Jump to content


Photo

is this true about sessions?


  • Please log in to reply
26 replies to this topic

#21 radar

radar
  • Members
  • PipPipPip
  • Advanced Member
  • 645 posts
  • LocationSLC

Posted 27 August 2006 - 11:36 PM

[code][code][/code]See thats where he's having the problem his $_SESSION['username'] is obviously the username and not a timestamp created from time()....

so if you switch it back to the $_SESSION['birth'] and declare it by doing 
session_register('birth');
$_SESSION['birth'] = time();
 you would then be able to use the original code of:
[/CODE]
<?php
session_start();
if($_SESSION['birth']+(60*60)<time()){
session_destroy();
die("Please log in again");
}else{
$_SESSION['birth']=time();
}
?>

I do it like this..

<?php
// all of this at the beginning of code after a database connection has been made.
$sql = "SELECT * FROM users WHERE alias = '$username'";
$sql = mysql_query($sql);
$row = mysql_fetch_assoc($sql);

if ($row['last_activity'] <= time()-3600) {
$query = mysql_query("UPDATE users SET logged_in = '0' WHERE alias='$ses_user'");
session_unset();
session_destroy();
echo "You have been logged out due to inactivity. <br /><a href='modules.php?name=cpanel'>Log back in</a> - <a href='index.php'>Go to index</a>";
} else {
$query = mysql_query("UPDATE users SET last_activity = time() WHERE alias='$ses_user'");
}
?>

what that code should do is first set up an array of everything in the users table for the user -- that way you can use it anywhere throughout the page.. or if your using a templating engine anywhere throughout the site...

Then it will check to see if the last_activity is equal to or less than current time minus 3600 seconds (1 hour)  If it is -- then delete the session -- if it isnt -- update the last_activity to the current time to refresh the limit..

#22 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 27 August 2006 - 11:43 PM

ok cool, how do i make the time minus 5 minutes so if their idle for 5 mins their ses gets deleted

#23 radar

radar
  • Members
  • PipPipPip
  • Advanced Member
  • 645 posts
  • LocationSLC

Posted 27 August 2006 - 11:46 PM

time() - 60 * 5

also you might have to put exit(); after the end of the echo when the session is destroyed to make it so it stops right there....

#24 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 28 August 2006 - 12:58 AM

wouldnt die(); be more effective?

#25 radar

radar
  • Members
  • PipPipPip
  • Advanced Member
  • 645 posts
  • LocationSLC

Posted 28 August 2006 - 01:08 AM

I suppose you could use that too..  but exit(); does the same thing...

#26 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 28 August 2006 - 01:31 AM

die is more powefull then exit i was told.
Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#27 radar

radar
  • Members
  • PipPipPip
  • Advanced Member
  • 645 posts
  • LocationSLC

Posted 28 August 2006 - 02:20 AM

It probably is -- though I rarely use die -- except for when I am doing a necessary exit such as if i cant connect to the database then die("output an error"); in which case this could work in this statement -- just take out the echo and replace the string you are echoing in the die clause...

so like

die ("a lot of html goes here");

but exit would produce the same outcome either way..  I myself have never had a problem with my exit clause working or something slipping past it...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users