 hour)  If it is -- then delete the session -- if it isnt -- update the last_activity to the current time to refresh the limit..

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.