Session Timeout question

Session Timeout question

am 16.04.2010 20:52:16 von Karl DeSaulniers

--Apple-Mail-1--1068523068
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed

What is the best way to set a user timeout on a session?
Say if the user steps away from their computer for say 5 min,
and they come back to the page they were on, I want when the user
clicks something
for the session to kick them off and redirect to login saying their
session has timed out.
I have this code currently:


/*Users timout*/
function getIdle(){
global $database;
if($this->isGuest()) {
if (!isset($_SESSION['timeout_idle'])) {
$_SESSION['timeout_idle'] = time() + GUEST_TIMEOUT;
} else {
if ($_SESSION['timeout_idle'] < time()) {
//destroy session
return(true);
} else {
$_SESSION['timeout_idle'] = time() + GUEST_TIMEOUT;
return(false);
}
}
} else {
if (!isset($_SESSION['timeout_idle'])) {
$_SESSION['timeout_idle'] = time() + USER_TIMEOUT;
} else {
if ($_SESSION['timeout_idle'] < time()) {
//destroy session
return(true);
} else {
$_SESSION['timeout_idle'] = time() + USER_TIMEOUT;
return(false);
}
}
}
}

But it doesn't time anything out.. I could walk away for an hour and
come back and go to a link.
TIA,


Karl DeSaulniers
Design Drumm
http://designdrumm.com


--Apple-Mail-1--1068523068--

Re: Session Timeout question

am 19.04.2010 02:06:11 von dmagick

Karl DeSaulniers wrote:
> What is the best way to set a user timeout on a session?
> Say if the user steps away from their computer for say 5 min,
> and they come back to the page they were on, I want when the user clicks
> something
> for the session to kick them off and redirect to login saying their
> session has timed out.
> I have this code currently:
>
>
> /*Users timout*/
> function getIdle(){
> global $database;
> if($this->isGuest()) {
> if (!isset($_SESSION['timeout_idle'])) {
> $_SESSION['timeout_idle'] = time() + GUEST_TIMEOUT;
> } else {
> if ($_SESSION['timeout_idle'] < time()) {
> //destroy session
> return(true);
> } else {
> $_SESSION['timeout_idle'] = time() + GUEST_TIMEOUT;
> return(false);
> }
> }
> } else {
> if (!isset($_SESSION['timeout_idle'])) {
> $_SESSION['timeout_idle'] = time() + USER_TIMEOUT;
> } else {
> if ($_SESSION['timeout_idle'] < time()) {
> //destroy session
> return(true);
> } else {
> $_SESSION['timeout_idle'] = time() + USER_TIMEOUT;
> return(false);
> }
> }
> }
> }
>
> But it doesn't time anything out.. I could walk away for an hour and
> come back and go to a link.
> TIA,

Firstly - is it getting into this function (yep I ask stupid questions)?
Which branch is it taking (guest or user)?

What values are USER_TIMEOUT and GUEST_TIMEOUT?

--
Postgresql & php tutorials
http://www.designmagick.com/


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php