flipper828 Posted April 28, 2014 Share Posted April 28, 2014 Hello Pros! I have set up a secure login page. Here's what I need: When a user times out and then refreshes the page, I want the system to take them back to a login page within the formatting and styling I have set for the rest of the website. My problem: One page works exactly as I want it to work. However, every other page displays the page with just my header and footer and the message I have set up in the session check. I hope I am describing this correctly. Here is the time out script on the top of my index.php. I have the time set to 5 minutes for testing purposes. I will lengthen this after I get it to work properly. <?php session_start(); ?> <?php if (isset($_SESSION['time'])) { $current = strtotime(date("Y-m-d H:i:s")); $login = $_SESSION['time']; $active = $current - $login; if ($active > 300) { unset($_SESSION['time']); unset($_SESSION['flusers']); } } else { $_SESSION['time'] = strtotime(date("Y-m-d H:i:s")); } ?> Here is the page that works properly. In other words, after the time out, the user is directed back to the login page. <?php if (!isset($_SESSION['lnusers'])) { echo "<h2>Sorry, you have not logged into the system</h2>\n"; echo "<a href=\"index.php\">Please login</a>\n"; } else { echo "<div id=\"wrapper\"> <div id=\"ccontent\"> <div id=\"cleftcolumn\"> <p>RESOURCE<br />CENTER</p> <br /> <br /><br /> <table width=\"100%\" cellpadding=\"3\"> <tr> <td> <h3 style=\"color:#042252;\">Welcome! </h3> <br /> <br /> </td> </tr> <tr><td><strong><a href=\"index.php?content=main\">Resource Center Home</a></strong></td></tr> <tr><td><a href=\"index.php?content=contactus\"><strong>Contact Us</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=holidayschedule\"><strong>Holiday Schedule</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=verdochome\"><strong>Lincoln Documents</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=ugitems\"><strong>Lincoln Group Items Board</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=lnnews\"><strong>Lincoln Group News Listing<strong></a></td></tr> </table> </div> <div id=\"crscrollArea\">\n"; $loginid = $_SESSION['flusers']; $query = "SELECT name FROM lnusers WHERE loginid = '$loginid'"; $result=mysql_query($query); $row=mysql_fetch_array($result, MYSQL_ASSOC); $name = $row['name']; echo "<h2>Welcome, $name</h2><br />\n"; $date = date("l, F j, Y"); echo "<h2>Today's date: $date</h2><br />\n"; echo "<table width=\"100%\" border=\"0\"> <tr> <td><hr size=\"1\" noshade=\"noshade\"></td> </tr> <tr> <td><h4>Breaking News!</h4><br /></td> </tr> <tr> <td> <a style=\"font-size:10pt; color:#042252;\" href=\"index.php?content=newsItems/Lincoln\">Licoln</a></p><br /> </td> </tr> <tr> <td> <a style=\"font-size:10pt; color:#042252;\" href=\"index.php?content=newsItems/socialupdate\">Social Update</a></p><br /> </td> </tr> </table> </div> </div> </div>\n"; } ?> And here is the page that will not behave. For some reason, after this page times out and the page is refreshed, it throws out all the formatting and styles and displays "Sorry, you have not logged into the system". "Please login" is a link that leads back to the login page. <?php if (!isset($_SESSION['lnusers'])) { echo "<h2>Sorry, you have not logged into the system</h2>\n"; echo "<a href=\"index.php\">Please login</a>\n"; } else { echo "<div id=\"wrapper\"> <div id=\"ccontent\"> <div id=\"cleftcolumn\"> <p>RESOURCE<br />CENTER</p> <br /> <br /><br /> <table width=\"100%\" cellpadding=\"3\"> <tr> <td> <h3 style=\"color:#042252;\">Welcome! </h3> <br /> <br /> </td> </tr> <tr><td><strong><a href=\"index.php?content=main\">Resource Center Home</a></strong></td></tr> <tr><td><a href=\"index.php?content=contactus\"><strong>Contact Us</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=holidayschedule\"><strong>Holiday Schedule</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=verdochome\"><strong>Lincoln Documents</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=ugitems\"><strong>Lincoln Group Items Board</strong></font></a></td></tr> <tr><td><a href=\"index.php?content=lnnews\"><strong>Lincoln Group News Listing<strong></a></td></tr> </table> </div> <div id=\"crscrollArea\"> <p><span style=\"color:#9C2431;font-size:16px;\"><strong>Holiday Schedule</strong></span></p><br /><br /> <table width=\"100%\" cellpadding=\"1\"> <td> </td> </tr> <tr> <td><p>New Years</p></td> <td><p>Tuesday December 31, 2013 & Wednesday January 1, 2014</p></td> </tr> <tr> <td><p>President's Day</p></td> <td><p>Monday, February 17, 2014</p></td> </tr> <tr> <td><p>Memorial Day</p></td> <td><p>Monday, May 26, 2014</p></td> </tr> <tr> <td><p>Independence Day</p></td> <td><p>Friday, July 4, 2014</p></td> </tr> <tr> <td><p>Labor Day</p></td> <td><p>Monday, September 1, 2014</p></td> </tr> <tr> <td><p>Thanksgiving</p></td> <td><p>Thursday & Friday, November 27 & 28, 2014</p></td> </tr> <tr> <td><p>Christmas</p></td> <td><p>Wednesday, Thursday & Friday December 24, 25 & 26, 2014</p></td> </tr> <tr> <td><p>New Year's</p></td> <td><p>Wednesday December 31, 2013 & Thursday January 1, 2015</p></td> </tr> </table> </div> </div> </div>\n"; } ?> If you need anything else, let me know. Thank you for you time and expertise ahead of time. flipper828 Quote Link to comment https://forums.phpfreaks.com/topic/288094-on-time-out-go-back-to-a-specific-page/ Share on other sites More sharing options...
Solution Psycho Posted April 28, 2014 Solution Share Posted April 28, 2014 First off, that is not how you manage session timeout. You should not need to include any code to manage the session timeout period - it is configured on the server. So, you would only need to check if the session value you set at login still exists. If yes, they are still within the session timeout period. If not, the session has expired and you can redirect to the login page. Looking at the two 'pages' I can't see anything that jumps out at me, but there are plenty of reasons why you may be getting those results that would be due to code outside of what you have posted (e.g. is the same style sheet being used). I say, make your life easier and instead of trying to put the code for the login message on all the pages, simply put a redirect to the page. Then you know that it will always display the same. In fact, I would simply redirect them to the login page and, optionally, display the error that the timed out. if(!isset($_SESSION['lnusers'])) { header("Location: http://mysite.com/login.php?error); exit(); } Then on the login page you already have you could have an error displayed if they were redirected there due to the session not existing if(isset($_GET['error'])) { echo "<h2>Sorry, you have not logged into the system</h2>\n"; } Quote Link to comment https://forums.phpfreaks.com/topic/288094-on-time-out-go-back-to-a-specific-page/#findComment-1477559 Share on other sites More sharing options...
flipper828 Posted April 28, 2014 Author Share Posted April 28, 2014 Thank you, Pyscho. I actually learned that time out script from an intro to php class. I just assumed it was correct. Shame on me for assuming!!! Your answer seems a lot easier than what i'm doing now. So now I will do some research on how to configure a time out on the server. Thank you again. Quote Link to comment https://forums.phpfreaks.com/topic/288094-on-time-out-go-back-to-a-specific-page/#findComment-1477569 Share on other sites More sharing options...
Jacques1 Posted April 29, 2014 Share Posted April 29, 2014 The session lifetime of PHP is not a timeout. This is a misunderstanding. When you set the lifetime to, say, 15 minutes, it does not mean that sessions only last 15 minutes. It means that if a session isn't accessed for 15 minutes, the next session garbage collector run may remove it. The garbage collector is invoked with a certain probability (typically 1%) by session_start(). That means there's no definite time limit for the sessions. They can last forever if the user constantly accesses them. Otherwise, they will be removed at some point in time depending on the probability setting and the number of requests you get. The lifetime is merely a cleanup mechanism for the session storage. It doesn't help you at all in your case. If you want a session timeout, you need to implement it yourself as you did above. Quote Link to comment https://forums.phpfreaks.com/topic/288094-on-time-out-go-back-to-a-specific-page/#findComment-1477574 Share on other sites More sharing options...
Clarkey Posted April 30, 2014 Share Posted April 30, 2014 Remember to include session_start(); on every page that works with sessions! Quote Link to comment https://forums.phpfreaks.com/topic/288094-on-time-out-go-back-to-a-specific-page/#findComment-1477697 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.