Jump to content


Photo

is this true about sessions?


  • Please log in to reply
26 replies to this topic

#1 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 09:13 PM

is it true that sessions only last and dont expire until the user closes their browser or logs out?

#2 Jeremysr

Jeremysr
  • Members
  • PipPipPip
  • Advanced Member
  • 199 posts
  • LocationSaskatchewan, Canada

Posted 27 August 2006 - 09:18 PM

Yes, they expire after either closing the browser or if you use session_destroy().

#3 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 09:19 PM

what about $_SESSION = array(); ? doesnt that create the same effect?

#4 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 27 August 2006 - 09:24 PM

$_SESSION is already an array! So theres no point in redeclaring it as an array. What ever you do with sessions they will always expire when the user closes their browser, or if the user logs out.

#5 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 09:27 PM

ok and how do you make sessions logout automatically after a certain period of time.

#6 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 27 August 2006 - 09:28 PM

Also you need to use unset() and session_destroy();

not like advised just session_destroy as above last two posts said.

a session and cookie work together so when the user has cookies off the session it self takes over,

when a user leves the website the session will destroy and afther a while unset() it self in millisecons.

what are you trying to do please.

are users logedin?

EDITED BY WILDTEEN88: DO NOT DOUBLE POST USE THE MODIFY BUTTON (Posted Image)
Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#7 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 09:36 PM

is it ok to use session_regenerate_id(); when logging out?

#8 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 27 August 2006 - 09:39 PM

If you want to make the session expire, let's say, if someone is idling for a hour do this-
On every page add:
<?php
session_start();
if($_SESSION['birth']+(60*60)<time()){
session_destroy();
die("Please log in again");
}else{
$_SESSION['birth']=time();
}
?>

If someone refreshes the window after more than one hour of idling he's out.

Orio.
Think you're smarty?

(Gone until 20 to November)

#9 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 09:42 PM

If you want to make the session expire, let's say, if someone is idling for a hour do this-
On every page add:

<?php
session_start();
if($_SESSION['birth']+(60*60)<time()){
session_destroy();
die("Please log in again");
}else{
$_SESSION['birth']=time();
}
?>

If someone refreshes the window after more than one hour of idling he's out.

Orio.


thanks will try that :D

#10 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 27 August 2006 - 09:48 PM

But what about if a user is using the website for 2 hours they can not as there out.
Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#11 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 09:48 PM

<?php
session_start();
if ( $_SESSION['birth']+(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now AND logged_in = 0 WHERE alias='$ses_user'");
session_destroy();
die("Please log in again");
} else {
$_SESSION['birth']=time();
}
?>

can that work?

#12 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 27 August 2006 - 09:55 PM

<?php
session_start();
if ( $_SESSION['ses_user']+(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now AND logged_in = 0 WHERE alias='$ses_user'");
session_destroy();
die("Please log in again");
} else {
$_SESSION['ses_user']=time();
}
?>

Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#13 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 09:59 PM

ah ok

#14 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 10:03 PM

i dont think it works. here's my code:
<?php
session_start();
// Session Definitions
$ses_user = $_SESSION['username'];
$session_id = session_id();  
$now = time();

if ( $_SESSION['username']+(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now, logged_in = '0' WHERE alias='$ses_user'");
session_unset();
session_destroy();
$_SESSION = array();
echo "You have been logged out due to inactivity. <br /><a href='modules.php?name=cpanel'>Log back in</a> - <a href='index.php'>Go to index</a>";
} else {
$_SESSION['username']=time();
}
?>

it just echo's this at the very top left of the page:

You have been logged out due to inactivity.
Log back in - Go to index


any idea why?

edit oh and even with the right username and password information, i cant login.

#15 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 27 August 2006 - 10:13 PM


try this ok.
<?php
session_start();
// Session Definitions
$ses_user = $_SESSION['username'];
$session_id = session_id();  
$now = time();

if ( $ses_user +(60*60)<time() ) {
$query = mysql_query("UPDATE `$table_users` SET last_action = $now, logged_in = '0' WHERE alias='$ses_user'");
session_unset();
session_destroy();
echo "You have been logged out due to inactivity. <br /><a href='modules.php?name=cpanel'>Log back in</a> - <a href='index.php'>Go to index</a>";
} else {
$ses_user=time();
}
?>

Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#16 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 11:17 PM

no didnt help. produces the same thing.

#17 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 11:23 PM

cant i just set the phpsessid session cookie to expire somehow?

#18 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 11:26 PM

is this valid?:
setcookie("PHPSESSID",$PHPSESSID,time()+3600);

#19 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 27 August 2006 - 11:26 PM

show me the way you set the session when a user logs in ok.
Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#20 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 11:29 PM

ok,
<?php
   		   if($error == '') 
   		   {
      	   $data = mysql_fetch_array($result);
		   $_SESSION['username'] = $data['username'];
      	   $libmysql->query("UPDATE `$table_users` SET last_seen='$date', logged_in = '1' WHERE alias='$ses_user'");
           echo '<meta http-equiv="Refresh" Content="0; URL=modules.php?name=cpanel&action=profile">';
           die();
   	  	   } 
	       else 
		   {
	       echo 'The following errors were returned:<br />'.$error.'<br />';
   		   }
		}
?>





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users