Jump to content

Session Time Out code behaving Badly?

drayarms

By drayarms
in PHP Coding Help

 Share

Recommended Posts

drayarms Regular Member

drayarms

Posted
Posted

I have the following session timeout code which should redirect users of a website to a page (session_expired.php) which prints out a message telling the user that his session has expired.  I include this code at the top of every page in the website, that requires user authentication.


<?php


//address error handling

ini_set ('display_errors', 1);
error_reporting (E_ALL & ~E_NOTICE);


if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800)) {
    // last request was more than 30 minates ago
    session_destroy();   // destroy session data in storage
    session_unset();     // unset $_SESSION variable for the runtime
    header("location: session_expired.php");
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp


?>

 

The session_expired.php page which I will include below, has a login link, which takes the user to a login page (access_denied.php)



<?php

//address error handling

ini_set ('display_errors', 1);
error_reporting (E_ALL & ~E_NOTICE);




//Set the page title before the header file
$title = 'Session Expired';

require ('header.php'); //need the header

?>









	      <div id="content" class="">



			<div id="left_content" class="">





			</div> <!--closes left content-->





			<div id="right_content" class="">

				<div id= "right_content_inner_border">


					<h5 style ="position:relative;left:660px;top:1px;"> <a style="text-decoration:none" href="access_denied.php">[Login]</a> </h5>


					<h3 style ="position:relative;left:110px;top:100px; font-color:blue;"> You Session Expired Due to Inactivity! </h3>


				</div> <!--closes right content inner border-->

			</div> <!--closes right content-->




		</div> <!--closes content-->
















<?php

require ('footer.php'); //need the footer




?>

 

 

 

Now here lies the problem.  When i set the session timeout to say 60 seconds to test the code, everything seems to work perfectly.  The authenticated page gets redirected to session_expired.php after 1 minute and when the user clicks on the login link, he is taken back to the login page(access_denied.php).    However, when I replace the time with 1800 seconds, the page notice that when I leave the page idle for JUST about 5 minutes, it gets redirected NOT even to the expected session_expired.php page but strangely, directly to the login page(access_denied.php).  What could be going wrong here?  Any hint is appreciated. 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.