JoelRocks Posted August 17, 2007 Share Posted August 17, 2007 Hey guys, i have been using the tutorial on here to get this far, but i cannot work out what to do next, i wanted to create a system that allows the user to login for 30 minutes and then their session ends, they have to login again... This is the code that i have used so far, all working thanks to other guys on the forums: ?php $hostname= "localhost"; $user= "remotepa_framewo"; $password = ""; $username = trim($_POST["ipt_Username"]); $user_password = sha1($_POST["ipt_Password"]); if ($_POST["ipt_Username"] == "") { ?> <p> Please enter your user details. </p> <form action="login.php" method="POST" > Username <br /> <input type="text" name="ipt_Username"> <br /> Password <br /> <input type="text" name="ipt_Password"> <br /> <input type="submit" value="Login"> </form> <? } else { $conn = @mysql_connect( $hostname, $user, $password ) or die ("Could not connect to server"); $db = @mysql_select_db("remotepa_framework", $conn) or die ("Could not connect to database"); $sql = "SELECT * FROM users WHERE username=\"$username\" and password = \"$user_password\""; $result = @mysql_query( $sql, $conn) or die ("Could not execute query"); $num = mysql_numrows($result); if ($num != 0) { session_start(); session_register('username'); session_register('password'); $sess_id = session_id(); header("Location: index.php?PHPSESSID=$sess_id&new_login=1"); echo ("User Exists"); } else { echo ("User does not exist"); } } ?> Thanks Joel Quote Link to comment Share on other sites More sharing options...
megafu Posted August 17, 2007 Share Posted August 17, 2007 cant you use a cookie with the time set to 30 mins? i dont know much but i helped . Quote Link to comment Share on other sites More sharing options...
dbo Posted August 17, 2007 Share Posted August 17, 2007 The problem with cookies is that users can turn off cookies and then bypass this system. What you could do is set a session variable when they initially visit/login to the time they logged in. Then each time they try to access a page you subtract the current time from the time they logged in if this exceeds 30 minutes you clear their session, logged them out and send them back to start over Quote Link to comment Share on other sites More sharing options...
JoelRocks Posted August 18, 2007 Author Share Posted August 18, 2007 Problem solved, Thanks dude Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.