473,396 Members | 1,666 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > session exparation - how?

Join Bytes to post your question to a community of 473,396 software developers and data experts.

SESSION EXPARATION - HOW?

I am creating sessions using the session_start() function.
I use sessions to for sign in process.

// auth.php
include_once 'common.php';
include_once 'db.php';
dbConnect("corporate");
// start session
session_start();

// convert username and password from _POST or _SESSION
if($_POST){
$_SESSION['username']=$_POST["username"];
$_SESSION['password']=$_POST["password"];
}

// query for a user/pass match
$result=mysql_query("select * from users
where username='" . $_SESSION['username'] . "' and password='" .
$_SESSION['password'] . "'");

// retrieve number of rows resulted
$num=mysql_num_rows($result);

// print login form and exit if failed.
if($num < 1){

echo "<center><BR><BR>You are not authenticated. Please login.<br><br>
<form method=POST action=main.php>
username: <input type=text name=\"username\"> <BR>
password: <input type=password name=\"password\"> <BR>
<input value=login type=submit>
</form></center>";

exit;
}
$Firstname = mysql_result($result,0,'FirstName');
$Lastname = mysql_result($result,0,'Lastname');
$phonenumber = mysql_result($result,0,'phonenumber');

mysql_close();
?>
The problem is that when user logs in without login off (where the
session is killed) he can access the page even the second day.

How do I set the session to expire for some time of inactivity.

Bart,
Jul 17 '05 #1
1 1512
>The problem is that when user logs in without login off (where the
session is killed) he can access the page even the second day.

How do I set the session to expire for some time of inactivity.


When the user logs in successfully, set $_SESSION['login_time'] to
the current time.

When the user accesses a page, check whether $_SESSION['login_time']
is more recent than the current time minus the timeout interval.
If so, it's a valid session. If not, he's no longer logged in
(session has expired), treat it as if there was no session and
redirect to the login page.

You may want to set $_SESSION['login_time'] to the current time on
EVERY page after determining that the user has a valid login. That
way the user can stay logged indefinitely as long as he keeps
clicking, but if he stops for a while, the session expires.

Incidentally, there's nothing magic about the name 'login_time'.
You can use any name for it.

Gordon L. Burditt
Jul 17 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
Passing SESSION Data
by: Paul | last post by:
Hmmm, didn't seem to work. I have set session.use_cookies = 1 and session.use_trans_sid = 1 in my php.ini file. Index.php contains:...
PHP
27
Reality Check: Session Hijacking
by: mrbog | last post by:
Tell me if my assertion is wrong here: The only way to prevent session hijacking is to NEVER store authentication information (such as name/password) in the session. Well, to never authenticate...
PHP
2
Session troubles in IE, not Mozilla :(
by: Damien | last post by:
Hi to all, I'm currently re-designing our intranet : nice and lean CSS2, cleaned-up PHP 4.3.7, better-normalized MySQL ;o). So I've started using the $_SESSION variable instead of register_globals...
PHP
13
$_SESSION problem - page reload creates new Session ID
by: Mimi | last post by:
Hello, I am having trouble using the session vars in PHP 4.3.9 OS: Win XP Prof Web Server IIS (is local and there are no links to other servers from the web pages I work on) Browser: IE 6.0 ...
PHP
0
custom user session handler + PHPSESSID in cookie
by: joseph conrad | last post by:
Hi, I tried to implement my own session handler in order to keep control on the process the drawback I foun it is not creating and storing in my cookie the PHPSESSID variable anymore. reading te...
PHP
14
Session variable trouble
by: aroraamit81 | last post by:
Hi, I am facing a trouble. I have some Session variables in my code and somehow my session variables are getting mixed up with other users. For example User A has access to 10 companies and...
ASP.NET
7
Session Conflict
by: aroraamit81 | last post by:
Well Guys, Here is a very strange trouble. When more than one users request tto same page at the same time then our session gets conflicted. Moreover I printed my SessionID, strangely but true I...
ASP.NET
1
Retrive data from session variables
by: Santosh | last post by:
Dear All i am writting a code sending mail with attachement. i am writting code for sending mail in one page and code for attaching a file in the next page. aftet attaching a file i am taking...
ASP.NET
5
session issues
by: lyealain | last post by:
<% If Session("username") = "" Then Response.Redirect("/CLS/Login.asp") End If Dim conn Dim connectstr Dim db_name, db_username, db_userpassword Dim db_server Dim res
ASP / Active Server Pages
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!