Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to handle session in my website...

Status
Not open for further replies.
misterimran

misterimran

Programmer
May 13, 2002
19
0
0
PK
Hello,

I have been searching a lot to find a solution how to handle session in my web site developed in PHP.

All i want to do is:

1) Expire a session if user user's session is idle for like 2 minutes.
2) To verify on each page is the user is logged on proerly through login page.

I have to use session variables to perform this.

Can anyone pliz help me through code how to do this. I will be really greatful to you. I dont want to do this by the help of cookies.

Regards,

Imran Baig

 
Sort by date Sort by votes
Hi,

I mean i want to do this with the help of session variables.

Imran
 
Upvote 0 Downvote
This is the code i have found on a website to handle sessions.

function doodle(){
//Verify
if($_SESSION['expire'] > mktime())
{
unset($_SESSION['s_user_id']);
session_destroy();
}// End if
}
session_start();
doodle();
if (isset($_SESSION['s_user_id'])) {
// Members area code
//Initialize expire variable
$_SESSION['expire'] = mktime() + 60;
// Current time + 120 seconds
}
// end If
else {
echo("Session expired!");
// Login code
}

BUT it is showing session_expired as soon as i refresh the page the page though runs for the first time.

please help me out!

Imran
 
Upvote 0 Downvote
I think you have a minor logic flaw. The following code tests to see if the contents of the "expire" session variable are in the future - if so then logout:
Code: 
if($_SESSION['expire'] > mktime())
I think you should be checking to see if the contents are in the past (and therefore due for expiry). The following change should do the trick:
Code: 
if($_SESSION['expire'] [b][COLOR=red]<[/color][/b] mktime())
I'm sure someone with more experience than I will correct me if I am wrong, but the following function is probably a more complete way to destroy your session:
Code: 
/* function to completely destroy a session */
function logoutSession()
{
	/* clear the session array */
	$_SESSION = array();

	/* delete the session cookie (and not just the session data) */
	if (isset($_COOKIE[session_name()])) setcookie(session_name(), '', time()-42000, '/');

	/* Finally, destroy the session */
	session_destroy();
}

Cheers,
Jeff

[tt]Jeff's Page [/tt][tt]@[/tt][tt] Code Couch
[/tt]
 
Upvote 0 Downvote
Another not good thing is checking for session variables before the session was even initialized with session_start(). I guess it is possible you could be using session.auto_start but then I suppose you wouldn't be initializing the session a few lines lower.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mervgh
  • Locked
  • Question
My own custom error handler
Replies
1
Views
96
Chris Miller
Chris Miller
SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
120
SashaBuilder3
SashaBuilder3
rogerte
  • Locked
  • Question
How to parse associative array
Replies
13
Views
238
Chris Miller
Chris Miller
ersatz
  • Locked
  • Question
How to send 2 select from mysql database in email like tables
Replies
5
Views
152
ersatz
ersatz
EdLentz
  • Locked
  • Question
I need a simple example of how to send a table of info .
Replies
8
Views
146
EdLentz
EdLentz

Part and Inventory Search

Sponsor

Back
Top