Jump to content

Help: logout after idle X minutes


Recommended Posts

i'm working on a login system.. and I was wondering... how's the best way to make sure the user get's automaticly logged out after, let's say 5 minutest idle?


i have a function called authUser() where I check cookies against the database... should I insert a code in there that sais somthing like this?



if ($dbField['logintime'] > strtotime(5 minutes ago)) {

// Delete all cookies and clear all login info in database

} else {

// Update the timestamp in the database.




i'm not sure about the strtotime().. haven't used it to much, but from what I've read on this forum it should work...

and what type of timestamp should I use in the database? ... DATETIME or TIME?


Thanks In Advance

- Clown

Link to comment
Share on other sites

well.. I have the authUser() function in a file called func_login.php and I run the authUser() function on top of every single file that is used in the admin area of the site... just in case someone tries to run the file directly, which means they're maybe trying to hack it....

Link to comment
Share on other sites

you could yes, have them be 'logged out' after 5 minutes, however they wouldn't actually KNOW they were logged out until they tried to visit another page or refresh. This is where AJAX script can come in. You can set a timer to check every so often, and then log them out after an amount of time they stay idle on one page.  Prototype has a timer ability that can do this.

Link to comment
Share on other sites

hmm... sounds interesting... but I'm still learning php and mysql... so another language on top of this would confuse me :D but thanks for the info... I'll check it out when I feel safer on php and mysql :)


i do have another question tho... I change the logintime field to TIMESTAMP... and I use date("YmdHis") to update it... but it still appears as Y-m-s H:i:s in the database... why is that? is it supposed to do that or have I messed something up?

Link to comment
Share on other sites

ok.. from what I understand... I can add something like this in my authorization code?


if (isset($_SESSION['idle']) {
$_SESSION['idle'] = "blabla";
} else {
header("Location: login.php");


am i right?

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.